Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

GIV, is your mainform doesn't have any GUI components or texts ? I popup open your protected app. just in an easy way. see below.

Untitled.png.78a9347ed664a5605d9aed118b5de42c.png

  • 3 months later...
  • Replies 59
  • Views 50k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Copy shfolder.dll to exe folder Use keygen.exe to calculate the registration code     It may not be perfect for the time being   Patch_And KeyGen.zip

  • This patch is generated by Baymax Patch Tools. The patch tool is still being tested. After the test is completed, upload and download the link after the known bug is repaired. pass:tuts4you.com

  • Perhaps bypassing the registration box is a convenient way to open the software, but there seems to be other protections . This is the DLL patch I created and a short video. DLL_Video.rar

Posted Images

Very interesting protection here.
bp breakpoints are detected; any change to enigma code section is detected.
The serial check is sometimes this:
0185E1F4    C2 0800         RETN 0x8 ; here is eax should be 1 not 0
0185E1F7    68 22FBE3BB     PUSH 0xBBE3FB22
0185E1FC  ^ E9 33C8CFFE     JMP Enigma_6.0055AA34
I don't know what's is going on.
 

Edited by CodeExplorer

1 hour ago, CodeExplorer said:

bp breakpoints are detected; any change to enigma code section is detected.

what anti-dbg plugins are you using?  what dbg engine

  • 1 month later...
On 7/20/2021 at 4:48 PM, GIV said:

Enigma Protector v6.9


I have protected a simple file with the Enigma Protector 6.9. Try to unpack.

For a skilled reverser will not be as hard as it seems.

HWID: A7707-65A71-43529-A59E1-41C2F-C5AA0-EB308-3F774
Name: tuts4you
Key: BG8QC4UMZW3QMTH99U6ZTF8FJJNDAPKY5E2XNL3CMHRVUMLSB2QWRBSYBGF4RNHX7WC26W2GQMNBNPUU3YUTDXDS387A2UURMUVJ88P5PPC9ZCEQHFHW4J6ZQRAK7GW6DRK4QH4CGCEQM7F9K39J89S4CRARX3L3LPABBXU23M8QXP6A85L2CZFJZF66KF5NFTZ557872DA3

 


 

Unpacked with hight size on adding VM with Enigma section.

For the question all info is on this board thanks.

Enigma 6.9 - protected.rar

Edited by TRISTAN Pro

9 hours ago, TRISTAN Pro said:

为什么绕过注册后应用程序会出现然后消失并退出?

对于这个问题,所有信息都在这个板上,谢谢。注释(8).png.698a614e3e4d5ba83181c368bbb83dac.png

Enigma 6.9 - 受保护.rar 2.52MB · 11 次下载

VFP9RENU.DLL

vfp9r.dll---What is it for?

11 hours ago, kuazi GA said:

VFP9RENU.DLL

vfp9r.dll---What is it for?

Dll extract in the exe.

Edited by TRISTAN Pro
Response

On 10/2/2023 at 7:36 PM, CodeExplorer said:

@jackyjaskИзползвам SHADOW_FOR_ENIGMA olly debugger: https://workupload.com/file/YpxC9XhHEze
 

it's permanent encryption, but i don't know how to patch hwid perfectly. The Chinese have a tutorial for this, but it's no longer available... They also have script and a patching  tool for new version , but won't share them here.

Edited by azufo

2023_11.10-06_09_27.png.79effab6a0dcb48a351260b6511a4d69.png

 

PS  "Do not modify the machine code at the virtual machine entry point as it will trigger the CRC check."🙂

22 hours ago, kuazi GA said:

2023_11.10-06_09_27.png.79effab6a0dcb48a351260b6511a4d69.png

 

PS  "Do not modify the machine code at the virtual machine entry point as it will trigger the CRC check."🙂

yea this is very clear for me, but where to find the correct routine..

give some help 

You need to patch HWID because it uses constant encryption to the one provided by giv....

then you can either calculate the password md5 hash to get (tuts4you.com) or you can bypass the "invalid password" check.

op.png

After that, you can register it.

@TRISTAN Pro

--

Edited by X0rby
No problems in public, let's talk pm

😁😇

Edited by TRISTAN Pro
Ok

On 11/11/2023 at 11:39 PM, X0rby said:

You need to patch HWID because it uses constant encryption to the one provided by giv....

then you can either calculate the password md5 hash to get (tuts4you.com) or you can bypass the "invalid password" check.

op.png

After that, you can register it.

Bro im not NOOb, but i forgot some things and the password can be bp hooked without md5 calculation ;)

just looking for the right place to change hwid without crc detecting metest.jpg.490e68ee405c91caca97f11cce92db38.jpg

 

  • 1 month later...
On 20/07/2021 at 10:48, GIV said:

Protetor Enigma v6.9


Protegi um arquivo simples com o Enigma Protector 6.9. Tente desempacotar.

Para um reversor habilidoso não será tão difícil quanto parece.



						

 


 

what is the password because a window appears saying APPLICATION REQUIRES PASSWORD TO START, ENTER PASSWORD

 

 

  • 3 weeks later...

The password is tuts4you.com

Used Olly SHADOW debugger modification with ScyllaHide plugin.
First you need to Set on all options from DRx Protection in ScyllaHide.

It has set number of run time allowed so after expired run Trial-Reset.v4.0.Final and clean Enigma registry key.

Noticed this call:
VirtualAlloc reached:
Stack pointer = 23FDD0
[ESP] (return address) = 55ABBD
[ESP+4] (lpAddress) = 0
[ESP+8] (dwSize) = 100000
[ESP+12] (flAllocationType) = 2000
[ESP+16] (flProtect) = 1
Thread id = 3352
Allocated address = 3550000
Thread id = 3352

RESERVE = 2000

I've noticed the presence of some memory blocks with size 100000 one after another - probable should be appended to dump.
 

Is anyone who loads this Enigma ver. 6.9 application successfully?

2024-01-13_201049.png.7e9e056d16bf6139e10390e6eac807d6.png2024-01-13_201156.png.5b6f08c4ae2f20f3d1280f781c28b84b.png

Regards.

sean.

33 minutes ago, windowbase said:

Is anyone who loads this Enigma ver. 6.9 application successfully?

2024-01-13_201049.png.7e9e056d16bf6139e10390e6eac807d6.png2024-01-13_201156.png.5b6f08c4ae2f20f3d1280f781c28b84b.png

Regards.

sean.

these cheap tricks don't work here, it's constant encryption.

Edited by X0rby

@X0rby Did you load it up successfully?

Regards.

sean.

Just now, windowbase said:

@X0rby Did you load it up successfully?

Regards.

sean.

ofc, check my older replies - you need to patch hwid to the valid one.

1 hour ago, X0rby said:

ofc, check my older replies - you need to patch hwid to the valid one.

@X0rby You did. How did you bypass CRC checking? maybe I have the CRC issue.

Regards.

sean.

Edited by windowbase
adding words.

On 11/10/2023 at 7:14 AM, kuazi GA said:

PS  "Do not modify the machine code at the virtual machine entry point as it will trigger the CRC check."🙂

@kuazi GA

How should I do without modifying the virtual machine entry point? You already did it.

Can you guide me to solve it?

Regards.

sean.

21 hours ago, windowbase said:

@夸子GA

不修改虚拟机入口点 怎么办已经做到了。

你能指导我解决它吗?

问候。

肖恩。

 

@kuazi GA I did it using the tool of @CodeExplorer.

Many thanks. by the way, did you do it using the tool? or in your own way?

And one more thing, the app closes when I click the window. is it intended by giv or any problem with me?

 

2024-01-16_010714.png.d2f009b3e5dccb6ef5ce273460829b71.png

Regards.

sean.

Edited by windowbase
adding words.

Yeah, the windows closes after few time. Same thing here; I think was intended by giv.
 

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.