Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

Bypass MessageBox Without Unpacking

Bypass MessageBox without unpacking, task complete.

Screenshot 2023-07-14 11.56.36.png

File Information

Submitter 2days

Submitted 07/14/2023

Category CrackMe

View File

Bypass MessageBox Without Unpacking

Solved by bon

Go to solution

It searches for a file named '2days.txt'. If it is not found, it will display the message box; otherwise, no message box will be shown.

image.png.3aa2062a6cde40429aed59afe5fda95b.png

The only funny thing is your -inf/10 easy challenge, you are here since 2008 and you are making this kind of crap? that's a shame.

Edited by X0rby

  • 2 weeks later...
  • Solution

TRUE BYPASS

version.dll

visual studio 2022 vc++

12 hours ago, bon said:

TRUE BYPASS

version.dll

visual studio 2022 vc++

 

Perfect ++ 💯 The condition shows the text box has been replaced by nop altogether . Just put the version.dll file in it.

2023-08-08_122451.png

.DLL Hijack bypass all protect  😁

bb2018.dll = Patcher 

version.dll = loader 

Hook Api = Bypasser

Record-2023-08-15-05-27-27-984.gif

First, use x64dbg debug to find patch points.  Change from 84 to FE.

Screen-2023-08-15-05-13-35.jpg

First, we need to find the module .dll will notice that there.A lot of dlls, 
but I'm going to use version.dll.

Screen-2023-08-15-04-46-38.jpg

Example Code Patch :

DWORD64 MR.BB2018 = Module + (DWORD64)0x2F931; // rva Patch

PVOID rva1 = reinterpret_cast<PVOID>(MR.BB2018);
BYTE rva2[] = { 0xFE };

WriteProcessMemory(hProcess, rva1, rva2, sizeof(rva2), NULL);

Tools :

X64dbghttps://github.com/x64dbg/x64dbg/releases

Visualstudiohttps://learn.microsoft.com/en-us/visualstudio/releases/2019/release-notes

hijack dll Source Code Generator. support x86/x64 https://github.com/strivexjun/AheadLib-x86-x64/releases/tag/1.2

 

I'm still naive about the reverse. If it's a mistake, apologize. 😁
 

Edited by bb2018

try learning  x64dbg script 👍image.png.456c87fba63347bef670bb8bc623a023.png

DeleteBPX
bp VirtualProtect
SetBreakpointCommand VirtualProtect, "vtp"
erun
vtp:
rtr 2
step
rtu
 
step
find cip,"E9EF"
cmp $result,0
je ER
 
bp $result
erun
bc
sti
sto 8
sti
memset cip+19603, EB,1//bypass cmp to jmp
log "OEP:{a@cip}" 
mov 1004A8D64, #62 6F 6E 00#//set caption
run
exit
ER:

Edited by bon

Sir, can anyone share the source code of proxy hook dll.
If the application is packed with vmprotect or themida, will the hook dll still work? 

 

Respected Admin, I am a newbie, I have been trying to learn this for a long time. 

Please approve my content.

Thanks in advance.

23 hours ago, ReverseKill said:

If the application is packed with vmprotect or themida, will the hook dll still work? 

That is not difficult, even with protections.

(EDIT: The error reply here has been removed.)

It indicates that you have not mastered the essentials of DLL hijacking. Any protections, even the latest version of VMP or TMD, whether it is x86 or x64, can be hijacked, and can even be completed with or without a DLL...

Edited by boot
Correcting error reply...

11 hours ago, ReverseKill said:

Sir, can anyone share the source code of proxy hook dll.
If the application is packed with vmprotect or themida, will the hook dll still work? 

First of all, you have to write a programming language. Other things are not that difficult. If you understand written languages such as C, C#, C++, Golang, Python, Delphi, Autoit and many other languages, you can choose one and try writing them.

Second of all, you have to focus on what you want to learn.
And practice as much as you can, and you'll get the answers you need.

If you need more answers, you can just ask Chat-GPT 4. 😁

Chat-GPT can write code automatically just by asking what you want 😁

bb.gif

Edited by bb2018

On 8/17/2023 at 8:31 AM, bb2018 said:

First of all, you have to write a programming language. Other things are not that difficult. If you understand written languages such as C, C#, C++, Golang, Python, Delphi, Autoit and many other languages, you can choose one and try writing them.

Second of all, you have to focus on what you want to learn.
And practice as much as you can, and you'll get the answers you need.

If you need more answers, you can just ask Chat-GPT 4. 😁

Chat-GPT can write code automatically just by asking what you want 😁

bb.gif

Thanks for replying. Who knows if an answer like this might be helpful to someone. :rolleyes:

Edited by ReverseKill
correcting reply

On 8/17/2023 at 6:29 AM, boot said:

That is not difficult, even with protections.

(EDIT: The error reply here has been removed.)

It indicates that you have not mastered the essentials of DLL hijacking. Any protections, even the latest version of VMP or TMD, whether it is x86 or x64, can be hijacked, and can even be completed with or without a DLL...

Thanks for letting me know that I haven't mastered the essentials of DLL hijacking. If I could, I wouldn't be here asking.

Edited by ReverseKill
correcting error reply

  • 4 weeks later...
On 8/17/2023 at 11:47 PM, ReverseKill said:

Thanks for letting me know that I haven't mastered the essentials of DLL hijacking. If I could, I wouldn't be here asking.

So what he's saying is, look, I've got this knowledge. So study hard! Show off, show off. If you think you can help someone else. Then reply. Please provide some practical tips or help. Instead of showing off every day

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.