2days Posted July 26, 2023 Posted July 26, 2023 View File Bypass MessageBox Without Unpacking Bypass MessageBox without unpacking, task complete. Submitter 2days Submitted 07/15/2023 Category CrackMe 3 1
X0rby Posted July 26, 2023 Posted July 26, 2023 It searches for a file named '2days.txt'. If it is not found, it will display the message box; otherwise, no message box will be shown. 2days_nag.mp4 2 1
X0rby Posted July 26, 2023 Posted July 26, 2023 (edited) The only funny thing is your -inf/10 easy challenge, you are here since 2008 and you are making this kind of crap? that's a shame. Edited July 26, 2023 by X0rby 1
Solution bon Posted August 7, 2023 Solution Posted August 7, 2023 TRUE BYPASS version.dll visual studio 2022 vc++ 2 1
Barestra Posted August 8, 2023 Posted August 8, 2023 12 hours ago, bon said: TRUE BYPASS version.dll visual studio 2022 vc++ Perfect ++ 💯 The condition shows the text box has been replaced by nop altogether . Just put the version.dll file in it. 3
bb2018 Posted August 14, 2023 Posted August 14, 2023 (edited) .DLL Hijack bypass all protect 😁 bb2018.dll = Patcher version.dll = loader Hook Api = Bypasser First, use x64dbg debug to find patch points. Change from 84 to FE. First, we need to find the module .dll will notice that there.A lot of dlls, but I'm going to use version.dll. Example Code Patch : DWORD64 MR.BB2018 = Module + (DWORD64)0x2F931; // rva Patch PVOID rva1 = reinterpret_cast<PVOID>(MR.BB2018); BYTE rva2[] = { 0xFE }; WriteProcessMemory(hProcess, rva1, rva2, sizeof(rva2), NULL); Tools : X64dbg : https://github.com/x64dbg/x64dbg/releases Visualstudio : https://learn.microsoft.com/en-us/visualstudio/releases/2019/release-notes hijack dll Source Code Generator. support x86/x64 : https://github.com/strivexjun/AheadLib-x86-x64/releases/tag/1.2 I'm still naive about the reverse. If it's a mistake, apologize. 😁 Edited August 15, 2023 by bb2018 3 1 2
bon Posted August 16, 2023 Posted August 16, 2023 (edited) try learning x64dbg script 👍 DeleteBPX bp VirtualProtect SetBreakpointCommand VirtualProtect, "vtp" erun vtp: rtr 2 step rtu step find cip,"E9EF" cmp $result,0 je ER bp $result erun bc sti sto 8 sti memset cip+19603, EB,1//bypass cmp to jmp log "OEP:{a@cip}" mov 1004A8D64, #62 6F 6E 00#//set caption run exit ER: Edited August 16, 2023 by bon 2 1
ReverseKill Posted August 16, 2023 Posted August 16, 2023 Sir, can anyone share the source code of proxy hook dll. If the application is packed with vmprotect or themida, will the hook dll still work? Respected Admin, I am a newbie, I have been trying to learn this for a long time. Please approve my content. Thanks in advance.
boot Posted August 17, 2023 Posted August 17, 2023 (edited) 23 hours ago, ReverseKill said: If the application is packed with vmprotect or themida, will the hook dll still work? That is not difficult, even with protections. (EDIT: The error reply here has been removed.) It indicates that you have not mastered the essentials of DLL hijacking. Any protections, even the latest version of VMP or TMD, whether it is x86 or x64, can be hijacked, and can even be completed with or without a DLL... Edited August 17, 2023 by boot Correcting error reply...
bb2018 Posted August 17, 2023 Posted August 17, 2023 (edited) 11 hours ago, ReverseKill said: Sir, can anyone share the source code of proxy hook dll. If the application is packed with vmprotect or themida, will the hook dll still work? First of all, you have to write a programming language. Other things are not that difficult. If you understand written languages such as C, C#, C++, Golang, Python, Delphi, Autoit and many other languages, you can choose one and try writing them. Second of all, you have to focus on what you want to learn. And practice as much as you can, and you'll get the answers you need. If you need more answers, you can just ask Chat-GPT 4. 😁 Chat-GPT can write code automatically just by asking what you want 😁 Edited August 17, 2023 by bb2018
ReverseKill Posted August 17, 2023 Posted August 17, 2023 (edited) On 8/17/2023 at 8:31 AM, bb2018 said: First of all, you have to write a programming language. Other things are not that difficult. If you understand written languages such as C, C#, C++, Golang, Python, Delphi, Autoit and many other languages, you can choose one and try writing them. Second of all, you have to focus on what you want to learn. And practice as much as you can, and you'll get the answers you need. If you need more answers, you can just ask Chat-GPT 4. 😁 Chat-GPT can write code automatically just by asking what you want 😁 Thanks for replying. Who knows if an answer like this might be helpful to someone. Edited August 27, 2023 by ReverseKill correcting reply
ReverseKill Posted August 17, 2023 Posted August 17, 2023 (edited) On 8/17/2023 at 6:29 AM, boot said: That is not difficult, even with protections. (EDIT: The error reply here has been removed.) It indicates that you have not mastered the essentials of DLL hijacking. Any protections, even the latest version of VMP or TMD, whether it is x86 or x64, can be hijacked, and can even be completed with or without a DLL... Thanks for letting me know that I haven't mastered the essentials of DLL hijacking. If I could, I wouldn't be here asking. Edited August 27, 2023 by ReverseKill correcting error reply
Noob boy Posted September 13, 2023 Posted September 13, 2023 On 8/17/2023 at 11:47 PM, ReverseKill said: Thanks for letting me know that I haven't mastered the essentials of DLL hijacking. If I could, I wouldn't be here asking. So what he's saying is, look, I've got this knowledge. So study hard! Show off, show off. If you think you can help someone else. Then reply. Please provide some practical tips or help. Instead of showing off every day
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now