Jump to content
Tuts 4 You

Bypass MessageBox Without Unpacking

2days

By 2days
in CrackMe

 Share
Go to solution Solved by bon,

Recommended Posts

X0rby

X0rby

Posted
Posted (edited)

The only funny thing is your -inf/10 easy challenge, you are here since 2008 and you are making this kind of crap? that's a shame.

Edited by X0rby
  • Like 1
Link to comment
Share on other sites
  • 2 weeks later...
Barestra

Barestra

Posted
Posted
12 hours ago, bon said:

TRUE BYPASS

version.dll

visual studio 2022 vc++

 

Perfect ++ 💯 The condition shows the text box has been replaced by nop altogether . Just put the version.dll file in it.

2023-08-08_122451.png

  • Like 3
Link to comment
Share on other sites
bb2018

bb2018

Posted
Posted (edited)

.DLL Hijack bypass all protect  😁

bb2018.dll = Patcher 

version.dll = loader 

Hook Api = Bypasser

Record-2023-08-15-05-27-27-984.gif

First, use x64dbg debug to find patch points.  Change from 84 to FE.

Screen-2023-08-15-05-13-35.jpg

First, we need to find the module .dll will notice that there.A lot of dlls, 
but I'm going to use version.dll.

Screen-2023-08-15-04-46-38.jpg

Example Code Patch : 

DWORD64 MR.BB2018 = Module + (DWORD64)0x2F931; // rva Patch

PVOID rva1 = reinterpret_cast<PVOID>(MR.BB2018);
BYTE rva2[] = { 0xFE };

WriteProcessMemory(hProcess, rva1, rva2, sizeof(rva2), NULL);

Tools :

X64dbghttps://github.com/x64dbg/x64dbg/releases

Visualstudiohttps://learn.microsoft.com/en-us/visualstudio/releases/2019/release-notes

hijack dll Source Code Generator. support x86/x64 https://github.com/strivexjun/AheadLib-x86-x64/releases/tag/1.2

 

I'm still naive about the reverse. If it's a mistake, apologize. 😁
 

Edited by bb2018
  • Like 3
  • Thanks 1
  • Haha 2
Link to comment
Share on other sites
bon

bon

Posted
Posted (edited)

try learning  x64dbg script 👍image.png.456c87fba63347bef670bb8bc623a023.png 

DeleteBPX
bp VirtualProtect
SetBreakpointCommand VirtualProtect, "vtp"
erun
vtp:
rtr 2
step
rtu
 
step
find cip,"E9EF"
cmp $result,0
je ER
 
bp $result
erun
bc
sti
sto 8
sti
memset cip+19603, EB,1//bypass cmp to jmp
log "OEP:{a@cip}" 
mov 1004A8D64, #62 6F 6E 00#//set caption
run
exit
ER:
Edited by bon
  • Like 2
  • Thanks 1
Link to comment
Share on other sites
ReverseKill

ReverseKill

Posted
Posted

Sir, can anyone share the source code of proxy hook dll.
If the application is packed with vmprotect or themida, will the hook dll still work? 

 

Respected Admin, I am a newbie, I have been trying to learn this for a long time. 

Please approve my content.

Thanks in advance.

Link to comment
Share on other sites
boot

boot

Posted
Posted (edited)
23 hours ago, ReverseKill said:

If the application is packed with vmprotect or themida, will the hook dll still work? 

That is not difficult, even with protections.

(EDIT: The error reply here has been removed.)

It indicates that you have not mastered the essentials of DLL hijacking. Any protections, even the latest version of VMP or TMD, whether it is x86 or x64, can be hijacked, and can even be completed with or without a DLL...

Edited by boot
Correcting error reply...
Link to comment
Share on other sites
bb2018

bb2018

Posted
Posted (edited)
11 hours ago, ReverseKill said:

Sir, can anyone share the source code of proxy hook dll.
If the application is packed with vmprotect or themida, will the hook dll still work? 

First of all, you have to write a programming language. Other things are not that difficult. If you understand written languages such as C, C#, C++, Golang, Python, Delphi, Autoit and many other languages, you can choose one and try writing them.

Second of all, you have to focus on what you want to learn.
And practice as much as you can, and you'll get the answers you need.

If you need more answers, you can just ask Chat-GPT 4. 😁

Chat-GPT can write code automatically just by asking what you want 😁

bb.gif

Edited by bb2018
Link to comment
Share on other sites
ReverseKill

ReverseKill

Posted
Posted (edited)
On 8/17/2023 at 8:31 AM, bb2018 said:

First of all, you have to write a programming language. Other things are not that difficult. If you understand written languages such as C, C#, C++, Golang, Python, Delphi, Autoit and many other languages, you can choose one and try writing them.

Second of all, you have to focus on what you want to learn.
And practice as much as you can, and you'll get the answers you need.

If you need more answers, you can just ask Chat-GPT 4. 😁

Chat-GPT can write code automatically just by asking what you want 😁

bb.gif

Thanks for replying. Who knows if an answer like this might be helpful to someone. :rolleyes:

Edited by ReverseKill
correcting reply
Link to comment
Share on other sites
ReverseKill

ReverseKill

Posted
Posted (edited)
On 8/17/2023 at 6:29 AM, boot said:

That is not difficult, even with protections.

(EDIT: The error reply here has been removed.)

It indicates that you have not mastered the essentials of DLL hijacking. Any protections, even the latest version of VMP or TMD, whether it is x86 or x64, can be hijacked, and can even be completed with or without a DLL...

Thanks for letting me know that I haven't mastered the essentials of DLL hijacking. If I could, I wouldn't be here asking.

Edited by ReverseKill
correcting error reply
Link to comment
Share on other sites
  • 4 weeks later...
Noob boy

Noob boy

Posted
Posted
On 8/17/2023 at 11:47 PM, ReverseKill said:

Thanks for letting me know that I haven't mastered the essentials of DLL hijacking. If I could, I wouldn't be here asking.

So what he's saying is, look, I've got this knowledge. So study hard! Show off, show off. If you think you can help someone else. Then reply. Please provide some practical tips or help. Instead of showing off every day

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...