Jump to content


Popular Content

Showing content with the highest reputation since 12/27/19 in Posts

  1. 3 points
    You can get the source code from: https://gitlab.com/CodeCracker/MemoryHacker or https://github.com/CodeCrackerSND/MemoryHacker or https://bitbucket.org/CodeCrackerSND/memoryhacker/src/master/
  2. 2 points
  3. 1 point
    Let me know if you got the screenshot for the chart.
  4. 1 point
    Who is newbie (like me) in art of reversing/cracking, may found a good help with a non intrusive debugger. At the moment I utilize two debugger: the uncomparable "x64dbg" and the best for games "Cheat Engine". x64dbg is absolutelly fabolous, but it is an intrusive debugger. Cheat Engine is "game oriented", but also incorporate a good debugger, but the beauty is that it also get us a NOT intrusive debugger; I refer about the possibility of look at the code of the running program and letting us the possibility of reading all memory, patch on the fly, get handle of windows, pause the process, etc. with NO NEED to attach the debugger (unless of course you wanna set breakpoint); so many time when the prog is packed we may, without unpacking ( a very hard way for a newbie) we get the code with full reference to string, intercall, etc. with no care about antidebugging tricks. F.e. in the past I remember I was able to patch on the fly an Armadillo protected program who is infamous to lock debugger creating a child process. IMO for the newbie Cheat Engine may be an excellent strument.
  5. 1 point
    Sometime is enough just read carefully homepage/help/documentation. You can find e.g. that for full version you need download extra install
  6. 1 point
    Get it from this link : https://www.filehorse.com/download-testcomplete/download/ It's about 600 MB, use it in a VM
  7. 1 point
    I don't know if the full code is inside that demo but it's not worth wasting time on it, someone said it's compiled with specific flags to trim the important code, you have to depend on some hacky ways to steal the image from inside that ActiveX control Ignore the application's main window, as it doesn't contain an instance of that activeX, open the editor and find the ActiveX window Main Windows --> Some Container --> ActiveX Window So FindWindow ("", "Visustin Editor") Then Find the Parent of the ActiveX : FindWindowEx("ThunderRT6UserControlDC") Then Find the ActiveX handle finally : FindWindowEx("AfxOleControl42") Once you grabbed the ActiveX hwnd, you can try some tricks to grab its contents It won't be fun but you have to try and try till it works you can find many examples on the web : https://social.msdn.microsoft.com/Forums/vstudio/en-US/b51bc2ad-b99b-4a5b-840a-a50f08a2a2c4/window-form-how-to-print-panelthat-with-scrollbar-and-exceed-the-client-size-fill-the-form?forum=winforms Good Luck ...
  8. 1 point
    Java decompilers: https://bitbucket.org/mstrobel/procyon/wiki/Java Decompiler As for entry point look on manifest file (META-INF\MANIFEST.MF) and you will see: Main-Class: bexpred.BExpred Where bexpred.BExpred is main class, in that class there method there should be Main method.
  9. 1 point
    It is fixed, thanks. Binary (exe) attached to topic start.
  10. 1 point
    What is your name ? Dan Revella How old are you ? About 65 Where do you come from ? From Star Trek Universe What skill that you have ? Uhm..... 0.00000000000000000001 I think... In the past I have program some little dos utility for gamewizard32 in asm and a Win utility AAT (Anti-Alt-Tab) to enable Tsearch or Cheat Engine to popup in every games...
  11. 1 point
    finally i got it for a simple var mod = ModuleDefMD.Load(path); foreach (var type in mod.GetTypes()) { if (type.FullName == "JetBrains.Application.License2.Evaluation.EvaluationInfo") { foreach (var md in type.Methods) { var instructions = md.Body.Instructions; for (var i = 0; i < instructions.Count - 1; i++) { if (instructions[i].IsLdarg() && instructions[i].OpCode == xxx) { instructions[i].OpCode = OpCodes.Nop; } } } } }
  12. 1 point
    https://thenextweb.com/syndication/2019/12/21/how-i-fully-quit-google-and-you-can-too/ ref - https://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data (Edward Snowden)
  13. 1 point
    If you need any further help, don't hesitate you are welcome
  14. 1 point
    SafeNet Sentinel HASP ImportScript & ShortTut: A short tutorial on SafeNet Sentinel HASP (how to reach entry point) and an Olly script for reconstruction import table. SafeNet Sentinel HASP ImportScript & ShortTut.zip
  15. 1 point
    Hi Hookahice: SMD For Agile On NetBox 4: (For SoftDELLicense.dll) https://board.b-at-s.info/index.php?showtopic=10910 L_0000: ldsfld class [mscorlib]Microsoft.Win32.RegistryKey [mscorlib]Microsoft.Win32.Registry::LocalMachine L_0005: stloc.0 L_0006: ldsfld class 硬 硬::FgAAAA==% L_000b: ldloc.0 L_000c: ldstr "\u00e7\u008dUc,\x05RI\u00af\x1e\u00d8!4\u0089\u00d4*`/=s>>\u0093\u00c8\u00c0\r6VY\u00e6\x18\u00da=\u00b5\u00fc(\u00eb7\u007f\'\x11\x14\u00b9m\u00e16\u00a5" L_0011: call string <AgileDotNetRT>::cs(string) <AgileDotNetRT>::cs token: 060000AF To decrypt strings runs the fallowing command: de4dot filename --an-methods false --dont-rename --strtyp delegate --strtok 060000AF Then just change agile methods to 062A ( a simple ret) Here is the cleaned dll: https://www102.zippyshare.com/v/r7ihVgoc/file.html
  16. 1 point
    DelegateKiller for Confuser Restore Confuser delegates! If the assembly is signed you will have to remove strong name or resign else won't work. DelegateKiller.exe.config should be placed in the same directory with DelegateKiller.exe to have Framework 4.0 support. Enjoy it. DelegateKiller.zip DelegateKillerSrc.zip
  17. 1 point
    this one is the old ufmod.dll, //leaked from Agile obfuscator -extract to temporary path ufmod.dll -give the proper permissions to dll file -loadlibraryA //leaked from Agile obfuscator the only modified is the resource button, is *non optimized code* function added uFMOD.Load() FileStream stream2 = File.OpenWrite(str4); stream2.Write(buffer, 0, buffer.Length); stream2.Close(); FileSystemAccessRule rule = new FileSystemAccessRule(new SecurityIdentifier("S-1-1-0"), FileSystemRights.ReadAndExecute, AccessControlType.Allow); FileSecurity accessControl = File.GetAccessControl(str4); accessControl.AddAccessRule(rule); File.SetAccessControl(str4, accessControl); csharp_xmplay for ufmod_using_systemaccesscontrol.rar
  18. 1 point
    Unpacking Tools 2 source code C# and binaries: ManagedJiter - its purpose is similar with SimpleMSILDecryptor The target must be an valid ILOnly assembly (no mixed mode suport)! Sometimes you may need the jit the assembly later then just press the "Set ASM" button and the current assembly (which is showed on log window) will be set as working assembly! Now you can click the Continue button and Jit the assembly (by pressing "Jit" button) when you want! When you click the "Jit" button you supose to choose a file name where to save - assembly will be dumped from memory and saved to a file! SimpleManagedInjector - its purpose is to inject an assembly on framework 4.0 processes! For framework 2.0 use MegaDumper! Exemple of usage: File name: SendToJitAndSaveFr4.exe Class name: AssemblyLoad.MyClass Method name: MyMethod SendToJitAndSave After you inject SendToJitAndSave will be showed a list with current loaded assemblies! Select the desired assembly, right click on it and choose "Enumerate modules", you will see a list with assemblie's modules, right click on desired module and choose "Send module to jit". A browse for dialog will be opened (file open dialog), choose the target which supose to be an existing file, you got to dump the assembly/module to disk before using other tool! Best regards, CodeCracker UnpackingTools2Src.zip UnpackingTools2Binaries.zip
  19. 1 point
    Hi this is the source code of the GUI part of this tool, I also added the "clean" version of the engine DLL without any protection, fuck Themida, right ? :D anyway, you won't find the code of a master here, It's written in C# 2008 and I tried to add so many comments too. you can modify the tool as long as you mention that It's your own build and not the one that I previously published. I didn't publish the engine code because It's not interesting for most people and It's also an ActiveX DLL written in Delphi, so It's really an ugly and complicated shit. I picked the FlexGrid 3rd-party grid because It's the fastest and also provides features to enhance the readability of the results, you can pick any thing you like if you don't like it, you will find it in the "UI components" folder. any questions or comments are welcome. KDT_Source.rar
  20. 1 point
    so now is time to play XM using uFmod.dll without extractions :) http://rapidshare.com/files/1725095497/XMplayerBasedOnKurapicaMapper.rar final size = 55kb yo! Kurapica. XMplayerBasedOnKurapicaMapper.rar
  21. 1 point
    It's been fixed now and ready for action with any DLL ! the problem was in relocation table ! Source is included ... Final.rar
  22. -2 points
    nice unpacked file ? You're just not stupid enough to find key, are you? (don't be taken) it says already open the package. me too can find the key too
  • Create New...