Jump to content

CodeExplorer

B@S Team
  • Content Count

    884
  • Joined

  • Last visited

  • Days Won

    333

CodeExplorer last won the day on August 8

CodeExplorer had the most liked content!

Community Reputation

868 Excellent

About CodeExplorer

  • Rank
    .NET/JAVA reverser
  • Birthday 06/21/1985

Profile Information

  • Gender
    Male
  • Location
    Romania
  • Interests
    girls, RE/coding

Previous Fields

  • Team
    BlackStorm

Recent Profile Visitors

1,754 profile views
  1. SafeNet Sentinel HASP ImportScript & ShortTut: A short tutorial on SafeNet Sentinel HASP (how to reach entry point) and an Olly script for reconstruction import table. SafeNet Sentinel HASP ImportScript & ShortTut.zip
  2. TurboMutipleExes: Turbo Studio doesn't allow for multiple entry points this program will circumvent this limitation. This program will pass command line arguments to the new entry point (new Turbo Studio entry point) and will start specific executables. On first part the Entry Points (output exes) are new exes created by this program; you should specify their full path on ListBox from which their short name is grabbed and also from full name are grabbed resources: icons and version information. So first browse for exe by choosing "..." button and then click Add button to add it to ListBox. You can clear all ListBox items by Clear All button. The process entries button is optional and only needed for custom entry points paths information will be grabbed from full path ListBox to TextBox - it will get short file name of Entry Points from full path. Start-up exe short file name (Virtualized Turbo output exe) is the only file name which can't be renamed afterwards - you need to stick to the Virtualized Turbo output exe - output as an .dat file is a cool thing to do. If you don't specify "Start-up exe icon and information" resources (icons/version) will be missing from NewEntryPoint.exe file generated; NewEntryPoint.exe should be the new Start-up exe specified in Turbo Studio. The final step is pressing the Create Now button and choose an output directory for new files. TurboMutipleExes.zip
  3. I hope this doesn't means the beginning of the end!
  4. @Kurapica: You are doing forum update now? Since I saw OFFLINE writed.
  5. Where and how you find those articles? :P This state something like all programming languages sucks! Then why doing any programming at all? :huh:
  6. What kind of forum upgrades?
  7. Regarding main exe: BOSS.exe I currently have no ideea: SMD wil do eternal loop when sending to jit the method 02, If I ignore that (add exception) SMD will exit - don't have any ideea on why those problem occurs from first place!
  8. The second time I deobfuscated that file everything worked like it should: de4dot filename --keep-types --dont-rename Here is the assembly with Protector types/fields properly removed: https://www49.zippyshare.com/v/80tVw9AB/file.html
  9. Hi again. So the problem is that de4dot removes protectors types/fields. The only thing I could do is force it to protector unknown (-p un): de4dot filename -p un --dont-rename --strtyp delegate --strtok 060000AF Each class constructor methods call those: static LicenseHelper() { <AgileDotNetRT>.Initialize(); <AgileDotNetRT>.PostInitialize(); } This will restore MSIL for each method. So you also got to change this method to a simple return: internal static void Initialize(); Declaring Type: <AgileDotNetRT> Assembly: SoftDELLicense, Version=2.2.1.0 New cleaned dll: https://www65.zippyshare.com/v/jME1QHQA/file.html
  10. Hi Hookahice: SMD For Agile On NetBox 4: (For SoftDELLicense.dll) https://board.b-at-s.info/index.php?showtopic=10910 L_0000: ldsfld class [mscorlib]Microsoft.Win32.RegistryKey [mscorlib]Microsoft.Win32.Registry::LocalMachine L_0005: stloc.0 L_0006: ldsfld class 硬 硬::FgAAAA==% L_000b: ldloc.0 L_000c: ldstr "\u00e7\u008dUc,\x05RI\u00af\x1e\u00d8!4\u0089\u00d4*`/=s>>\u0093\u00c8\u00c0\r6VY\u00e6\x18\u00da=\u00b5\u00fc(\u00eb7\u007f\'\x11\x14\u00b9m\u00e16\u00a5" L_0011: call string <AgileDotNetRT>::cs(string) <AgileDotNetRT>::cs token: 060000AF To decrypt strings runs the fallowing command: de4dot filename --an-methods false --dont-rename --strtyp delegate --strtok 060000AF Then just change agile methods to 062A ( a simple ret) Here is the cleaned dll: https://www102.zippyshare.com/v/r7ihVgoc/file.html
  11. Any x86 (32 bits) version 7.2 leaked somewhere? This is only 64 bits version!
  12. 0X7C9 posted it originaly. The archive require 7-Zip (2019-02-21) for extracting. I welcome everyone who came to wonder. I would like to publish my collection of very interesting source codes here. This is for everyone interested in protecting .NET programs. And its free! For extracting use olny 7ZIP. http://www.eddy420.mzf.cz/268c4176ece76adfc6744a128f598e26 PWD for archive is: 18s17927rq245q9p8o57r651n9729sr00qqp1004nn90snpoqo092062s4s50298p58712q36s66ps6poq052q427318pqp79qr70927034q45723psn1pp067s62n0q
  13. ILProtectorUnpacker v8 Public attached. I know it is far away for being perfect: like the crush after decryption (the assembly is saved) when ExecuteAssembly is unchecked! ILProtectorUnpacker8Public.zip
  14. ConfuserExConstant: This will get the Confuser Module entry point token and print it. The input assembly has to be an assembly which use .NET module trick (koi module). ConfuserExConstant.zip
×
×
  • Create New...