Jump to content

DARKER

Members
  • Content Count

    41
  • Joined

  • Last visited

  • Days Won

    2

DARKER last won the day on February 25

DARKER had the most liked content!

Community Reputation

6 Neutral

About DARKER

  • Rank
    Member

Profile Information

  • Gender
    Male

Previous Fields

  • Team
    SCF
  1. DARKER

    Eazfuscator.NET

    Eazfuscator.NET 2019.3 released on September 29, 2019 Visualization of homomorphically encrypted regions of code .NET Core 3.0 support .NET Standard 2.1 support Visual Studio 2019 version 16.3+ support JetBrains Rider 2019.2 support Added ability to mark static method as a module initializer Improved ASP.NET Core support Improved .NET Native support Improved Visual Studio integration Improved homomorphic encryption coverage Fixed issue with a locked file that could occur during update installation Fixed issue in method overload matching of ref readonly return types Fixed bug that could lead to an issue with default values of optional method parameters Fixed VM issue that might occur in compiler-generated async state machine code Fixed XML Documentation Filter issue with nested generic classes Fixed XML Documentation Filter issue that occurred in MSBuild project integration mode Fixed XAML issue that could lead to "Unknown BAML record type 0x22" error during obfuscation Fixed issue with .NET Core reflection introspection Fixed issue with .NET Native compilation that could occur when code control flow obfuscation was on Fixed issue with UWP assembly merging that could lead to an endless loop in merger
  2. IMHO, for fast patching is definitely best Hiew.
  3. DARKER

    Eazfuscator.NET

    Eazfuscator.NET 2019.2 released on June 19, 2019 JetBrains Rider 2019.1 support .NET Framework 4.8 support Improved Visual Studio 2019 support Improved .NET Core 2.2 support Improved reflection analysis for Windows Forms data binding semantics Improved preliminary support for .NET Core 3.0 Fixed issue with .NET Core assemblies resolution Fixed VM issue with System.Span<T> and System.ReadOnlySpan<T> types Fixed VM issue with .NET Framework 4.0 assemblies that could lead to NullReferenceException during runtime under rare specific conditions Fixed issue with MSBuild integration that occurred when Eazfuscator.NET target files were used under .NET Core MSBuild Fixed issue that could lead to "The attribute 'Version' in element <PackageReference> is unrecognized" error during obfuscation
  4. As i remember some parts of InsidePro was written in ASM for better speed.
  5. You can inspire also with this: https://github.com/hashcat/maskprocessor it's BF algo + Mask attack (used also in hashcat)
  6. It works, but has big timeout ... try do some more refresh and sometime it works
  7. Because of these things. They start creating new fake accounts for this war..
  8. DARKER

    Eazfuscator.NET

    Eazfuscator.NET 2018.3 (released on August 15, 2018) .NET Core 2.1 support Unity 2018.2 support Out-of-the-box support for Fody and PostSharp build tools Added ability to check for closure criteria in conditional obfuscation of types Added ability to separately control obfuscation of method parameters with parameters renaming and optional parameters pruning directives Added automatic expansion of script and environment variables specified in ilmerge custom parameters directive 64 bit is now the preferred mode of Eazfuscator.NET operation Improved Visual Studio integration Improved JSON serialization support Improved reflection analysis for scenarios involving enums Improved debug renaming behavior for method arguments: they are now renamed in accordance to a debug pattern to simplify the obfuscation diagnostics Significantly improved obfuscation speed for some edge-case scenarios Fixed issue with generic methods overloading Fixed issue with serialization of enum array values in custom attributes Fixed issue with a ref return type of a method annotated by modopt/modreq modifiers Fixed issue that could lead to breaking of an indexer property when declaring type implemented several interfaces that defined such a property Fixed issue with handling of InternalsVisibleTo attribute that could lead to an unexpected auto-sealing of an internal class under specific conditions Fixed XAML issue with binding to a static property using a type-qualified path Fixed VM issue with typeof() expressions for generic type definitions Fixed MSBuild integration issue with F# .NET Core and .NET Standard projects
  9. Some my old .NET StringFind + StringDecoder adaptation: Dot Net String Decoder http://progress-tools.x10.mx/dnsd.html Description: Program can list or decrypt strings used in .NET executable based on user decryption plugins and rebuild new assembly with decoded strings. Method names, control flow etc. are unchanged in assembly! Features: - List all strings that are used in .NET executable - Generic search for decoding function like: DecodeFunction(Byval Coded_String as String) As String - Decrypt strings based on your own plugin - Very simple plugin interface (C#, VB.NET) - Preview of string decryption (checking results) - Rebuild application with decoded strings (removing decoding function) - Explorer with all methods for fast navigation - Export method tree to text file - Fast string extraction - Very good and easy searching - Export strings to text file for further processing - DisAssemble selected method - Instruction coloring for fast navigation (Strings, Numbers, Calls, Jumps) - See real file offset and opcode bytes - Jump from opcode to file with hexeditor (patching) DNSD in action:
  10. Another standalone tool for analyzing .NET strings: Dot Net String Decoder http://progress-tools.x10.mx/dnsd.html
  11. DARKER

    Eazfuscator.NET

    Eazfuscator.NET 5.4 (October 4, 2016) .NET Framework 4.6.2 support Out of the box support for Entity Framework Core Obfuscation attributes prioritization Automatic authenticode signing of obfuscated ClickOnce assemblies when corresponding certificate is specified in Visual Studio project settings Preliminary support for Visual Studio "15" Preview Improved Visual Studio integration Improved compatibility with .NET Native Improved LINQ to SQL support Improved reflection analysis for LINQ expressions Fixed issue with lost calling convention of calli instruction's operand Fixed issue that occured when trying to obfuscate UWP assemblies with a NuGet reference to Microsoft.NETCore.UniversalWindowsPlatform 5.2.2 package Fixed issue that could lead to endless loop during analysis of IL code Fixed issue that could lead to exception during obfuscation related to serialization of assembly custom attributes in .netmodule files Fixed issue in Visual Studio extension that could lead to error dialogs in Visual Studio 2015 versions prior to Update 1 Fixed issue with ClickOnce manifests and timestamp server URL which might not be considered during obfuscation Fixed issue with NuGet package assemblies resolution Fixed issue that could lead to exception "A numeric comparison was attempted on A.B that evaluates to X.Y instead of a number" during obfuscation. The issue was caused by MSBuild integration subsystem of Eazfuscator.NET and manifested itself with UWP and PCL projects when Visual Studio 2015 Update 3 was installed on developer machine Eazfuscator.NET 5.3 (June 15, 2016) Deeper Visual Studio integration Resource sanitization Out of the box support for ServiceStack framework Automatic handling of NuGet 3 project semantics Better code optimization. Added new hot spot optimizers Greatly improved reflection analysis for scenarios involving reflection calls Improved JSON serialization support Improved support for Unity projects Fixed issue that occured when trying to add protection to UWP 1.3 projects Fixed issue with design-time usage protection option and methods marked with System.Web.Services.WebMethodAttribute Fixed regression that could lead to StackOverflowException during obfuscation under some rare circumstances Fixed rare issue that could lead to race condition during obfuscation Fixed issue with inlining of entry point methods
  12. DARKER

    Hexinator

    For templates in old DOS times i was using StructLook - very old product from Eugene Suslikov (Hiew) - probably first "templator", now it can be done also in HIEW via HEM. Last time i try this: http://www.fairdell.com/hextemplate/ but Hexinator has better coloring and is "new supported" product.
  13. DARKER

    Hexinator

    Yes, templates looks great but how many time you use it? :-) For me WinHex can do every job that i need.
  14. DARKER

    Eazfuscator.NET

    Version 5.1 released on December 4, 2015 http://www.gapotchenko.com/eazfuscator.net/esd/Eazfuscator.NET%205.1%20Setup.msi There exist also remover (EazUnlock) for the restrictions placed on executables by trial version (cannot run on another computer, and expires after a few days). Maybe has someone access there ... https://www.nulled.cr/topic/24434-eazunlock-remove-eazfuscatornet-trial-restrictions/
  15. Here i upload small test file (original.dll) and file that is nicely deobfuscated (target.dll, just for imagination, how it should look, not my work). See attached picture where is output compared (OnConnection procedure) So i test it with these parameters: de4dot-x64.exe original.dll (automatic mode that correctly detect Dotfuscator) de4dot-x64.exe original.dll -p un --un-name "(^[a-zA-Z0-9]{2,}$)" But none of this parameters produce so nice output as is in target.dll, in de4dot documentation is this mentioned: Eg., currently the following is the default regex used when Dotfuscator is detected !^[a-z][a-z0-9]{0,2}$&!^A_[0-9]+$&^[\u2E80-\u9FFFa-zA-Z_<{$][\u2E80-\u9FFFa-zA-Z_0-9<>{}$.`-]*$ As you can see, it's not just one regex, it's more than one. Each one is separated by & and each regex can be negated by using ! in front of it. To show it more clearly, these regexes are used: (negated) ^[a-z][a-z0-9]{0,2}$ (negated) ^A_[0-9]+$ ^[\u2E80-\u9FFFa-zA-Z_<{$][\u2E80-\u9FFFa-zA-Z_0-9<>{}$.`-]*$ maybe some other parameters? or other deobfuscator? NOP: i already use RegexBudy, best tool for testing Regex :-) d.zip
×
×
  • Create New...