Forum: File Unpacking
12-25-2020, 05:42 AM
|
|
Replies: 0
Views: 1,722
Aspack OEP (simple)
Aspack OEP (simple)
an simple Olly script I've created:
// NtdllDefWindowProc_W is actually user32.DefWindowProcW
CMP [eip], 60 , 1
jne Finish_Nopushad
// pushad instruction at eip is there,
// so...
|
|
Forum: Steganography + Cryptography
02-17-2020, 09:52 AM
|
|
Replies: 0
Views: 9,355
Modulo2Simplificator
Modulo2Simplificator
This is a modulo 2 equations simplificator,
First Simplificate button will simplificate as system of equations by adding equations,
while second button Product will try to write...
|
|
Forum: File Unpacking
12-05-2019, 05:17 AM
|
|
Replies: 0
Views: 8,842
Oreans UnVirtualizer
Oreans UnVirtualizer v1.8 by Deathway
It is hard to find targets for which this Olly plugin works
Orean VM section has empty name "":
Memory map, item 25
Address=00EFF000
Size=00220000 (2228224.)
...
|
|
Forum: File Unpacking
12-02-2019, 02:40 PM
|
|
Replies: 0
Views: 7,241
Safengine Licensor change HWID
Safengine Licensor change HWID:
Target:
https://forum.tuts4you.com/topic/38372-safengine-licensor-2370/
(https://forum.tuts4you.com/topic/38372-safengine-licensor-2370/)
Search "RegQueryValueExA"...
|
|
Forum: File Unpacking
11-18-2019, 01:12 PM
|
|
Replies: 0
Views: 7,857
Enigma Registration Bypass (short tut)
Enigma Registration Bypass (short tut):
Set breakpoint on VirtualAlloc Api, break twice to VirtualAlloc,
search for bytes:
55 8B EC 33 C9 51 51 51 51 51 51 53 8B D8 33 C0
Scroll down until you...
|
|
Forum: File Unpacking
11-16-2019, 06:08 AM
|
|
Replies: 0
Views: 7,469
Themida HWID mismatch patch
Themida HWID mismatch: this work if you have license for a different HWID.
Under Windows 7 there is no Api emulation!
1. VirtualAlloc Api Emulation - Windows XP:
Search for kernel32.VirtualAlloc...
|
|
Forum: Reverse Code Engineering
11-13-2019, 02:24 PM
|
|
Replies: 2
Views: 9,927
Xor is his own inverse!!!
XOR is commutative, associative, and its own inverse.
More reads:
https://math.stackexchange.com/questions/961441/xor-is-commutative-associative-and-its-own-inverse-are-there-any-other-such-f
...
|
|
Forum: File Unpacking
08-22-2019, 05:42 AM
|
|
Replies: 0
Views: 13,801
|
|
Forum: .NET Reverse Engineering
05-24-2019, 06:16 AM
|
|
Replies: 0
Views: 13,862
ConfuserExConstant
ConfuserExConstant:
This will get the Confuser Module entry point token and print it.
The input assembly has to be an assembly which use .NET module trick (koi module).
|
|
Forum: Steganography + Cryptography
10-12-2018, 06:26 AM
|
|
Replies: 0
Views: 40,692
FOperations
FOperations:
Compute F = A xor (B or (Not C))
Get C bitmask from same formula knowing F, A, B
The program require Microsoft Visual C++ 2008...
|
|
Forum: Steganography + Cryptography
09-18-2018, 02:55 AM
|
|
Replies: 0
Views: 20,273
MD5 Fast Collision
MD5 Fast Collision:
generate two blocks with same MD5 hash.
The program require Microsoft Visual C++ 2008 Redistributable
Requirements:
https://www7.zippyshare.com/v/hx08GIN8/file.html
Source...
|
|
Forum: Steganography + Cryptography
07-24-2018, 04:20 AM
|
|
Replies: 0
Views: 22,128
SumGenerator
SumGenerator:
given the sum result generate n numbers which have that sum;
- generates both integers numbers and double(real) numbers
- Possibility to specify minim value
|
|
Forum: Steganography + Cryptography
07-22-2018, 02:18 PM
|
|
Replies: 0
Views: 12,727
MD5Calc
MD5 calculator source code Visual C++ 6.0 attached.
Simple MD5 calculator.
|
|
Forum: .NET Reverse Engineering
07-10-2018, 05:18 AM
|
|
Replies: 0
Views: 16,265
|
|
Forum: File Unpacking
07-09-2018, 01:08 PM
|
|
Replies: 6
Views: 38,223
Memory redirection tool I'm working at...
I assume that it is using VirtualAlloc for allocating...
I am working currently on a tool which will redirect allocations to only one memory block being able after to easy save that and add a new...
|
|
Forum: .NET Reverse Engineering
06-11-2018, 02:03 AM
|
|
Replies: 4
Views: 44,485
|
|
Forum: .NET Reverse Engineering
06-01-2018, 03:03 AM
|
|
Replies: 4
Views: 44,485
|
|
Forum: .NET Reverse Engineering
06-01-2018, 02:55 AM
|
|
Replies: 7
Views: 37,450
Easy way
I saw that was posted a old tutorial of mine.
Easy way: dump the process with MegaDumper and fix the dump with UniversalFixer.
|
|
Forum: .NET Reverse Engineering
06-01-2018, 02:52 AM
|
|
Replies: 2
Views: 39,978
CodeProtector sample request
Never heard of CodeProtector before.
http://luckylu.webs.com is down.
This add-in requires Visual Studio 2008 or 2010.
So I can't install it.
Can you post a sample protected by CodeProtector.
If you...
|
|
Forum: General Forum
06-01-2018, 02:45 AM
|
|
Replies: 15
Views: 36,648
zippyshare.com link
Whats up with that zippyshare.com link,
I can't download it without login!
Now is ok: dunno why!
|
|
Forum: Reverse Code Engineering
04-28-2018, 09:54 AM
|
|
Replies: 2
Views: 14,121
reuploaded files with a password
Off topic: Password protect a zip acrhive with Winrar:
Tools > Convert Archives > Compression > General
> Set Password > then click ok and save . :)
-----------
On google drive I've reuploaded files...
|
|
Forum: Reverse Code Engineering
04-22-2018, 10:29 AM
|
|
Replies: 2
Views: 14,121
More things
More stuf + portable programs at:
https://sourceforge.net/u/codecrackersnd/profile/
CodeCracker.to_be_remindered.Tutorials.zip ToolsArchive_Part1.zip...
|
|
Forum: Reverse Code Engineering
04-22-2018, 04:32 AM
|
|
Replies: 2
Views: 14,121
My work so far
My work so far
My source code:
https://gitlab.com/CodeCracker
https://github.com/CodeCrackerSND
https://bitbucket.org/CodeCrackerSND/
My old tools collection: compiled exes/jar, not source...
|
|
Forum: General Forum
04-22-2018, 04:16 AM
|
|
Replies: 1
Views: 15,370
CodeExplorer is here!
Hi. I had a lot of old names CodeRipper, CodeCracker:
I give up on them, from now I will go by CodeExplorer nick.
Names don't have any importance anyway.
Finally I was able to unlock my account so I...
|
