Unpacking/Deobfuscating a .NET application protected with Crypto obfuscator v5.x - Page 3

bball0002 · #21 06-05-2011, 01:35 PM

Quote:

Originally Posted by franckypic

-So as kao said I have to rip 2 full classes and one managed ressource to create a cryptor / decryptor.

You do not need to do this. CryptoObfuscator's string decryption is supported by SimpleAssembly Explorer. You can of course make a string tool for practice, but it really is not needed as it is already done.

Nehmia · #22 06-24-2011, 04:06 AM

Hi Kao,

I've been waiting for your reply for so long now. I'ven't been able to solve the errors by myself. Could you please give me a hand on this since you've pretty good experience with these things? Please, i would really appreciate it if you can give me an advice or comment on the problem I posted before.

Thanks in advance

bball0002 · #23 07-04-2011, 02:22 PM

SimpleAssembly Explorer has a control flow deobfuscator. Just use that. You can deobfuscate to analyze code, and then you can patch the same method in the obfuscated exe.

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode