Exetools
Page 10 of 13 « First 89 10 1112 Last »
Show 40 post(s) from this thread on one page

Exetools (https://forum.exetools.com/index.php)
-   Community Tools (https://forum.exetools.com/forumdisplay.php?f=47)
-   -   de4dot - Deobfuscator for .NET (https://forum.exetools.com/showthread.php?t=13951)

EHS4N 04-01-2015 12:48
Modified de4dot it now supports the latest version of .NET Reactor 4.9.7.0
all credits to SHADOW785

http://i58.tinypic.com/alq0xv.png

Code:
http://rghost.net/6ll86FcYf
BR

Git 04-01-2015 16:45
If there was a special 'VIP' version of de4dot, I haven't seen anywhere.

Git

leetone 04-02-2015 03:01
Quote:
Originally Posted by Git (Post 98661)
If there was a special 'VIP' version of de4dot, I haven't seen anywhere.

Git
Good. That's how it should be. This is the post that prompted me to say that:

Quote:
Originally Posted by giv (Post 97427)
For those who does not know all start when a private version was leaked from VIP area by a VIP of Exetools.

Don't worry.
Common obfuscations will always have a tool coded for deobfuscate.
Or you can start to learn I.L. and maybe make your own deobfuscator or modify de4dot to adapt to new requirements.

Anyways, I'm gonna check out this 4.9 reactor modded version posted above...very excited!

Git 04-02-2015 16:39
"leaked from VIP area". This is precisely what I mean. There is no special version in the VIP area, and I don't recall ever seeing one there. I don't know where giv is getting his info.

Git

daqstar 04-27-2015 20:50
de4dot v3.1.41592.3405
 
1 Attachment(s)

Here is the latest Release:

NoYes 04-27-2015 23:52
difference
 
Quote:
Originally Posted by daqstar (Post 99290)

Here is the latest Release:
Hello daqstar,
Can you tell us what's the difference between your post version and the 0xd4d's last release version, because the files version are the same.

sendersu 04-28-2015 03:02
Quote:
Originally Posted by EHS4N (Post 98660)
Modified de4dot it now supports the latest version of .NET Reactor 4.9.7.0
all credits to SHADOW785

http://i58.tinypic.com/alq0xv.png

Code:
http://rghost.net/6ll86FcYf
BR
does not recover following binary (supposing it is a new ver of .net reactor)

just says a ton of mesages like
.........
WARNING: Could not deobfuscate method 06000004. Hello, E.T.: System.ArgumentOutOfRangeException
.........
ERROR: Local/arg index doesn't fit in a UInt16
ERROR: Local/arg index doesn't fit in a UInt16
ERROR: Error calculating max stack value
ERROR: Local/arg index doesn't fit in a UInt16
ERROR: Local/arg index doesn't fit in a UInt16
..........


not sure if someone is interesting in reversing.....

ahmadmansoor 04-28-2015 03:46
Yes it is new .net reactor .
I have Target protected .but it is for x64

speedboy 04-29-2015 10:49
Where is the special 'VIP' version of de4dot?

mr.exodia 04-29-2015 19:15
Quote:
Originally Posted by speedboy (Post 99314)
Where is the special 'VIP' version of de4dot?
There is none as mentioned various times in the thread.

Sir.V65j 05-16-2015 17:54
Quote:
Originally Posted by ιvancιтooz
Today I bring all this de4dot, who works for the latest versions of CryptoObfuscator, PhoenixProtector and NetReactor , I hope you like it, if they have a problem tell me in the comments and I'll try solve.





Crypto With de4dot 3.4.1 without modded: http://prntscr.com/75gvxp

Crypto With this de4dot: http://prntscr.com/75gx1x



Target With CryptoObfuscator Build 150203: http://www74.zippysh...v3LGt/file.html

Target Cleaned With this de4dot: http://www14.zippysh...v849N/file.html



Credits to :

-SHADOW_UA for help me on .NetReactor

-TheProxy for PhoenixProtector and OrangeHeap
source Link

mdj 05-16-2015 22:04
Quote:
Originally Posted by Sir.V65j (Post 99633)
Updated:

- new support added to orangeheap
https://mega.co.nz/#!rRsj1b7S!nW9HOO...x9ykimkDV7ybVY

leetone 05-17-2015 14:12
Hey guys, news on 5/16/2015
mr. EXODIA opened a new repository on github :) it's a fork of 0xd4d/de4dot -- and can be found here: https://github.com/mrexodia/de4dot

What is it?
Well, as of right now there are 2 branches. 'master' which is inline with the de4dot upstream, or 'dynamic-loading' which has 7-9 commits beyond master:
http://i.imgur.com/aM8ZoKG.png

Really good stuff....

Hypnz 05-17-2015 19:47
Well done Mr.Exodia
Now de4dot has public sources as supposed to be :)

mr.exodia 05-17-2015 19:50
@leetone: The new branch of interest is dynamic_loading_fix, which allows for dynamic deobfuscator module loading (making the spread of all these modified versions unnecessary since you can just give the dll required).


All times are GMT +8. The time now is 01:02.
Page 10 of 13 « First 89 10 1112 Last »
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX