Reverse Engineering Team Board

Reverse Engineering Team Board (http://www.reteam.org/board/index.php)
-   .NET Reverse Engineering (http://www.reteam.org/board/forumdisplay.php?f=28)
-   -   Unpacking/Deobfuscating a .NET application protected with Crypto obfuscator v5.x (http://www.reteam.org/board/showthread.php?t=3794)

bball0002 06-05-2011 01:35 PM

Quote:

Originally Posted by franckypic (Post 28583)
-So as kao said I have to rip 2 full classes and one managed ressource to create a cryptor / decryptor.

You do not need to do this. CryptoObfuscator's string decryption is supported by SimpleAssembly Explorer. You can of course make a string tool for practice, but it really is not needed as it is already done.

Nehmia 06-24-2011 04:06 AM

I need Help
 
Hi Kao,

I've been waiting for your reply for so long now. I'ven't been able to solve the errors by myself. Could you please give me a hand on this since you've pretty good experience with these things? Please, i would really appreciate it if you can give me an advice or comment on the problem I posted before.

Thanks in advance

bball0002 07-04-2011 02:22 PM

SimpleAssembly Explorer has a control flow deobfuscator. Just use that. You can deobfuscate to analyze code, and then you can patch the same method in the obfuscated exe.


All times are GMT -4. The time now is 11:55 PM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.