 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
|
|
|
|
||||||||||
|
||||||||||||||
|
||||||||||||||
|
#131
06-11-2007, 11:00 AM
|
|||
|
|||
Unpacking codeveil again
__________________
Life can only be understood backwards but It must be read forwards. 
|
|
#133
06-14-2007, 07:04 PM
|
|||
|
|||
@rongchaua: I hope it's ok to post my answer to u over here,
to make it clear for others, too  Quote:
but I guess, I was a bit lazy at this point ? With smartkill 0.3 u do NOT need to dump the resource anymore ! Just drag&drop the .EXE in - and u'll already get the right ID offsets ! It doesn't work with dumps, since there's NOTHING in this resource to calculate the ID offset. Coz smartassembly v2 takes the public key token of the signed file to calculate it. This also means, that after removing a strongname, it won't work, coz smartkill won't find this token anymore. So it works only with an original exe ! I hope it's clear now... Greets
|
|
#134
06-18-2007, 09:54 AM
|
|||
|
|||
|
CodeVeil - IL Encryption Question
Hi,
I have read your tutorials of codeveil v1.2 and v1.3, the problem i have, i can restore the file from the memory dump, BUT the IL Code parts are still encrypted (in memory), so the memory dump method is useless when CodeVeil with IL Encryption is used. do you have methods / tutorials decrypting the IL Code Parts ? greets, a. Quote:
|
|
#136
06-18-2007, 03:29 PM
|
|||
|
|||
|
Yes indeed, weird.
You can open the reconstructed file in reflector or ildasm and can also go on a method and see the correct il code ? My experiences with il encryption option on, are only reconstructed files which can be open correctly in reflector or ildasm, BUT the il code is broken / incorrect when i click on a class method. is it possible to post a example package with original, dumped and reconstructed files ? greets, a. Quote:
|
|
#137
06-18-2007, 05:51 PM
|
|||
|
|||
Quote:
http://rapidshare.com/files/38004014/EasyOne.rar.html
|
|
#138
06-18-2007, 07:24 PM
|
|||
|
|||
|
Nice Sample, but the original file (before codeveil) is missing.
With this sample i can get the correct il code from memory dump, so i think, you haven't used the "MSIL Encryption" option with it. greets, a. Quote:
|
|
#139
06-18-2007, 08:55 PM
|
|||
|
|||
|
ok, i check it all again, conclusion :
codeveil 1.2 - memory dump has incorrect / corrupted il code codeveil 1.3 - memory dump has correct il code so v1.2 is from protection better than newer version 1.3 as a sample i tried to memory dump the encoding library from codeveil application : Xheo.codeveil.encoder.v1.dll weird. a. Quote:
|
|
#140
07-06-2007, 09:06 AM
|
|||
|
|||
|
Hi All,
I am a entry level member in Reverse engineering .NET controls. I have done .Net components for VStudio like DXperience, Janus Winforms, Telerik, etc. I am trying the Janus Webforms trial, but got stuck up. The assembly seems to be obsfucated. Shall i post my questions for this program here?
|
That's weird !
Linear Mode
