Cracking xheo obsfucation...

[SSBelmont]

Are there any known approaches to crack xheo? My Boss is considering purchasing this tool for obsfuction and I would like to prove to him it can be reversed.

Any recommendations for coming up with a proof of concept?

Thanks!
SS

[Kurapica]

Xheo.DeployLX.Enterprise.Edition.v3.0.R16233-Lz0.zip

XHEO.Codeveil.v1.3.R5901-Lz0.rar

best proof ?

[SSBelmont]

XHEO.Codeveil.v1.3.R5901-Lz0.rar

Quote:

Originally Posted by Kurapica

Xheo.DeployLX.Enterprise.Edition.v3.0.R16233-Lz0.zip

XHEO.Codeveil.v1.3.R5901-Lz0.rar

best proof ?

What I looking for is not how to crack the tool itself, but to reverse the code or assembly that the xheo obsfucation has been applied to so it's readable using .NET Reflector (RedGate).

[Kurapica]

maybe you didn't understand me !

that fact that the tool was cracked, simply means that its protection was broken using tools like Reflector or others because the tool is protected by its own protection method.

[SSBelmont]

Quote:

Originally Posted by Kurapica

maybe you didn't understand me !

that fact that the tool was cracked, simply means that its protection was broken using tools like Reflector or others because the tool is protected by its own protection method.

Ok, that makes sense. Are you familiar with the method and how I can use the approach to view an application in reflector that has applied XHEO?

I have read about the method tables and the work that UFO and others have done, but have not found any steps on how to do this manually or via an unpacker or deobfuscation tool.

Thanks for all the help.

[Kurapica]

sorry my friend but If I show you the way then I will have to kill you

kidding...

I mean it's not a public knowledge, I think you will have to analyze it and find your own way, no one will give you a one-click tool to crack this :|

good luck