Looking for someone who's able to crack a software.
by sdk001 - November 21, 2021 at 12:09 AM
#1
Hi! I'm looking for someone who's able to crack an exe.
It's basically an ahk compiled to exe, probably packed with upx.
Offers in dm, or dc.
Reply
#2
[quote="sdk001" pid='4638189' dateline='1637449747']
Hi! I'm looking for someone who's able to crack an exe.
It's basically an ahk compiled to exe, probably packed with upx.
Offers in dm, or dc.
[/quotee]

pm me , bruh
Reply
#3
(November 21, 2021 at 12:09 AM)sdk001 Wrote: Hi! I'm looking for someone who's able to crack an exe.
It's basically an ahk compiled to exe, probably packed with upx.
Offers in dm, or dc.

Why not sharing the binary and give a chance to everyone to give it a try ?
Reply
#4
(November 21, 2021 at 12:20 PM)uCare Wrote:
(November 21, 2021 at 12:09 AM)sdk001 Wrote: Hi! I'm looking for someone who's able to crack an exe.
It's basically an ahk compiled to exe, probably packed with upx.
Offers in dm, or dc.

Why not sharing the binary and give a chance to everyone to give it a try ?
because if someone is really interested then they'll dm me, tons of time waster already spammed my other threads, anyways there's the program if u wanna try it. https://we.tl/t-hIKCOhZb4t
Reply
#5
It was upx packed. This thread is apparently a time-waster. The software isn't even protected from what I can tell and has no functionality that isn't reachable from the interface that I can see. It is maybe supposed to be some game cheat or spoofer of some sort, but looks pretty useless. Deleting the VM and moving on...

(there is nothing to crack!)
Reply
#6
Oops I can't edit my post. Well, yeah turns out there is a message about activation after awhile of running (I left the VM open and when I went back to shut it off saw the popup) - anyway I was wrong there is something to crack. Still if it really is autohotkey the best approach should be to get the source (usually viewable with a text editor) but the tools I saw that do this (and strip mpress) all failed and nothing is visible in the file, so yeah I stand corrected it would have to be cracked. Looking at it in x32dbg, it's not clear which of those branches is the one of concern - the execution map is a mess.
Reply
#7
(November 22, 2021 at 05:20 AM)zeneq Wrote: Oops I can't edit my post.  Well, yeah turns out there is a message about activation after awhile of running (I left the VM open and when I went back to shut it off saw the popup) - anyway I was wrong there is something to crack.  Still if it really is autohotkey the best approach should be to get the source (usually viewable with a text editor) but the tools I saw that do this (and strip mpress) all failed and nothing is visible in the file, so yeah I stand corrected it would have to be cracked.  Looking at it in x32dbg, it's not clear which of those branches is the one of concern - the execution map is a mess.

I have the old sources of this software, but it has the updated links/methods in the source I have to get. Basically it's protected with upx so unpacking should be upx.exe -d, after unpacking and checking it with DIE it's shows no protector (unpacked?), but when I wanna try to check the source with notepad++, or any tool which is capable of looking into rcdata/rawdata, the txt which should contain the source is not understandable 10k lines of mess.

It's 100% autohotkey, I have no clue what the hell is happening.
Reply
#8
You have script decrypts. Exclamation

Script start with:

; <COMPILER: v1.1.33.10>
#NoEnv
#UseHook
#InstallMouseHook
#WinActivateForce
#NoTrayIcon
#SingleInstance ignore
FileDelete, C:\Users\Default\Update.bat
Global Srok
SendMode Input
if not A_IsAdmin{
Run *RunAs "%A_ScriptFullPath%"
ExitApp
}
SetBatchLines -1
RegSearchTarget = \EscapeFromTarkov.exe
Gosub, RegSearch
pass:= EFTDir


Have 5 link pastebin. Example:


:
Instruction:
check4("https://pastebin.com/raw/jGgZJ0fZ")
check4(link)    {
oWhr.Open("GET", link, false)
oWhr.Send()
Instruction:= oWhr.ResponseText
    :

etc.

It have check for debugger or VM. Bypass it.

Strange, I not find message of errors in script for choose color.  Sad

Bye
Reply
#9
(November 22, 2021 at 02:45 PM)apk-lover Wrote: You have script decrypts. Exclamation

Script start with:

; <COMPILER: v1.1.33.10>
#NoEnv
#UseHook
#InstallMouseHook
#WinActivateForce
#NoTrayIcon
#SingleInstance ignore
FileDelete, C:\Users\Default\Update.bat
Global Srok
SendMode Input
if not A_IsAdmin{
Run *RunAs "%A_ScriptFullPath%"
ExitApp
}
SetBatchLines -1
RegSearchTarget = \EscapeFromTarkov.exe
Gosub, RegSearch
pass:= EFTDir


Have 5 link pastebin. Example:


:
Instruction:
check4("https://pastebin.com/raw/jGgZJ0fZ")
check4(link)    {
oWhr.Open("GET", link, false)
oWhr.Send()
Instruction:= oWhr.ResponseText
    :

etc.

It have check for debugger or VM. Bypass it.

Strange, I not find message of errors in script for choose color.  Sad

Bye
I know that it's has a "banlist" blocking x64dbg, httpdebugger etc, I have the old sources like 10 of them, may I ask u how did u manage to export the source?
Reply
#10
Hello.
Source crypted in RCDATA resources.
I open with debugger and put bp on CryptDecrypt and do trace.

You see it work with line by line.
I extract but some thing app use in exe.
Reply
#11
pm me if you are willing to pay.
Reply

Possibly Related Threads…
Thread Author Replies Views Last Post
[REQUEST] Animation Studio Software/Tablet Software Dredgen Sun 4 297 October 28, 2021 at 03:18 PM
Last Post: Dredgen Sun
Looking for Laptop Spy software bichicagoja 5 516 September 11, 2021 at 03:06 PM
Last Post: Raidjustin1
Looking For Text Processing Software MrFoodProcessor 7 631 February 18, 2021 at 05:32 AM
Last Post: MrFoodProcessor

 Users browsing this thread: 2 Guest(s)