justcry.op7 (11-07-2018),Leendesst (08-06-2016),pooyah33 (01-12-2018),sobhe elkade (01-31-2019),The 7th Hokage (07-20-2016)
Hey.
So you know how you make a program and you have some strings that you dont want others to see...
For example:
You know a special link, your program visits that link, but you dont want others to know.
You connect to an smtp email server, and you have your email credinitials.
You want to hide properties of a string to protect from leeching.
You encrypt the program... But then what? Not everyone is stupid, someone is going to decrypt it using some online tool right?
Well, fear no more.
Introducing PKEncoder.
You know how you can encode everything to base64 right?
This program does it for you.
And you may be thinking : "Well thats stupid, people will just decode it using some online base64 decoding site"
Hehehe... This program encodes the strings you want for AS MANY TIMES AS YOU WANT, in less than 2 seconds.
You may be wondering : "That sounds good and all, but how am I supposed to get the actual value of the string?"
Heh.
This program saves vb.net code to desktop OPTIMIZED to decode your string, on runtime.
So for example, if you encode your string 50 times, a txt will be saved on your desktop, where you can get the code from, paste it in vb, and when you run the program you get the decoded value.
Why is this great?
Because leechers, even if they can decrypt your program, when they see the string, they will try to decode it once... twice... thrice... it wont work, because you encoded it so many times. Chances are, they dont even know how to decode it in the first place!
Virus scans:
1
2
Will do:
So that you can change language to C# and vb.net since they are very similar.
And of course, your suggestions.
- - - Updated - - -
@Mayion I'm mentioning you to check and approve this, since you might miss it, section is pretty dead :s
Last edited by New; 07-16-2016 at 01:47 PM.
New
Current Project:
SimpleExaltHack
Outdated stuff I made in the past:
Famebot
Clientless tradebot
RotMG ping checker
Zautonexus crack
justcry.op7 (11-07-2018),Leendesst (08-06-2016),pooyah33 (01-12-2018),sobhe elkade (01-31-2019),The 7th Hokage (07-20-2016)
Sounds really nice
Since we are in the vb.net section and there aren't any sensitive data in your project, would you release the source too?
You do realize it's possible to decompile .NET modules, read the plain code and automatically decrypt the strings by functioning the same loop?
/Approved.
I do not use any type of messenger outside of MPGH.
Inactive but you can reach me through VM/PM.
_NightWare (07-17-2016)
Yea I do realize that. You can however find a way to hide the amount of times it was encoded, and if you encrypt your project as well as encode the strings this way, I think your program would be 100% protected from leechers and even novices at decrypting.
Sure
Code:Imports System.Text Module Module1 Dim nameofstring As String = "" Dim stringvalue As String = "" Dim amount As Integer = 1 Sub Main() Console.Write("> ") Console.ForegroundColor = ConsoleColor.Cyan Console.WriteLine("Name of the string : ") Console.ResetColor() nameofstring = Console.ReadLine Console.Write("> ") Console.ForegroundColor = ConsoleColor.Cyan Console.WriteLine("String value : ") Console.ResetColor() stringvalue = Console.ReadLine Console.Write("> ") Console.ForegroundColor = ConsoleColor.Cyan Console.WriteLine("Amount of times to encode : ") Console.ResetColor() Try amount = Console.ReadLine() Catch ex As Exception amount = 1 End Try Encode() End Sub Sub Encode() Dim code As String = stringvalue Dim i As Integer = 0 Dim bytes As Byte() Dim codex As String = "" If i = 0 Then For k As Integer = 0 To amount bytes = Encoding.UTF8.GetBytes(code) Dim base64 = Convert.ToBase64String(bytes) code = base64 If k = amount Then codex = codex + "Dim " + nameofstring + " As String = " + Chr(34) + code + Chr(34) + Environment.NewLine codex = codex + "Dim amount As Integer =" + amount.ToString + Environment.NewLine codex = codex + "Dim lol As Integer = -1" + Environment.NewLine codex = codex + "Do until lol = amount" + Environment.NewLine codex = codex + "Dim dataz As Byte() = Convert.FromBase64String(" + nameofstring + ")" + Environment.NewLine codex = codex + nameofstring + " = Encoding.UTF8.GetString(dataz)" + Environment.NewLine codex = codex + "lol += 1" + Environment.NewLine codex = codex + "Loop" + Environment.NewLine codex = codex + "Console.WriteLine(" + nameofstring + ")" + Environment.NewLine End If Next k Dim file As System****.StreamWriter file = My.Computer.FileSystem.OpenTextFileWriter("C:\Users\" + Environment.UserName + "\desktop\YourCode.txt", True) file.WriteLine(codex) file.Close() Console.WriteLine("Done. Code was saved to desktop. Have fun. Press enter to exit.") Dim d As String = Console.ReadLine 'Wait until they press enter, Yes I know, lazy way of doing it. End If End Sub End Module
New
Current Project:
SimpleExaltHack
Outdated stuff I made in the past:
Famebot
Clientless tradebot
RotMG ping checker
Zautonexus crack
RoPMadM (07-17-2016)
New (07-17-2016)
Just the strings of the program can be encrypted, the source must be decrypted, else it wouldn't run.
I have a question: what is this program useful to? Why do you need to naively encode your variable, method names if not to try to confound the reader, if he still can see the code?
Nine11 (02-13-2017)
Ok..
But good luck seeing the code I guess..?
And yes when I say "You encrypt the program" I mean that you use something else to encrypt it aswell. I have encrypted some of mine with random encrypters, people were still able to get the strings tho. With this, what are they going to do, even if they can get the strings? (Which I assure you, noone can decrypt confuserex on maximum.)
Last edited by New; 07-17-2016 at 08:08 AM.
New
Current Project:
SimpleExaltHack
Outdated stuff I made in the past:
Famebot
Clientless tradebot
RotMG ping checker
Zautonexus crack
You are mixing up some different concepts: obfuscation and deobfuscation with encrypting and decrypting. There is some difference: obfuscation makes just harder (how much harder is it would be just a detail) the code to read; encryption is used to protect stored data with often a secret key (by seeing your code you posted, you are not, so it is more useless).
If an user has an obfuscated code, at least something could be visible; with an encrypted string, you can't decrypt without your secret key (but wait, you are not using a secret key ... what stops me from decoding your string?). The base64 encoded value of the string 'email' is just overlength. You've encoded something else, for sure not an email.
I don't know what's the point of Confuser in this thread. However, you are just wrong. Maybe you can't, but it's probably not possible if you are not familiar with .net reversing, but I can tell you it's possible: when I was a Windows user, I did it with other packers too.
I'm not rude, but I'd suggest you to revalue your program's utility, instead of screening me obfuscated codes with Confuser.
Nine11 (02-13-2017)
Everyone is just words. No actions. As I said, it's not possible. End of story. Don't tell me bs that "everything is possible with enough effort". If you want to spend more than 5 years of your life trying to decrypt it, sure it is possible. But lets see you do that.
And you think that EVERYONE knows:
1. What base64 is
2. That the string is encoded more than 1 times just by looking at it
3. That the random person who will try to decompile it, will see a random integer and think "Oh, maybe its encoded this many times".
I don't care how many other packers you did. Which tool did you use? Oh wait, you are probably going to reply "I deobfuscated it myself without the need of ANY tool". Did you know that de4dot doesn't support confuserex? Obviously not. And when I say it's not possible, there is always someone who can do it.
That someone, is not you however.
- - - Updated - - -
Can you read? Obviously not.
It's not supposed to protect it from master131, it's supposed to protect it from amateurs, that will look at the huge string and quit trying.
Like this minion for example:
(He gave up.)
- - - Updated - - -
Lol alright then.
You obviously don't know what you're even talking about
4*(n/3) N at the start is the amount of chars in bytes 1 char = 1 byte.
Look at this example email
example123@domain.com
Chars = 20
So encoding it in base 64 would give us
4*(20/3) bytes
from 20 bytes to 26.6 (approximate) bytes.
Now, this is just encoding it once
But I did this 20 times.
I made this real quick, calculates exactly how many bytes would be after how many chars:
Review the code here and try yourself if you are still in doubt:
Quote from https://en.wikipedia.org/wiki/Base64Code:Module Module1 Dim chars As Integer Dim timesx As Integer Dim bytes As Integer Dim i As Integer = 0 Sub main() Console.WriteLine("How many chars?") chars = Console.ReadLine() Console.WriteLine("Encode how many times?") timesx = Console.ReadLine() bytes = timesx Do Until i = timesx bytes = 4 * (bytes / 3) i += 1 Console.WriteLine(bytes) Loop Console.ReadLine() End Sub End Module
The ratio of output bytes to input bytes is 4:3 (33% overhead). Specifically, given an input of n bytes, the output will be 4*(n/3) bytes long, including padding characters.
And if you think that the image I provided isn't more than 6000 chars, you probably don't know how to count. Any more questions?
Last edited by New; 07-17-2016 at 11:57 AM.
New
Current Project:
SimpleExaltHack
Outdated stuff I made in the past:
Famebot
Clientless tradebot
RotMG ping checker
Zautonexus crack
It's great to see some life in this section!
It's quite funny to read when people are arguing with each other trying to prove that they're the one who's correct.
But I'm sorry to break it for you, it does not matter how many times your encode it in base64. It'll just ruin the performance of the program. Even though you can hide the integer decently you'd still be able to create a program that decodes it without any problems until it normal again. I wrote one below in C# that doesn't need the amount times encoded just for the giggles.
It has quite good performance, but can probably be optimized even more. Feel free to try it out.
Btw, there might be bugs since I wrote it quickly, but those are always fixable!
Code:public static string DecodeBase64(string s) { byte[] encodedBytes = Convert.FromBase64String(s); return Encoding.UTF8.GetString(encodedBytes); } private static bool IsStringBase64(string s) { try { if (s.Length % 4 != 0) return false; Convert.FromBase64String(s); return true; } catch { return false; } } public static bool IsASCII(string value) { return Encoding.UTF8.GetByteCount(value) == value.Length; } public static string DecodeStringBase64UntilNormal(string s) { string lastString = s; while (IsStringBase64(s)) { lastString = s; s = DecodeBase64(s); // Checks if it decoded beyond the normal string state and prevents it if (!IsASCII(s)) return lastString; } return s; } static void Main(string[] args) { string myString = "Vm0wd2QyUXlVWGxXYTFwT1ZsZFNXRll3Wkc5V2JHeDBaRWhrVmxKc2NEQlVWbU0xVmpBeFYySkVUbGhoTVVwVVZtcEtTMU5IVmtkaVIwWlhWakZLU1ZkV1kzaFRNVWw0Vkc1T2FWSnNXbGhaYTJoRFZWWmFkR05GWkZwV01ERTFWa2QwYTFkSFNrZGpSbWhWVmtWYVNGUlVSbXRXTVd0NllVWlNUbFpVVmtsV2JUQXhWakpHYzFOdVVtaFNlbXhXVm0xNGQxWXhjRlpYYlhSWFRWWmFlVnBGV2xOVWJGcFZWbXhzVjFaNlFYaFZla3BIVmpGT2RWVnNXbWxoTUhCWlYxWlNSMWxXWkVkVmJGWlRZbFZhV0ZadGN6RmxSbHBZWlVaa1ZXSkdjRmxhU0hCRFZqSkZlVlJZYUZkaGExcHlWVEJhVDJOdFJraGhSbEpUVmxoQ1dWWXhaREJaVmsxNFdrVmtWMkpyTlZsWmJHaFRZMVpTVjFwRVFrOWlSM2hYVmpJeFIxWlhTa2RqUmxwWFlsaG9lbFpxU2tabFZsSlpZVVprYUdFeGNGbFhhMVpoVkRKTmVWSnJhR3hTYkVwVVZteG9RMWRzV1hoWGJYUk9VbXR3TUZadGRHdGhiRXBZVld4c1dtSkhhRlJaTVZwelkyeGtkRkp0ZUZkaWEwcElWakowYjJFeFdsaFRhMXBxVWxkU1dGUlhOVk5OTVZweFVtMUdUMkpGY0ZwWGExcHJWakZLVjJOR2JGaGhNVnBvVmtSS1RtVldTbkpoUjJoVFlYcFdXbFpYTVRCa01XUlhWMjVLV0dKSFVtRldha1pIVFRGU1ZtRkhPV2hXYTNCSVdUQmFVMWR0U2xsVmFrNWFaV3RhYUZsNlJsZGpNWEJIWVVkc1UySkdhM2hXYTFwaFZqSkZlRmRzYUZSaVJuQlpWbXRXZDFZeGJISlhhM1JVVW14d2VGVnRkREJoYXpGeVRsVndWazF1YUROWlZXUkdaV3hHY21KR1pHbFhSVXBKVm10U1IyRXhaRWRWYmtwb1VtczFjRlZzVWxkbGJHUllaRWRHYTAxWGVGaFdNV2h2V1ZaS1JsTnRPVlZXYkhCWVZHeGFWMlJIVWtoa1IyaFhZWHBXU0ZaSGVHdGlNVnAwVTJ0b2FGSldTbUZhVjNSaFpXeHJlV1ZIUmxkV2EzQXdXbFZhVDJGV1NuVlJiVVpYVFc1U1dGbHFTa1psUm1SWllrWlNhRTFzU25oV1YzaGhaREZaZUZkdVVteFNXRkpZVkZaYVlWTkdWbk5WYms1V1ZteGFWbFJWVW5KUVVUMDk="; Console.WriteLine(DecodeStringBase64UntilNormal(myString)); Console.Read(); }
Last edited by greyb1t; 07-17-2016 at 02:34 PM.
You don't need to be presumptuous. Secondly,
you clearly do not know that Confuser is vulnerable at memory dumping, in maximum settings too.As I said, it's not possible. End of story
If you are clever and familiar with .NET reversing you can do it in 10 minutes. All you need to have is de4dot, CFF Explorer to change application CPU architecture if required, and WinDbg to breakpoint some startup functions and then dump the module.If you want to spend more than 5 years of your life trying to decrypt it, sure it is possible.
I don't think many people still use de4dot, anymore. Yes, I know there wasn't a full support for ConfuserEx, at least the last time I used it, but it's able to rename some symbols or deobfuscate control flow, so when you will unpack it manually it will be useful.Did you know that de4dot doesn't support confuserex
This is contradictory.And when I say it's not possible, there is always someone who can do it.
Do I know you? Do you know me?That someone, is not you however.
After this, I'm assuming you are bad at cryptography. Your code is wrong, because you are getting the unpadded length. The correct formula is:4*(n/3) N at the start is the amount of chars in bytes 1 char = 1 byte.
Look at this example email
example123@domain.com
Chars = 20
So encoding it in base 64 would give us
4*(20/3) bytes
from 20 bytes to 26.6 (approximate) bytes.
[IMG]https://late*****decogs.com/gif.latex?4%5B%5Cfrac%7Bn%7D%7B3%7D%5D[/IMG]
and you're not rounding up n of bytes to a multiple of 4. So, this representation to get the number of bytes:
[IMG]https://late*****decogs.com/gif.latex?[\frac{n}{3}][/IMG]
is not rounded up.
It's 21 characters, not 20.example123@domain.com
Chars = 20
Me?you probably don't know how to count
You didn't know that I was referring to your second screenshot, which I didn't read it was naively and arbitrarily re-encoded many times, that's why the length is very increased.Lol alright then.
You obviously don't know what you're even talking about
- - - Updated - - -
I forgot to write the correct way you should do it in your code.
Replace this:
to:Code:bytes = 4 * (bytes / 3)
and you're done. Also remember you are wrongly saving the result to a variable named bytes, when you actually are not getting bytes number with this formula. Your code is ugly too.Code:bytes = 4 * Math.Ceiling(Convert.ToDouble(bytes) / 3)
- - - Updated - - -
Wrong. Since .NET strings are stored as UTF16, 1 char is 2 bytes.
@greyb1t yeah, that's why I call this program naive. But there isn't so much to say to optimize your code, but some simple suggestions I'd say is to not catch generic exception in case Convert.FromBase64String() fails. Catching a FormatException is enough to check if the string is completely Base64. And for DecodeBase64(), doing a simple
is ok, without making other objects.Code:return Encoding.UTF8.GetString(Convert.FromBase64String(s));
Nine11 (02-13-2017)
I haven't looked into the code but does it just loop until the string is no longer in base64? Because I have thought of that concept. Anyways, as I said this is made to protect the string from amateurs/novices.
@javalover
[IMG]https://late*****decogs.com/gif.latex?4%5B%5Cfrac%7Bn%7D%7B3%7D%5D[/IMG] I can't see the difference between that, and 4*(n/3)
You mind explaining?
I'm just saying. I have seen many good hackers fail.
Sorry didn't know I had to make my code look beatiful just to show you that the length increases drasticly..
Why exactly? Same thing, and I wasn't trying to make a perfect program, just a demonstration.
Sure you got me.
Alright. Since I have never seen anyone who was actually able to do it and you keep saying that you can, should I add you on skype and send you a file, see if you can decrypt it and show me the source code?
It's a simple request. You can deny it of course, but if you want to prove to me that you can do it, then show me. If you don't want to, it's fine.
- - - Updated - - -
Last thing.
This is made to protect the string from amateurs/novices, @javalover
Apparently I don't know what your skills are, but you don't seem like an amateur. If you were one, I feel like you would be lost in the code. Don't you think?
New
Current Project:
SimpleExaltHack
Outdated stuff I made in the past:
Famebot
Clientless tradebot
RotMG ping checker
Zautonexus crack
How does this compare to Xor-ing it with an xored value from another xored value from another xored value from some random string?
Any advantages/disadvantages?
It also helps to obvuscate before compiling, gread job on this!
I didn't say there is a difference, but I was just going to show where was the error you did later.
No, it isn't the same thing, and if you think it is, you have many unclear concepts. Example: use a base64 encoder, encode 5 times, take length everytime you encode your string in base64, run the program, compare each one and you'll see my one is correct and the lengths will match, and your one is not correct and lengths won't match.Why exactly? Same thing, and I wasn't trying to make a perfect program, just a demonstration.
I can't because as I've already said, I'm not a Windows user anymore. I'm running Archlinux, I can't even develop .net if not by using a mono compiler. So I can't do anything with your program, sorry. As I know there are also some automated unpackers, if I remember, DeConfuser, but I didn't never try it, so I can't tell you.Alright. Since I have never seen anyone who was actually able to do it and you keep saying that you can, should I add you on skype and send you a file, see if you can decrypt it and show me the source code?
It's a simple request. You can deny it of course, but if you want to prove to me that you can do it, then show me. If you don't want to, it's fine.
Nine11 (02-13-2017)
If you're looking for a better type of encryption you'd better off by using dnlib to create your custom obfuscator with string encryption.
Most stuff gets quite simple with that library and you'd easily be able to create a string that does not look like a string.
An example of a string when decompiling an application that has been run through my obfuscator which has yet not been decrypted.
Code:<Module>.pinxalttx = new byte[] { 107, 96, 97, 100, 107, 48 };
Last edited by greyb1t; 07-17-2016 at 04:49 PM.