+- الفريق العربي للهندسة العكسية (https://www.at4re.net/f)
+-- قسم : منتديات الهندسة العكسية - Reverse Engineering Forums (https://www.at4re.net/f/forum-4.html)
+--- قسم : البرامج و أدوات الهندسة العكسية - RCE Tools (https://www.at4re.net/f/forum-29.html)
+--- الموضوع : RozDll (The New Dynamic Proxy Dll Generator) (/thread-3667.html)
RE: RozDll (The New Dynamic Proxy Dll Generator) - Newhak - 09-01-2024
(09-01-2024, 06:17 AM)ROZBUD كتب : The main benefit here, is that RozDll break the protection without real/physical patching or affecting/touching the target
Can you please give us a practical insight on how to do this without the use of any tools. I mean, explain please your technique. However, a step by step video tutorial on how to achieve this will be very beneficial. In addition to this I am also eager to see your method of delaying the patching in the memory.
RE: RozDll (The New Dynamic Proxy Dll Generator) - ROZBUD - 09-01-2024
(09-01-2024, 09:44 AM)Newhak كتب : Can you please give us a practical insight on how to do this without the use of any tools
Dear Newhak
As I promised you, in the next Tutorial, I'll explain the last update (Dll to Dll) with a practical example, however if you are looking for the method used, then, I find this difficult to explain as it involves huge operations between C/C++ Code & API functions which related to Memory Access, Smart Pointers & Process Operations
As I promised you, in the next Tutorial, I'll explain the last update (Dll to Dll) with a practical example, however if you are looking for the method used, then, I find this difficult to explain as it involves huge operations between C/C++ Code & API functions which related to Memory Access, Smart Pointers & Process Operations
RE: RozDll (The New Dynamic Proxy Dll Generator) - Newhak - 09-01-2024
(09-01-2024, 12:00 PM)ROZBUD كتب : As I promised you, in the next Tutorial, I'll explain the last update (Dll to Dll) with a practical example
I am not only interested in applying DLL to DLL patching as it is, at the end of the day, someting running in hidden. i.e. it's rather at most a use of your tool without understading the technique itself. However, I know that you maybe hooking some API's such as MapViewOfFile or some others and probably you export a certain chunk of code to a temporary location in the dynamic memory, and delay the patching until a certain time when you apply your patch. But I think there's no harm to explain at least how to do this without going into a hassle process of coding, Sorry to say this will not be RE otherwise, my friend
Please do not get me wrong as I greatly appreciate your work. Your tool is indeed powerful and invaluable and will significantly alleviate the patching of protected app's but I am a different person who cannot just follow some instructions in using any RE tools blindly, I am rather very meticulous about the concepts. Finally, my deer brother don't give me a fish but teach me how to fish, RE is teaching and learning support but not cracking only
RE: RozDll (The New Dynamic Proxy Dll Generator) - ROZBUD - 09-01-2024
RE: RozDll (The New Dynamic Proxy Dll Generator) - Hacknew - 09-01-2024
@rozbud can you make a short video how to use your tool when target protected by vmp
RE: RozDll (The New Dynamic Proxy Dll Generator) - ROZBUD - 09-01-2024
(09-01-2024, 04:30 PM)Hacknew كتب : @rozbud can you make a short video how to use your tool when target protected by vmp
You can virtually unpack it, get the patching RVA's then read/watch the tutorials in the following page
https://www.at4re.net/f/thread-3667-post-18458.html#pid18458
https://www.at4re.net/f/thread-3667-post-18458.html#pid18458
RE: RozDll (The New Dynamic Proxy Dll Generator) - Hacknew - 09-01-2024
So I have to unpack or don’t need unpack target ? So my language very poor !
RE: RozDll (The New Dynamic Proxy Dll Generator) - Newhak - 09-01-2024
(09-01-2024, 04:27 PM)ROZBUD كتب : don't give me a fish but teach me how to fish
قد وصلتني السمكة والبهارات وطريقة الاعداد فجزاك الله كل خير
(09-01-2024, 05:24 PM)Hacknew كتب : So I have to unpack or don’t need unpack target ? So my language very poor !
Bro, the answer was clear enough. You need to study your VMP protected app and locate where you want to patch it. Then fire up the ROZDLL and generate your hook. If still not clear please go back and watch some of the provided tut's on how to do it
RE: RozDll (The New Dynamic Proxy Dll Generator) - samoray - 09-01-2024
(09-01-2024, 05:24 PM)Hacknew كتب : So I have to unpack or don’t need unpack target ? So my language very poor !
You have to run your VMP target on a debugger (be aware of antidebug tricks)
you dont need to unpack it physically, as it will be unpacked in memory at runtime anyway
locate the necessary patches on your target
fireup RozDll and follow the instructions on the video tutorials.
good luck
RE: RozDll (The New Dynamic Proxy Dll Generator) - Hacknew - 10-01-2024
It is very complex with me sorry about that if any bro can make short video I’m very appreciate.