+- الفريق العربي للهندسة العكسية (https://www.at4re.net/f)
+-- قسم : منتديات الهندسة العكسية - Reverse Engineering Forums (https://www.at4re.net/f/forum-4.html)
+--- قسم : البرامج و أدوات الهندسة العكسية - RCE Tools (https://www.at4re.net/f/forum-29.html)
+--- الموضوع : FIXIT (the new Proxy/Hijacked DLL Generator) (/thread-3655.html)
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - samoray - 03-09-2023
(02-09-2023, 04:37 PM)ROZBUD كتب : share with me a link to your target packed file & note that FIXIT may not work with STRONG Crypted/Packed files
Well, the application name is "AML Pages" and here is a link to download the installer if you can try patch it using your tool it would be perfect.
http://amlpages.com/Source/amlpages_en.zip
your tool is very promissing in the RCE world, thanks again for your efforts on releasing such a tool
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - ROZBUD - 03-09-2023
FIXIT Work, comes after you crack the program, by creating a proxy DLL that includes the patch code
AML Pages' software is protected with VMPROTECT where I'm unable to crack it'
Send me the patched bytes information, so I use FIXIT to create the Proxy DLL, or send me another easy packed sample file (i.e. packed with UPX )
AML Pages' software is protected with VMPROTECT where I'm unable to crack it'
Send me the patched bytes information, so I use FIXIT to create the Proxy DLL, or send me another easy packed sample file (i.e. packed with UPX )
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - samoray - 03-09-2023
(03-09-2023, 04:06 PM)ROZBUD كتب : AML Pages' software is protected with VMPROTECT where I'm unable to crack it'
Indeed as I said before here exactly :
https://www.at4re.net/f/thread-3655-post-18122.html#pid18122
the software is virtualized in some parts of the code and then compressed with UPX I know it's a hard target.
ok let me check for other software and I'll give you the whole information
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - ROZBUD - 04-09-2023
Gents
As promised, here is my first FIXIT Tutorial
As promised, here is my first FIXIT Tutorial
FIXIT Tutorial #1
E@sy Dupl1cate F1nder (EDM) v7.xx (@=a, 1=i)
E@sy Dupl1cate F1nder (EDM) v7.xx (@=a, 1=i)
EDF is protected with a modified UPX (CRC/MD5/File-size check). In this tutorial I will show you how ‘FIXIT’ can help you produce a tiny Proxy DLL, which can be dropped into EDM folder to perform a complete clean patch
I divided this tutorial into 2 parts, the first one is the classic way of patching & the second with FIXIT
Patching EDM, using Inline Patching: The link below, shows you, the classic way, were we used the Inline Patching to modify EDM (protected with a ‘UPX Modified Packer)
https://www.mediafire.com/file/8wxylgoe1ciphuc/EDM_First_Tut.pdf/file
Patching EDM, using FIXIT
In the first tutorial, we changed many bytes and used Inline Patching to patch EDM. Well, you don’t need to do these stuff with FIXIT. Please follow the second tutorial to know how we do this
https://www.mediafire.com/file/76ww2wz4qhxozyf/EDM_Second_Tut.pdf/file
EDM (Target)
https://www.mediafire.com/file/frk09qazjtnx9ea/EDM.rar/file
I divided this tutorial into 2 parts, the first one is the classic way of patching & the second with FIXIT
Patching EDM, using Inline Patching: The link below, shows you, the classic way, were we used the Inline Patching to modify EDM (protected with a ‘UPX Modified Packer)
https://www.mediafire.com/file/8wxylgoe1ciphuc/EDM_First_Tut.pdf/file
Patching EDM, using FIXIT
In the first tutorial, we changed many bytes and used Inline Patching to patch EDM. Well, you don’t need to do these stuff with FIXIT. Please follow the second tutorial to know how we do this
https://www.mediafire.com/file/76ww2wz4qhxozyf/EDM_Second_Tut.pdf/file
EDM (Target)
https://www.mediafire.com/file/frk09qazjtnx9ea/EDM.rar/file
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - ROZBUD - 07-09-2023
FIXIT (Pre-Release) has been Updated
New Updates
No More Delay at Startup
Include both RVA and Memory Address
Code Correction and UI Enhancement
Remove Un-Necessary Creation Method
Note
The next release will include DLL Detection and Much more, however, if NO Participation, this release will be the last one and it will be removed
https://www.mediafire.com/file/ikrgawr8a55fstz/FixIt.rar/file
New Updates
No More Delay at Startup
Include both RVA and Memory Address
Code Correction and UI Enhancement
Remove Un-Necessary Creation Method
Note
The next release will include DLL Detection and Much more, however, if NO Participation, this release will be the last one and it will be removed
https://www.mediafire.com/file/ikrgawr8a55fstz/FixIt.rar/file
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - DarkDeath - 08-09-2023
شكرا لك
الباس للملف المضغوط مطلوبه
إقتباس :FIXIT (Pre-Release) has been Updated
New Updates
https://www.mediafire.com/file/ikrgawr8a...t.rar/file
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - ROZBUD - 08-09-2023
Password is written in the first page
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - samoray - 08-09-2023
(07-09-2023, 03:16 PM)ROZBUD كتب : The next release will include DLL Detection and Much more, however, if NO Participation, this release will be the last one and it will be removed
Your project is very promising, please keep up the good work
it happens some times that everyone is busy with real life but this doesnt mean that they are not interested
talking about myself, I want to try your project with so many applications but I cant find the time to do so.
Thank you for your hard work.
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - ROZBUD - 08-09-2023
FIXIT Tutorial #2
o1o Edit0r (Latest Version 14.0)
We all know this famous program, which help us edit almost every file on earth…
Today, I will show you how to use FIXIT to create a Tiny Proxy DLL that you can drop it in its folder to perform a Clean Complete Patch
This tutorial is not intended to show you how to Patch it, but to show you how FIXIT will be an alternative to all the swords, Knives & Guns, you usually use when you patch a program
Watch this Video
https://www.mediafire.com/file/goviamhqeoqqf26/Fixit_Tutorial.mp4/file
Target
https://www.mediafire.com/file/nvmrp031n2q6n4d/oioEd1tor.rar/file
o1o Edit0r (Latest Version 14.0)
We all know this famous program, which help us edit almost every file on earth…
Today, I will show you how to use FIXIT to create a Tiny Proxy DLL that you can drop it in its folder to perform a Clean Complete Patch
This tutorial is not intended to show you how to Patch it, but to show you how FIXIT will be an alternative to all the swords, Knives & Guns, you usually use when you patch a program
Watch this Video
https://www.mediafire.com/file/goviamhqeoqqf26/Fixit_Tutorial.mp4/file
Target
https://www.mediafire.com/file/nvmrp031n2q6n4d/oioEd1tor.rar/file
RE: FIXIT (the new Proxy/Hijacked DLL Generator) - mounirsoltan - 09-09-2023
Thank you for the helpful tutorial, ROZBUD. It's now clear to everyone how to patch simple bytes. I believe it's more stable in Windows 11, which is a great improvement for its users. Your project has a lot of potential, as my friend Samoray mentioned earlier. However, when dealing with hard protection, there are two things that I couldn't find in Baymax or didn't work as expected. If it's possible, could you add the shfolder dll proxy library to your tool? Additionally, it would be amazing if there was an ability to patch registers in runtime based on hardware breakpoints and RVA. hope I'm not asking for anything complex, just these two features would be greatly appreciated.