thtrhtrhtrh
Decentralized Application Builder
Divine
LEVEL 1
700 XP
Ways of Unpacking .NET Based Applications
Did you ever drag and drop an application that you were told it's .NET based to actually find out this on dnSpy
you were like
Did you ever drag and drop an application that you were told it's .NET based to actually find out this on dnSpy
you were like
and Universal FixerYou must upgrade your account or reply in the thread to view hidden text.
Scylla who doesn't know this mastyerpiece, it's the most common used one by Reverse engineers as it comes bounded to x64dbg by default, the features that offered to Reversers during their reversing process to you made it one of the best process dumper and most used in the field so basically in our case here we gonna have to run the program, wait for it to load and start where you can actually see it executing then run Scylla, select the process then press dump, after that start the universal fixer, get the app into it and fix the .NET data. Finally you should be left with your unpacked exe
& Another 2 masterpieces but this is gonna be for the n00b users and those who just wanna get the unpacked version like real quick no timez to waste studying how the unpacker workz xDzYou must upgrade your account or reply in the thread to view hidden text.
Simply run the application once again and open one of the 2 tools then right click the process and dump!
Who said dnSpy can't be used to dump processYou must upgrade your account or reply in the thread to view hidden text.
So yeah these were some simple methods that you can use to dump .NET packed programs, but dont think it's that easy, sometimes you gonna face some applications that uses AntiDump techniques, the last method using dnSpy should be enought to bypass that but will make sure to post about it as soon as possible!
I've written all these stuffs on my own to take care and have fun reverse engineering