Jump to content

AmiFeeder 5.63 - Amibroker Data Feed For Indian Market & MCX ( CRACKED )

Shenong

By Shenong
in Trading Platforms

 Share

Recommended Posts

  • Replies 53
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Shenong Grand Master

Shenong

Posted
  • Author
Posted

Bro, sorry, the reverser have not got / given LOGIN Credentials, and the problem when reversers Crack this kind of software, it is frequently that TRADING WORLD / MARKETS is a domain very complex ( with interacting plugins / datafeeds / platforms ) , so, the guys doing the REVERSING jobs, as good / skilled as they may be, can find difficult to test every functions / options BECAUSE they lack global knowledge / vision of the stuff, and what it does......

 

Except some RARE guy like Candyman / rooster1 ( who does some trading ).....My 0.2 cents , guys.....with my FULL RESPECT to these crackers....That's WHY say : remember our golden JhonSn0w who is a STAR amongst the STARS, in the TOUGH world of Reversing FINANCIAL stuff...

 

:D=D>

Link to comment
Share on other sites
  • 2 weeks later...
Shenong Grand Master

Shenong

Posted
  • Author
Posted (edited)
I am not able to open the chart in amibroker, rest all working fine, able to register amifeed is working but the problem with amibroker configuration, I am getting the following error- Error:The formula file referred by this chart cannot be found, any help

 

Bro :)

 

I have seen your arrival in TSRH world, and your post about Amifeeder 5.66.......

 

Permit me a friendly comment / advice about the REQUESTS concerning Trading Apps.....

 

Years ago, some dumb and unfriendly Reverser ( he was V.I.P. of NOTHING at that time - Never seen a CRACK spreaded / made by him - but he has lots of buddies - don't know WHY ) started to show a very critical mind about Requests concerning trading Apps, saying there were lots of "members" trying to get cracks, then, to SELL stuff and make illegal money with the WORK of Reversers, etc......

 

So, beware, his Board name is Dielbach dark guy for sure, always trying to stop Trading stuff or traders.....

 

Well, i have observed him during at least 2 years...

 

Try the STEALTH MODE when he is close...He NEVER REVERSES, anyway but is always fast to throw his venom......>:)

 

Edited by Shenong
Link to comment
Share on other sites
  • 3 months later...
candyman Newbie

candyman

Posted
Posted (edited)

@shenong Dielback is a great reverser that has been on the scene for a long time. he is very respected by other reversers like myself and my friends at TSRH and other boards.

he may come off a little harsh at times, but that is only because 2 things that upsets him. 1 sellers and 2 people that don't try and only look for handouts.

If you show that you at least attempted to "fix" a software he would go out of his way to help you out.

 

@VON KRIEGER I know you. you can patch this yourself. lol

peace fellas

Edited by candyman
Link to comment
Share on other sites
  • 2 weeks later...
kesk Contributor

⭐ kesk

Posted
Posted

I have found the actual URL used in the newer version. However, cant put this URL in the 5.6.3 version since the cr@cked file is highly encrypted and unable to decompile, even to IL code. And I didnt know the original cr@cker method on how to defeat the trial or licensed.

 

Anyone could decompile the cr@cked file, even IL code would be helpful. I am also trying, but so far not successful. Those who know .Net reversing/decryption/unpacking and willing can join hands with me.

Link to comment
Share on other sites
candyman Newbie

candyman

Posted
Posted
I have found the actual URL used in the newer version. However, cant put this URL in the 5.6.3 version since the cr@cked file is highly encrypted and unable to decompile, even to IL code. And I didnt know the original cr@cker method on how to defeat the trial or licensed.

 

Anyone could decompile the cr@cked file, even IL code would be helpful. I am also trying, but so far not successful. Those who know .Net reversing/decryption/unpacking and willing can join hands with me.

 

just use de4dot. it will unpack it with no problem.

Link to comment
Share on other sites
Shenong Grand Master

Shenong

Posted
  • Author
Posted

Well, latest version of de4dot is below :

 

https://github.com/de4dot/de4dot

 

[h=1]Description[/h] de4dot is an open source (GPLv3) .NET deobfuscator and unpacker written in C#. It will try its best to restore a packed and obfuscated assembly to almost the original assembly. Most of the obfuscation can be completely restored (eg. string encryption), but symbol renaming is impossible to restore since the original names aren't (usually) part of the obfuscated assembly.

It uses dnlib (https://github.com/0xd4d/dnlib/) to read and write assemblies so make sure you get it or it won't compile.

[h=1] (https://github.com/de4dot/de4dot#binaries)[/h][h=1]Binaries[/h] Get binaries from the build server badge.svg (https://github.com/0xd4d/de4dot/actions).

[h=1] (https://github.com/de4dot/de4dot#its-free-but-theres-no-support)[/h][h=1]It's FREE but there's NO SUPPORT[/h] There's no support. Don't email me if you can't use it or if it fails to deobfuscate a file obfuscated with an updated obfuscator.

Instead, try to update de4dot yourself. It's a lot easier than you think. If you can't, search the Internet and you should find a couple of forums where you can ask your question.

[h=1] (https://github.com/de4dot/de4dot#features)[/h][h=1]Features[/h] Here's a pseudo random list of the things it will do depending on what obfuscator was used to obfuscate an assembly:

 

  • Inline methods. Some obfuscators move small parts of a method to another static method and calls it.
  • Decrypt strings statically or dynamically
  • Decrypt other constants. Some obfuscators can also encrypt other constants, such as all integers, all doubles, etc.
  • Decrypt methods statically or dynamically
  • Remove proxy methods. Many obfuscators replace most/all call instructions with a call to a delegate. This delegate in turn calls the real method.
  • Rename symbols. Even though most symbols can't be restored, it will rename them to human readable strings. Sometimes, some of the original names can be restored, though.
  • Devirtualize virtualized code
  • Decrypt resources. Many obfuscators have an option to encrypt .NET resources.
  • Decrypt embedded files. Many obfuscators have an option to embed and possibly encrypt/compress other assemblies.
  • Remove tamper detection code
  • Remove anti-debug code
  • Control flow deobfuscation. Many obfuscators modify the IL code so it looks like spaghetti code making it very difficult to understand the code.
  • Restore class fields. Some obfuscators can move fields from one class to some other obfuscator created class.
  • Convert a PE exe to a .NET exe. Some obfuscators wrap a .NET assembly inside a Win32 PE so a .NET decompiler can't read the file.
  • Removes most/all junk classes added by the obfuscator.
  • Fixes some peverify errors. Many of the obfuscators are buggy and create unverifiable code by mistake.
  • Restore the types of method parameters and fields

[h=1] (https://github.com/de4dot/de4dot#supported-obfuscatorspackers)[/h][h=1]Supported obfuscators/packers[/h]

  • Agile.NET (aka CliSecure)
  • Babel.NET
  • CodeFort
  • CodeVeil
  • CodeWall
  • CryptoObfuscator
  • DeepSea Obfuscator
  • Dotfuscator
  • .NET Reactor
  • Eazfuscator.NET
  • Goliath.NET
  • ILProtector
  • MaxtoCode
  • MPRESS
  • Rummage
  • Skater.NET
  • SmartAssembly
  • Spices.Net
  • Xenocode

Some of the above obfuscators are rarely used (eg. Goliath.NET), so they have had much less testing. Help me out by reporting bugs or problems you find.

[h=1] (https://github.com/de4dot/de4dot#warning)[/h][h=1]Warning[/h] Sometimes the obfuscated assembly and all its dependencies are loaded into memory for execution. Use a safe sandbox environment if you suspect the assembly or assemblies to be malware.

Even if the current version of de4dot doesn't load a certain assembly into memory for execution, a future version might.

[h=1] (https://github.com/de4dot/de4dot#how-to-use-de4dot)[/h][h=1]How to use de4dot[/h] [h=2] (https://github.com/de4dot/de4dot#n00b-users)[/h][h=2]N00b users[/h] Drag and drop the file(s) onto de4dot.exe and wait a few seconds.

[h=2] (https://github.com/de4dot/de4dot#deobfuscate-more-than-one-file-at-a-time)[/h][h=2]Deobfuscate more than one file at a time[/h] When more than one assembly has been obfuscated, it's very likely that you must deobfuscate them all at the same time unless you disable symbol renaming. The reason is that if assembly A has a reference to class C in assembly B, and you rename symbols only in assembly B, then class C could be renamed to eg. Class0 but the reference in assembly A still references a class called C in assembly B. If you deobfuscate both assemblies at the same time, all references will also be updated.

[h=2] (https://github.com/de4dot/de4dot#find-all-obfuscated-files-and-deobfuscate-them)[/h][h=2]Find all obfuscated files and deobfuscate them[/h] The following command line will deobfuscate all assemblies that have been obfuscated by a supported obfuscator and save the assemblies to c:\output

de4dot -r c:\input -ru -ro c:\output

-r means recursive search. -ru means it should ignore unknown files. -ro means it should place the output files in the following directory. Typically, you'd first copy c:\input to c:\output, and then run the command. That way all the files will be in c:\output, even non-assemblies and non-processed assemblies. When de4dot is finished, you'd just double click the main assembly in c:\output and it should hopefully start.

[h=2] (https://github.com/de4dot/de4dot#detect-obfuscator)[/h][h=2]Detect obfuscator[/h] Use the -d option to detect the obfuscator without deobfuscating any assembly.

Find all .NET assemblies and detect obfuscator. If it's an unsupported obfuscator or if it's not obfuscated, it will print "Unknown obfuscator".

de4dot -d -r c:\input

Same as above except that it will only show which files have been obfuscated by a supported obfuscator.

de4dot -d -r c:\input -ru

Detect obfuscator

de4dot -d file1.dll file2.dll file3.dll

[h=2] (https://github.com/de4dot/de4dot#preserving-metadata-tokens)[/h][h=2]Preserving metadata tokens[/h] Sometimes in rare cases, you'd want to preserve the metadata tokens. Use --preserve-tokens or --preserve-table. Also consider using --keep-types since it won't remove any types and methods added by the obfuscator. Another useful option is --dont-create-params. If used, the renamer won't create Param rows for method parameters that don't have a Param row. That way the ParamPtr table won't be added to your assemblies. Peverify has a bug and doesn't support it (you'll see lots of "errors").

The #Strings, #US and #Blob heaps can also be preserved by using --preserve-strings, --preserve-us, and --preserve-blob respectively. Of these three, --preserve-us is the most useful one since ldstr instruction and module.ResolveString() directly reference the #US heap.

--preserve-sig-data should be used if the obfuscator adds extra data at the end of signatures that it uses for its own purpose, eg. as decryption keys. Confuser is one obfuscator that does this.

--preserve-tokens preserves all important tokens but will also enable --preserve-us, --preserve-blob and --preserve-sig-data.

If it's detected as an unknown (unsupported) obfuscator (or if you force it with -p un), all tokens are preserved, including the #US heap and any extra data at the end of signatures. Also, no obfuscator types, fields or methods are removed.

Preserve all important tokens, #US, #Blob, extra sig data.

de4dot --preserve-tokens file1.dll

Preserve all important tokens, #US, #Blob, extra sig data and don't remove types/fields added by the obfuscator

de4dot --keep-types --preserve-tokens file1.dll

Preserve all important tokens, #US, #Blob, extra sig data and don't create extra Param rows to prevent the ParamPtr table from being created.

de4dot --dont-create-params --preserve-tokens file1.dll

Preserve all important tokens except the Param tokens.

de4dot --preserve-table all,-pd file1.dll

[h=2] (https://github.com/de4dot/de4dot#dynamically-decrypting-strings)[/h][h=2]Dynamically decrypting strings[/h] Although de4dot supports a lot of obfuscators, there's still some it doesn't support. To decrypt strings, you'll first need to figure out which method or methods decrypt strings. To get the method token of these string decrypters, you can use ILDASM with the 'show metadata tokens' option enabled. A method token is a 32-bit number and begins with 06, eg. 06012345.

This command will load assembly file1.dll into memory by calling Assembly.Load(). When it detects calls to the two string decrypters (06012345 and 060ABCDE), it will call them by creating a dynamic method, and save the result (the decrypted string). The call to the string decrypter will be removed and the decrypted string will be in its place.

de4dot file1.dll --strtyp delegate --strtok 06012345 --strtok 060ABCDE

Since the assembly is loaded and executed, make sure you run this in a sandbox if you suspect the file to be malware.

[h=2] (https://github.com/de4dot/de4dot#forcing-detection-of-a-certain-obfuscator)[/h][h=2]Forcing detection of a certain obfuscator[/h] de4dot isn't perfect. If it fails to detect an obfuscator, you can use the -p option to force it to assume it's been obfuscated by it.

Force SmartAssembly

de4dot file1.dll -p sa

Force unsupported obfuscator

de4dot file1.dll -p un

For other obfuscator types, see the help screen.

[h=2] (https://github.com/de4dot/de4dot#disabling-symbol-renaming)[/h][h=2]Disabling symbol renaming[/h] Renaming symbols isn't as easy as renaming A to B when reflection is involved. de4dot currently doesn't support renaming XAML so if you suspect that it uses WPF (or if it's a Silverlight app) you should disable renaming if the assembly fails to run.

de4dot --dont-rename file1.dll file2.dll

--keep-names can also be used to tell de4dot not to rename certain symbols, eg. "don't rename fields".

Rename everything that should be renamed except properties, events and methods.

de4dot --keep-names pem file1.dll

[h=2] (https://github.com/de4dot/de4dot#using-a-different-rename-regex)[/h][h=2]Using a different rename regex[/h] The default regexes should be enough, except possibly the one that is used when an unsupported obfuscator is detected. To see all default regexes, start de4dot without any arguments and it will list all options and all default values.

Eg., currently the following is the default regex used when Dotfuscator is detected

!^[a-z][a-z0-9]{0,2}$&!^A_[0-9]+$&^[\u2E80-\u9FFFa-zA-Z_<{$][\u2E80-\u9FFFa-zA-Z_0-9<>{}$.`-]*$

As you can see, it's not just one regex, it's more than one. Each one is separated by & and each regex can be negated by using ! in front of it. To show it more clearly, these regexes are used:

(negated) ^[a-z][a-z0-9]{0,2}$

(negated) ^A_[0-9]+$

^[\u2E80-\u9FFFa-zA-Z_<{$][\u2E80-\u9FFFa-zA-Z_0-9<>{}$.`-]*$

To change the regex(es), you must know the short type name of the obfuscator (see help screen). Eg. it's sa if it's SmartAssembly, and un if it's an unsupported/unknown obfuscator. The option to use is --TYPE-name (eg. --sa-name for SmartAssembly and --un-name for unknown/unsupported obfuscators):

de4dot --un-name "^[a-zA-Z]\w*$" file1.dll

[h=2] (https://github.com/de4dot/de4dot#other-options)[/h][h=2]Other options[/h] Start de4dot without any arguments and it will show all options.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


About us

Indo-Investasi.com, is since 2008, one of the prime online destinations for information and discussion about forex trading, and online investments.

Share your experiences, find tools and learning materials, seek help, and make friends. More About us.

Indo-Investasi Community

Important Pages

Financial Disclaimer: Trading FOREX on margin carries a high level of risk, and may not be suitable for everyone. Past performance is not a guarantee of future results. The high degree of leverage can work against you as well as for you. Before deciding to invest in foreign exchange you should carefully consider your investment objectives, level of experience, and risk appetite. The possibility exists that you could sustain a loss of some or all of your initial investment and therefore you should not invest money that you cannot afford to lose. Please see our Terms & Conditions for more information.
×
×
  • Create New...