rubbersallday wrote

XeXStozza wrote

rubbersallday wrote

XeXStozza wrote

Eclipse-Booter wrote Also, this ban bypass works about 50% of the time.


Here is the bypass in ILSPY:

XRPC arg_28_0 = this.;
      uint arg_28_1 = 2187462816u;
      byte[] array = new byte[4];
      array[0] = 96;
      arg_28_0.SetMemory(arg_28_1, array);
      XRPC arg_45_0 = this.;
      uint arg_45_1 = 2187462816u;
      byte[] array2 = new byte[2];
      array2[0] = 72;
      arg_45_0.SetMemory(arg_45_1, array2);
      XRPC arg_62_0 = this.;
      uint arg_62_1 = 2189117184u;
      byte[] array3 = new byte[2];
      array3[0] = 72;
      arg_62_0.SetMemory(arg_62_1, array3);
      XRPC arg_7F_0 = this.;
      uint arg_7F_1 = 2189117160u;
      byte[] array4 = new byte[4];
      array4[0] = 96;
      arg_7F_0.SetMemory(arg_7F_1, array4);
      XRPC arg_9F_0 = this.;
      uint arg_9F_1 = 2189117148u;
      byte[] array5 = new byte[4];
      array5[0] = 96;
      arg_9F_0.SetMemory(arg_9F_1, array5);
      XRPC arg_BF_0 = this.;
      uint arg_BF_1 = 2189138028u;
      byte[] array6 = new byte[2];
      array6[0] = 72;
      arg_BF_0.SetMemory(arg_BF_1, array6);
      XRPC arg_DF_0 = this.;
      uint arg_DF_1 = 2189138004u;
      byte[] array7 = new byte[4];
      array7[0] = 96;
      arg_DF_0.SetMemory(arg_DF_1, array7);
      this..Notify(14, this.);
      this.(.(1897955225));
      return;

Now here is the offsets and bytes(Simplified Version):

Offset 1: 0x826208A0 - 4800 Bytes
Offset 2: 0x827B9854 - 60000000 Bytes
Offset 3: 0x827B986C - 60000000 Bytes
Offset 4: 0x827B4700 - 4800 Bytes
Offset 5: 0x827B46DC - 60000000 Bytes

If you notice, this is the ban bypass that was released by bitwise.

i have never once said the bypass worked and if you view the credits it states that the tool uses Bitwise's Bypass. However im not really fussed whether people can see the code. When the script kiddie's start pasting it into tools we will know where they got it from

Not from you that's for sure since you just updated this when tu10 has been out for awhile and so has the bypass offsets.

Just because i have a life outside of the internet doesn't mean i stole code lol.... Just because you have nothing better to do with your time doesn't mean i don't. And Apart from your tu10 (off-host) tool, what else has been released on TTG? if you have nothing nice to say. Don't post at all

I wasn't trying to insult or flame you..... I was simply stating that Bitwise bypass offsets were updated to tu10 the same day on 7s and many other sites.

When the script kiddie's start pasting it into tools we will know where they got it from

Oh haha, it seemed like you were trying to say i stole all of the code... I will edit post lol

Eclipse-Booter wrote Also, this ban bypass works about 50% of the time.


Here is the bypass in ILSPY:

XRPC arg_28_0 = this.;
      uint arg_28_1 = 2187462816u;
      byte[] array = new byte[4];
      array[0] = 96;
      arg_28_0.SetMemory(arg_28_1, array);
      XRPC arg_45_0 = this.;
      uint arg_45_1 = 2187462816u;
      byte[] array2 = new byte[2];
      array2[0] = 72;
      arg_45_0.SetMemory(arg_45_1, array2);
      XRPC arg_62_0 = this.;
      uint arg_62_1 = 2189117184u;
      byte[] array3 = new byte[2];
      array3[0] = 72;
      arg_62_0.SetMemory(arg_62_1, array3);
      XRPC arg_7F_0 = this.;
      uint arg_7F_1 = 2189117160u;
      byte[] array4 = new byte[4];
      array4[0] = 96;
      arg_7F_0.SetMemory(arg_7F_1, array4);
      XRPC arg_9F_0 = this.;
      uint arg_9F_1 = 2189117148u;
      byte[] array5 = new byte[4];
      array5[0] = 96;
      arg_9F_0.SetMemory(arg_9F_1, array5);
      XRPC arg_BF_0 = this.;
      uint arg_BF_1 = 2189138028u;
      byte[] array6 = new byte[2];
      array6[0] = 72;
      arg_BF_0.SetMemory(arg_BF_1, array6);
      XRPC arg_DF_0 = this.;
      uint arg_DF_1 = 2189138004u;
      byte[] array7 = new byte[4];
      array7[0] = 96;
      arg_DF_0.SetMemory(arg_DF_1, array7);
      this..Notify(14, this.);
      this.(.(1897955225));
      return;

Now here is the offsets and bytes(Simplified Version):

Offset 1: 0x826208A0 - 4800 Bytes
Offset 2: 0x827B9854 - 60000000 Bytes
Offset 3: 0x827B986C - 60000000 Bytes
Offset 4: 0x827B4700 - 4800 Bytes
Offset 5: 0x827B46DC - 60000000 Bytes

If you notice, this is the ban bypass that was released by bitwise.

Lol, kids trying to act like he's a hacker when all he is doing is disassembling a free non-obfuscated tool.

EDIT: Oh, and I forgot to tell you, good job on the tool! So has the unlock all been tested yet?

TGK wrote

Eclipse-Booter wrote Also, this ban bypass works about 50% of the time.


Here is the bypass in ILSPY:

XRPC arg_28_0 = this.;
      uint arg_28_1 = 2187462816u;
      byte[] array = new byte[4];
      array[0] = 96;
      arg_28_0.SetMemory(arg_28_1, array);
      XRPC arg_45_0 = this.;
      uint arg_45_1 = 2187462816u;
      byte[] array2 = new byte[2];
      array2[0] = 72;
      arg_45_0.SetMemory(arg_45_1, array2);
      XRPC arg_62_0 = this.;
      uint arg_62_1 = 2189117184u;
      byte[] array3 = new byte[2];
      array3[0] = 72;
      arg_62_0.SetMemory(arg_62_1, array3);
      XRPC arg_7F_0 = this.;
      uint arg_7F_1 = 2189117160u;
      byte[] array4 = new byte[4];
      array4[0] = 96;
      arg_7F_0.SetMemory(arg_7F_1, array4);
      XRPC arg_9F_0 = this.;
      uint arg_9F_1 = 2189117148u;
      byte[] array5 = new byte[4];
      array5[0] = 96;
      arg_9F_0.SetMemory(arg_9F_1, array5);
      XRPC arg_BF_0 = this.;
      uint arg_BF_1 = 2189138028u;
      byte[] array6 = new byte[2];
      array6[0] = 72;
      arg_BF_0.SetMemory(arg_BF_1, array6);
      XRPC arg_DF_0 = this.;
      uint arg_DF_1 = 2189138004u;
      byte[] array7 = new byte[4];
      array7[0] = 96;
      arg_DF_0.SetMemory(arg_DF_1, array7);
      this..Notify(14, this.);
      this.(.(1897955225));
      return;

Now here is the offsets and bytes(Simplified Version):

Offset 1: 0x826208A0 - 4800 Bytes
Offset 2: 0x827B9854 - 60000000 Bytes
Offset 3: 0x827B986C - 60000000 Bytes
Offset 4: 0x827B4700 - 4800 Bytes
Offset 5: 0x827B46DC - 60000000 Bytes

If you notice, this is the ban bypass that was released by bitwise.

Lol, kids trying to act like he's a hacker when all he is doing is disassembling a free non-obfuscated tool.

Totally agree! I don't see why people can't appreciate something that is free & works fine lol, instead you get haters for trying to help people out Stick to private stuff from now on

XeXStozza wrote

TGK wrote

Eclipse-Booter wrote Also, this ban bypass works about 50% of the time.


Here is the bypass in ILSPY:

XRPC arg_28_0 = this.;
      uint arg_28_1 = 2187462816u;
      byte[] array = new byte[4];
      array[0] = 96;
      arg_28_0.SetMemory(arg_28_1, array);
      XRPC arg_45_0 = this.;
      uint arg_45_1 = 2187462816u;
      byte[] array2 = new byte[2];
      array2[0] = 72;
      arg_45_0.SetMemory(arg_45_1, array2);
      XRPC arg_62_0 = this.;
      uint arg_62_1 = 2189117184u;
      byte[] array3 = new byte[2];
      array3[0] = 72;
      arg_62_0.SetMemory(arg_62_1, array3);
      XRPC arg_7F_0 = this.;
      uint arg_7F_1 = 2189117160u;
      byte[] array4 = new byte[4];
      array4[0] = 96;
      arg_7F_0.SetMemory(arg_7F_1, array4);
      XRPC arg_9F_0 = this.;
      uint arg_9F_1 = 2189117148u;
      byte[] array5 = new byte[4];
      array5[0] = 96;
      arg_9F_0.SetMemory(arg_9F_1, array5);
      XRPC arg_BF_0 = this.;
      uint arg_BF_1 = 2189138028u;
      byte[] array6 = new byte[2];
      array6[0] = 72;
      arg_BF_0.SetMemory(arg_BF_1, array6);
      XRPC arg_DF_0 = this.;
      uint arg_DF_1 = 2189138004u;
      byte[] array7 = new byte[4];
      array7[0] = 96;
      arg_DF_0.SetMemory(arg_DF_1, array7);
      this..Notify(14, this.);
      this.(.(1897955225));
      return;

Now here is the offsets and bytes(Simplified Version):

Offset 1: 0x826208A0 - 4800 Bytes
Offset 2: 0x827B9854 - 60000000 Bytes
Offset 3: 0x827B986C - 60000000 Bytes
Offset 4: 0x827B4700 - 4800 Bytes
Offset 5: 0x827B46DC - 60000000 Bytes

If you notice, this is the ban bypass that was released by bitwise.

Lol, kids trying to act like he's a hacker when all he is doing is disassembling a free non-obfuscated tool.

Totally agree! I don't see why people can't appreciate something that is free & works fine lol, instead you get haters for trying to help people out Stick to private stuff from now on

Or just make a custom obfuscator and the skids wouldn't know what to do without their de4dot and ILSpy.

TGK wrote <snip>

Actually no.

De4dot has the capability to deobfuscate obfuscators that it doesn't recognize. If it doesn't do it automatically you can use -p un as a cmd line argument.

If that doesn't work it's fairly easy to update de4dot to support other obfuscators(open source FTW) and I've noticed, from experience, that most "custom" obfuscators can simply be deobfuscated by hooking JIT then dumping it from memory.

TGK wrote

Eclipse-Booter wrote Also, this ban bypass works about 50% of the time.


Here is the bypass in ILSPY:

XRPC arg_28_0 = this.;
      uint arg_28_1 = 2187462816u;
      byte[] array = new byte[4];
      array[0] = 96;
      arg_28_0.SetMemory(arg_28_1, array);
      XRPC arg_45_0 = this.;
      uint arg_45_1 = 2187462816u;
      byte[] array2 = new byte[2];
      array2[0] = 72;
      arg_45_0.SetMemory(arg_45_1, array2);
      XRPC arg_62_0 = this.;
      uint arg_62_1 = 2189117184u;
      byte[] array3 = new byte[2];
      array3[0] = 72;
      arg_62_0.SetMemory(arg_62_1, array3);
      XRPC arg_7F_0 = this.;
      uint arg_7F_1 = 2189117160u;
      byte[] array4 = new byte[4];
      array4[0] = 96;
      arg_7F_0.SetMemory(arg_7F_1, array4);
      XRPC arg_9F_0 = this.;
      uint arg_9F_1 = 2189117148u;
      byte[] array5 = new byte[4];
      array5[0] = 96;
      arg_9F_0.SetMemory(arg_9F_1, array5);
      XRPC arg_BF_0 = this.;
      uint arg_BF_1 = 2189138028u;
      byte[] array6 = new byte[2];
      array6[0] = 72;
      arg_BF_0.SetMemory(arg_BF_1, array6);
      XRPC arg_DF_0 = this.;
      uint arg_DF_1 = 2189138004u;
      byte[] array7 = new byte[4];
      array7[0] = 96;
      arg_DF_0.SetMemory(arg_DF_1, array7);
      this..Notify(14, this.);
      this.(.(1897955225));
      return;

Now here is the offsets and bytes(Simplified Version):

Offset 1: 0x826208A0 - 4800 Bytes
Offset 2: 0x827B9854 - 60000000 Bytes
Offset 3: 0x827B986C - 60000000 Bytes
Offset 4: 0x827B4700 - 4800 Bytes
Offset 5: 0x827B46DC - 60000000 Bytes

If you notice, this is the ban bypass that was released by bitwise.

Lol, kids trying to act like he's a hacker when all he is doing is disassembling a free non-obfuscated tool.

EDIT: Oh, and I forgot to tell you, good job on the tool! So has the unlock all been tested yet?

You make me laugh. I think I'm a hacker? lol no. I posted a snippet of the ban bypass code to prove what I said was true.

Eclipse-Booter wrote

TGK wrote

Eclipse-Booter wrote Also, this ban bypass works about 50% of the time.


Here is the bypass in ILSPY:

XRPC arg_28_0 = this.;
      uint arg_28_1 = 2187462816u;
      byte[] array = new byte[4];
      array[0] = 96;
      arg_28_0.SetMemory(arg_28_1, array);
      XRPC arg_45_0 = this.;
      uint arg_45_1 = 2187462816u;
      byte[] array2 = new byte[2];
      array2[0] = 72;
      arg_45_0.SetMemory(arg_45_1, array2);
      XRPC arg_62_0 = this.;
      uint arg_62_1 = 2189117184u;
      byte[] array3 = new byte[2];
      array3[0] = 72;
      arg_62_0.SetMemory(arg_62_1, array3);
      XRPC arg_7F_0 = this.;
      uint arg_7F_1 = 2189117160u;
      byte[] array4 = new byte[4];
      array4[0] = 96;
      arg_7F_0.SetMemory(arg_7F_1, array4);
      XRPC arg_9F_0 = this.;
      uint arg_9F_1 = 2189117148u;
      byte[] array5 = new byte[4];
      array5[0] = 96;
      arg_9F_0.SetMemory(arg_9F_1, array5);
      XRPC arg_BF_0 = this.;
      uint arg_BF_1 = 2189138028u;
      byte[] array6 = new byte[2];
      array6[0] = 72;
      arg_BF_0.SetMemory(arg_BF_1, array6);
      XRPC arg_DF_0 = this.;
      uint arg_DF_1 = 2189138004u;
      byte[] array7 = new byte[4];
      array7[0] = 96;
      arg_DF_0.SetMemory(arg_DF_1, array7);
      this..Notify(14, this.);
      this.(.(1897955225));
      return;

Now here is the offsets and bytes(Simplified Version):

Offset 1: 0x826208A0 - 4800 Bytes
Offset 2: 0x827B9854 - 60000000 Bytes
Offset 3: 0x827B986C - 60000000 Bytes
Offset 4: 0x827B4700 - 4800 Bytes
Offset 5: 0x827B46DC - 60000000 Bytes

If you notice, this is the ban bypass that was released by bitwise.

Lol, kids trying to act like he's a hacker when all he is doing is disassembling a free non-obfuscated tool.

EDIT: Oh, and I forgot to tell you, good job on the tool! So has the unlock all been tested yet?

You make me laugh. I think I'm a hacker? lol no. I posted a snippet of the ban bypass code to prove what I said was true.

"Eclipse-Booter" and randomly disassembles free tools that don't even need to be bothered being obfuscated. No one ever said it was not true, so that's the funny part.