Program can list or decrypt strings used in .NET executable based on user decryption
plugins and rebuild new assembly with decoded strings. Method names, control flow
etc. are unchanged in assembly!
- List all strings that are used in .NET executable
- Generic search for decoding function like: DecodeFunction(Byval Coded_String as String) As String
- Decrypt strings based on your own plugin
- Very simple plugin interface (C#, VB.NET)
- Preview of string decryption (checking results)
- Rebuild application with decoded strings (removing decoding function)
- Explorer with all methods for fast navigation
- Export method tree to text file
- Fast string extraction
- Very good and easy searching
- Export strings to text file for further processing
- DisAssemble selected method
- Instruction coloring for fast navigation (Strings, Numbers, Calls, Jumps)
- See real file offset and opcode bytes
- Jump from opcode to file with hexeditor (patching)
- Fast patching:
Just search for bad boy message, select branch and press Open in Hexeditor.
You land direct on place where you can start edit bytes. Job Done!
- Decoding strings:
1) You can try use 'Analyze functions' to find decoding stuff.
2) Take obfuscated .NET executable, explore it in reflector, look for some
encrypted string and jump to decrypting function. Now just copy code Ctrl+C
and paste it into plugin source, correct return values, compile and that's
3) Put into Plugs directory and try "Decoding Preview"
4) Now you have simple string decrypter :)
Read more in Readme.txt !
Please share your plugins with community! You can send me your plugin for releasing it here. Complete list of plugins will be created.
List all strings inside .NET executable
String decryption preview
DisAssembly of selected method with instruction colloring
New Explorer for code navigation
Added command line and Drag & Drop Support
Remember last window position
Better columns resizing
Exports to text files
a lot of new functionality