Maybe a bit late, but I ran into the same problem today, finding your open question while looking for a solution, and this is how I solved it — I hope it works for you, too:
// Working with an assembly definition
var ass = AssemblyDef.Load("filename.dll");
// Do whatever you want to do with dnLib here
// Create global module writer options
var options = new ModuleWriterOptions(ass.Modules[0]);
options.MetadataOptions.Flags |= MetadataFlags.KeepOldMaxStack;
// Write the new assembly using the global writer options
ass.Write("newfilename.dll", options);
If you want to set the flag only for a selection of methods that produce the problem before writing, just for example:
// Find the type in the first module, then find the method to set the flag for
ass.Modules[0]
.Types.First((type) => type.Name == nameof(TypeToFind))
.FindMethod(nameof(MethodToFind))
.KeepOldMaxStack = true;
CilBody is maybe a bit confusing, if you’re not too deep into the internal .NET assembly structures: It simply means the body object of the method that produces the problem, when writing the modified assembly. Obfuscators often try to confuse disassemblers by producing invalid structures, what may cause a problem when calculating the maxstack value before writing the assembly with dnLib. By keeping the original maxstack value, you can step over those invalid method structures.
In the context of de4dot it seems to be a bug, or the application is simply not designed to solve invalid method structures of obfuscated assemblies — in this case there’s no solution for you, if the de4net developer won’t fix/implement it, and you don’t want to write a patch using the source code from GitHub.
[INFO] ConfuserEx v1.0.0 Copyright (C) Ki 2014
[DEBUG] Discovering plugins...
[INFO] Discovered 10 protections, 1 packers.
[DEBUG] Resolving component dependency...
[INFO] Loading input modules...
[INFO] Loading 'sample.exe'...
[INFO] Initializing...
[DEBUG] Building pipeline...
[INFO] Resolving dependencies...
[DEBUG] Checking Strong Name...
[DEBUG] Creating global .cctors...
[DEBUG] Watermarking...
[DEBUG] Executing 'Name analysis' phase...
[DEBUG] Building VTables & identifier list...
[DEBUG] Analyzing...
[INFO] Processing module 'sample.exe'...
[DEBUG] Executing 'Invalid metadata addition' phase...
[DEBUG] Executing 'Renaming' phase...
[DEBUG] Renaming...
[DEBUG] Executing 'Anti-debug injection' phase...
[DEBUG] Executing 'Anti-dump injection' phase...
[DEBUG] Executing 'Anti-ILDasm marking' phase...
[DEBUG] Executing 'Encoding reference proxies' phase...
[DEBUG] Executing 'Constant encryption helpers injection' phase...
[DEBUG] Executing 'Resource encryption helpers injection' phase...
[DEBUG] Executing 'Constants encoding' phase...
[DEBUG] Executing 'Anti-tamper helpers injection' phase...
[DEBUG] Executing 'Control flow mangling' phase...
[DEBUG] Executing 'Post-renaming' phase...
[DEBUG] Executing 'Anti-tamper metadata preparation' phase...
[DEBUG] Executing 'Packer info extraction' phase...
[INFO] Writing module 'sample.exe'...
[ERROR] Unknown error occurred.
Exception: dnlib.DotNet.Writer.ModuleWriterException: Error calculating max stack value. If the method's obfuscated, set CilBody.KeepOldMaxStack or MetaDataOptions.Flags (KeepOldMaxStack, global option) to ignore this error. Otherwise fix your generated CIL code so it conforms to the ECMA standard.
at dnlib.DotNet.DummyLogger.Log(Object sender, LoggerEvent loggerEvent, String format, Object[] args) at E:SourcePublicConfuser2dnlibsrcDotNetILogger.cs:line 456
at dnlib.DotNet.Writer.ModuleWriterBase.dnlib.DotNet.ILogger.Log(Object sender, LoggerEvent loggerEvent, String format, Object[] args) at E:SourcePublicConfuser2dnlibsrcDotNetWriterModuleWriterBase.cs:line 880
at dnlib.DotNet.Writer.MetaData.dnlib.DotNet.Writer.IWriterError.Error(String message) at E:SourcePublicConfuser2dnlibsrcDotNetWriterMetaData.cs:line 2574
at dnlib.DotNet.Writer.MethodBodyWriter.ErrorImpl(String message) at E:SourcePublicConfuser2dnlibsrcDotNetWriterMethodBodyWriter.cs:line 282
at dnlib.DotNet.Writer.MethodBodyWriterBase.GetMaxStack() at E:SourcePublicConfuser2dnlibsrcDotNetWriterMethodBodyWriterBase.cs:line 63
at dnlib.DotNet.Writer.MethodBodyWriter.Write() at E:SourcePublicConfuser2dnlibsrcDotNetWriterMethodBodyWriter.cs:line 95
at dnlib.DotNet.Writer.MetaData.WriteMethodBodies() at E:SourcePublicConfuser2dnlibsrcDotNetWriterMetaData.cs:line 1551
at dnlib.DotNet.Writer.MetaData.Create() at E:SourcePublicConfuser2dnlibsrcDotNetWriterMetaData.cs:line 1206
at dnlib.DotNet.Writer.MetaData.CreateTables() at E:SourcePublicConfuser2dnlibsrcDotNetWriterMetaData.cs:line 1140
at dnlib.DotNet.Writer.ModuleWriter.WriteImpl() at E:SourcePublicConfuser2dnlibsrcDotNetWriterModuleWriter.cs:line 170
at dnlib.DotNet.Writer.ModuleWriterBase.Write(Stream dest) at E:SourcePublicConfuser2dnlibsrcDotNetWriterModuleWriterBase.cs:line 502
at dnlib.DotNet.ModuleDef.Write(Stream dest, ModuleWriterOptions options) at E:SourcePublicConfuser2dnlibsrcDotNetModuleDef.cs:line 1144
at Confuser.Core.ConfuserEngine.WriteModule(ConfuserContext context) at e:SourcePublicConfuser2Confuser.CoreConfuserEngine.cs:line 393
at Confuser.Core.ProtectionPipeline.ExecuteStage(PipelineStage stage, Action`1 func, Func`1 targets, ConfuserContext context) at e:SourcePublicConfuser2Confuser.CoreProtectionPipeline.cs:line 134
at Confuser.Core.ConfuserEngine.RunPipeline(ProtectionPipeline pipeline, ConfuserContext context) at e:SourcePublicConfuser2Confuser.CoreConfuserEngine.cs:line 242
at Confuser.Core.ConfuserEngine.RunInternal(ConfuserParameters parameters, CancellationToken token) at e:SourcePublicConfuser2Confuser.CoreConfuserEngine.cs:line 173
Failed at 1:01, 0:09 elapsed.
so I was fooling around with DNLIB recently, and I was trying to add methods to a .net file. I got the methods from a previously compiled file, so basically, I was trying to mimic the method.
There are 3 methods: GetTheTypes, InvokeIt, and InvokeCall.
Firstly, I had to create the methods GetTheTypes and InvokeIt because InvokeCall calls both the GetTheTypes method and the InvokeIt method. So I added those methods, and they were added perfectly. It compiled and saved, and I was able to see them in a reflector/ILSpy with no problem. Note: when I add the methods, I have a check to see if they should be static or non-static, so that is not an issue. They are also all public methods.
Then, I wanted to add the InvokeCall method. So I did the same thing I did for the other methods, opened the methods I wanted mimicked in ILSpy, then basically copied all of the instructions and local variables into a new CilBody which were added to the InvokeCall method that I was mimicking. The only problem was it threw an error saying «Error Calculating Max Stack Value». The weird thing was, if I changed the OPCode from Call to NewObj, it compiled fine. But that is not what I want to do. What I want to do throws the error mentioned above.
Here is the code I use to add the instruction:
cBody.Instructions.Add(OpCodes.Call.ToInstruction(_getTheTypesMethod))
The _getThetypesMethod variable is defined as a MethodDefUser and consists of the method I created ealier and compiled just fine. I have also tried this:
cBody.Instructions.Add(OpCodes.Call.ToInstruction(t.Asm.Import(_getTheTypesMethod)))
That also did not work. I have also tried to get the DeclaringType of the method as well, then Finding the method like this:
cBody.Instructions.Add(OpCodes.Call.ToInstruction(t.Asm.Import(_getTheTypesMethod.GetDeclaringType().FindMethod("GetTheTypes")))
That didn’t work either.
So if anyone has any suggestions as to how to call a method that was just created, please tell me. I’ve been trying to find out how to fix this problem for the last day or so, with no prevail. Thanks.
On 8/4/2016 at 8:37 PM, crystalboy said:
Sorry for intrusion but i think that you latest post is not related to the current thread.
Is better if you create a new thread to mantain consultation of the board ordered.
Thanks
I guessed it was better to not open a new thread.
On 8/4/2016 at 9:49 PM, kao said:
By now you should already know — that’s not how it works.
a. You need it, you do it. And when you get stuck, you describe what exactly you did and what exactly did not work.
b. If you have an issue with CC tools, go ask in that thread.
c. In general it’s impossible to unpack/deobfuscate stuff dynamically without all the relevant DLLs (this case might be an exception). So, uploading only the main EXE is not helping either..
By the first look — there is no reason why CodeCracker’s tools should not work. Only control-flow and constants are obfuscated, it doesn’t get much easier than that.
After reading your post , I spent more time on the application , sorry for the late reply.
The program only loads if it is inside «C:FraudFox» folder.
Windows XP only.
Unpacking tools used —
de4dot
ConfuserExCallFixer
ConfuserExStringDecryptor.
ConfuserExDupPopPatcher
ConfuserLdcPopPatcher
ConfuserXorCalc.
The deobfuscation looks clean initially but after loading the binary and clicking on login , the error comes
Quote
[4/12/2016 10:11:27 AM] Error occured during the login process: JIT Compiler encountered an internal limitation.
at Newtonsoft.Json.JsonSerializer.SetupReader(JsonReader reader, CultureInfo& previousCulture, Nullable`1& previousDateTimeZoneHandling, Nullable`1& previousDateParseHandling, Nullable`1& previousFloatParseHandling, Nullable`1& previousMaxDepth, String& previousDateFormatString)
at Newtonsoft.Json.JsonSerializer.DeserializeInternal(JsonReader reader, Type objectType)
at Newtonsoft.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings)
at Newtonsoft.Json.JsonConvert.DeserializeObject[T](String value, JsonSerializerSettings settings)
at FraudFox.ProcessLogin.LoginUsingTor()
at FraudFox.Login.bwTorLogin_DoWork(Object sender, DoWorkEventArgs e): JIT Compiler encountered an internal limitation.
at Newtonsoft.Json.JsonSerializer.SetupReader(JsonReader reader, CultureInfo& previousCulture, Nullable`1& previousDateTimeZoneHandling, Nullable`1& previousDateParseHandling, Nullable`1& previousFloatParseHandling, Nullable`1& previousMaxDepth, String& previousDateFormatString)
at Newtonsoft.Json.JsonSerializer.DeserializeInternal(JsonReader reader, Type objectType)
at Newtonsoft.Json.JsonConvert.DeserializeObject(String value, Type type, JsonSerializerSettings settings)
at Newtonsoft.Json.JsonConvert.DeserializeObject[T](String value, JsonSerializerSettings settings)
at FraudFox.ProcessLogin.LoginUsingTor()
at FraudFox.Login.bwTorLogin_DoWork(Object sender, DoWorkEventArgs e)
So checking in dnspy , the code is not cleant completely in many places.
As you mentioned it might be an issue with the tools and I will have to ask the tools author on their threads regarding incomplete deob.
=———————————————=
To run the binary , it needs to be in C:/FraudFox and it also needs many other files , but for unpacking and using the login function , the tor folder will be enough. Adding other files will lead to a archive of more than 300 MB.
My unpacked/deob try with the above tools used. it also contains the tor folder.
FraudFox.rar
Hopefully I have done more than before , can I get some help on what I must have done wrong ? or the tools are not actually working. Please confiirm.
Regards
Edited April 12, 2016 by madskillz
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
Здравствуйте! Есть утилита, задача которой сгенерировать уникальную строку.
Код:
VkZkd1FtUXdNVVZhZWxKdFVqSm9XRmxyVW1GUk1rcFpWV3MxVGxZemFIQlpNR1JyWWxaS1YxSlljRTlYUjNoMVYxYzFiMDFzYkZaU2FrSldWakExTUZaclZrcE5NVnBJVkd4YVYxTkdXalJaVmxaWFpXeHdWazFYZUZSU2JUazJWVlJLUzFKck1YRlVXRnBXVmtSQk5WcHJVa1pPVlRsVlZsaHNUMUZVTURrPQ==
Сразу видно, что она в base64. Если декодировать ее 4 раза, то получаем:
Код:
VFdwQmQwMUVaelJtUjJoWFlrUmFRMkpZVWs1TlYzaHBZMGRrYlZKV1JYcE9XR3h1V1c1b01sbFZSakJWVjA1MFZrVkpNMVpIVGxaV1NGWjRZVlZXZWxwVk1XeFRSbTk2VVRKS1JrMXFUWFpWVkRBNVprUkZOVTlVVlhsT1FUMDk= TWpBd01EZzRmR2hXYkRaQ2JYUk5NV3hpY0dkbVJWRXpOWGxuWW5oMllVRjBVV050VkVJM1ZHTlZWSFZ4YVVWelpVMWxTRm96UTJKRk1qTXZVVDA5ZkRFNU9UVXlOQT09 MjAwMDg4fGhWbDZCbXRNMWxicGdmRVEzNXlnYnh2YUF0UWNtVEI3VGNVVHVxaUVzZU1lSFozQ2JFMjMvUT09fDE5OTUyNA== 200088|hVl6BmtM1lbpgfEQ35ygbxvaAtQcmTB7TcUTuqiEseMeHZ3CbE23/Q==|199524
По бокам числа, а в середине что-то похожее на base64. Если перевести base64 to HEX — получим это:
Код:
85597A066B4CD656E981F110DF9CA06F1BDA02D41C99307B4DC513BAA884B1E31E1D9DC26C4DB7FD
Protection_ID info:
Код:
[!] [.net scan core] ConfuserEx v0.5.0 detected! [CompilerDetect] -> .NET [.] .Net Info -> v 2.5 (struct version) | MSIL 32 bit preferred (/platform:anycpu32bitpreferred) | Flags : 0x00020003 -> COMIMAGE_FLAGS_ILONLY | COMIMAGE_FLAGS_32BITREQUIRED | COMIMAGE_FLAGS_32BITPREFERRED | [.] Entrypoint (Token) : 0x06000002 [.] MetaData RVA : 0x0001C8DC | Size : 0x000094F4 (38132) [.] MetaData->Version 1.1 (struct ver) -> v4.0.30319 (required framework) [.] Flags : 0x0 | Streams : 0x7 (7) unusual (its usually 5) -> #~ | #Strings | #GUID | #Blob | #Strings | #Blob | #Schema
Задача: понять алгоритм генерации уникальной строки.
Пробовал натравить последний de4dot, но попытка не увенчалась успехом.
Код:
ERROR: Error calculating max stack value ERROR: Instruction is null ERROR: Operand is not a local/arg ERROR: Instruction operand is null ERROR: CallingConventionSig is null Ignored 93 warnings/errors Use -v/-vv option or set environment variable SHOWALLMESSAGES=1 to see all messages The system cannot write to the specified device.
Посоветуйте, пожалуйста, как снять ConfuserEx v0.5.0.
P.S. Хотел в отладчике перехватить момент конвертации данных в base64.
Для этого должна использоваться функция CryptBinaryToString из Crypt32.dll
Но я ее не нашел в адресном пространстве процесса. Зато нашел: cryptbase.dll, cryptsp.dll, bcrypt.dll.
В их экспорте не нашел ничего подходящего. Что использует .NET для перевода в base64 ?
Прикрепляю утилиту.
d96f_17.09.2015_EXELAB.rU.tgz — xid.exe
Exetools
(https://forum.exetools.com/index.php)
— Community Tools
(https://forum.exetools.com/forumdisplay.php?f=47)
That’s a warning from the renamer, so try —dont-rename or just ignore the warning msg. Maybe it’s still runnable?
| Storm Shadow | 07-24-2015 05:26 |
Ain’t it possible to get a verbose output of error
| speedboy | 09-02-2015 10:59 |
Command: de4dot.exe -f «D:xxksEXAMTEACHER.exe» -o «D:xxksEXAMTEACHER_de4dot.exe»
Output:
de4dot v3.1.41592.3405 Copyright (C) 2011-2014 de4dot@gmail.com
Latest version and source code: https://github.com/0xd4d/de4dot
21 deobfuscator modules loaded!
Detected Dotfuscator 12345:1:2:4.2.5000.27554 (D:xxksEXAMTEACHER.exe)
Cleaning D:xxksEXAMTEACHER.exe
WARNING: Could not deobfuscate method 06000185. Hello, E.T.: System.ApplicationException
Renaming all obfuscated symbols
Saving D:xxksEXAMTEACHER_de4dot.exe
ERROR: Error calculating max stack value. If the method’s obfuscated, set CilBody.KeepOldMaxStack or MetaDataOptions.Flags (KeepOldMaxStack, global option) to ignore this error. Otherwise fix your generated CIL code so it conforms to the ECMA standard.
ERROR: Instruction operand is null
ERROR: Operand is not a local/arg
ERROR: Instruction is null
ERROR: Target instruction is too far away for a short branch. Use the long branch or call CilBody.SimplifyBranches() and CilBody.OptimizeBranches()
Ignored 7741 warnings/errors
Use -v/-vv option or set environment variable SHOWALLMESSAGES=1 to see all messages
Why?
@speedboy
Try de4dot fixed by ivancitooz
http://rghost.net/8kVDPKcfc
It has several obfuscators updated 
| speedboy | 09-02-2015 14:04 |
Quote:
Originally Posted by cachito
(Post 101462)
@speedboy
Try de4dot fixed by ivancitooz
http://rghost.net/8kVDPKcfc
It has several obfuscators updated
It is not X86!
Upload exe and I will try for you
| Black_Legion | 09-30-2015 19:11 |
1 Attachment(s)
i have an exe which de4dot detects it as Unknown Obfuscator. class names, method names and member names are all like guids, and it uses «Call Hiding» obfuscating method.
anybody knows what obfuscator it may be?
You can reserach witch obfuscator might be and add support to de4dot by yourself.
Just take a look here:
Quote:
http://mrexodia.cf/coding/2015/07/17/Extending-de4dot/
| Black_Legion | 10-01-2015 14:33 |
as i researched into the obfuscators it seems that it has been obfuscated with something like «disguiser.net». is there any solution available for this one?
………………………………..
| Black_Legion | 10-11-2015 22:05 |
i found it with the help of kao
it was AppFuscator
There are some tools for unpacking and string decrypting for this protector.
| Mahmoudnia | 12-21-2015 01:08 |
Hi giv
i can not unpack this file with de4dot !
Quote:
http://www.p30office.com/index.php?sdmon=downloads/app-xoffice/SetupP30Office3-6-2-40630.zip
may you help me ?
thanks
A newbie question indeed.. i used de4dot.exe to deobfuscate the attached folder usig -d flag it deobfuscated all obfuscated exes (crypto obfuscator) but the problem is no the program does not run rather hangs..
https://mega.nz/#!00QmSZYK!56oBkSL9-7pc9KsMKEr7lW4cftLLluTyKyL-erLqvpQ
| sendersu | 10-07-2016 01:44 |
>but the problem is no the program does not run rather hangs..
deobfuscating != correct run
you need to charge your mind and go to rabbit hole
de4dot-Support.Reactor5.0-wuhensoft
http://crack.vc/RceTools/NET/de4dot-Support.Reactor5.0-wuhensoft.7z
Hi all thanks for all! I unpacked it but the problem is my patching is nasty so license window appears frequently though it is not a big problem since you can put anything of proper length and get licensed!!
Is there a better solution?
https://mega.nz/#!E0gTCKCb!hFeYMsc40_9ftsh0O-5GU19WosWFTCn333RoGA2JYBc
I’m trying to use this, but it says unknown obfuscator and while it worked partially, most important stuff are still obfuscated and can’t be browsed. Can anyone help? Here’s the link to exe
https://mega.nz/#!awFjCIZL!FobLU14jimDuOKAv8MdEjzyU0Jg0haLiIQztSOv1ps0
You can force De4dot to select which de-obfuscation technique is to be used.
Quote:
Originally Posted by Sound
(Post 107358)
de4dot-Support.Reactor5.0-wuhensoft
http://crack.vc/RceTools/NET/de4dot-Support.Reactor5.0-wuhensoft.7z
interesting, works perfect except still found something like «b0494a1f-4bd3-bFLN5Q3B5OEj76UB/UqymA==» in the Resources line.
can deobfuscate smartassembly?
| sendersu | 07-11-2017 01:02 |
can — yes!
just GIAT!
Quote:
Originally Posted by Sound
(Post 107358)
de4dot-Support.Reactor5.0-wuhensoft
http://crack.vc/RceTools/NET/de4dot-Support.Reactor5.0-wuhensoft.7z
Wow, I really appreciate this share. It helped me resolve some issues I was having with a particular binary, and even more important, it helped me figure out what I was doing wrong when attempting to manually unpack it.
| schrodyn | 03-16-2021 19:20 |
I was wondering if people are still using de4dot or are there better alternatives now?
You can try this
https://github.com/HongThatCong/de4dot_mod
Looks like de4dot mod is .net 3.5 based anything for 4.x or even 5 available?
cannot decrypt dotfuscator string
Powered by vBulletin® Version 3.8.8
Copyright ©2000 — 2023, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
hi everyone (i’m sorry for my bad english) i’m new to this forum and i have a question for you
does someone know what is this modded confuserex ?
here is the .cctor field and when i saw that i directly thinked it was confuserex because it’s really similar as you can see.
maybe am i wrong ? because i searched lot of hours and i didn’t find anything.
i tried lot of «unconfusers» and i have always one of this 2 errors :
Exception non gérée : System.NotSupportedException: Invalid or unsupported method body format.
à AsmResolver.PE.DotNet.Cil.CilRawMethodBody.FromReader(IBinaryStreamReader reader)
à AsmResolver.DotNet.Serialized.DefaultMethodBodyReader.ReadMethodBody(MethodDefinition owner, MethodDefinitionRow row)
à AsmResolver.DotNet.Serialized.SerializedMethodDefinition.GetBody()
à AsmResolver.LazyVariable`1.InitializeValue()
à AsmResolver.LazyVariable`1.get_Value()
à Unscrambler.Features.MethodProcessor.<>c.<Process>b__3_0(MethodDefinition m)
à System.Linq.Enumerable.WhereEnumerableIterator`1.MoveNext()
à Unscrambler.Features.MethodProcessor.Process(TypeDefinition type)
à Unscrambler.Program.Process(ModuleDefinition module)
à Unscrambler.Program.Main(String[] args)(i used unscrambler for the first exemple)
ERROR: Error calculating max stack value. If the method's obfuscated, set CilBody.KeepOldMaxStack or MetaDataOptions.Flags (KeepOldMaxStack, global option) to ignore this error. Otherwise fix your generated CIL code so it conforms to the ECMA standard.
ERROR: Instruction operand is null
ERROR: Instruction is null
ERROR: Operand is not a local/arg(and a modded version of de4dot for the second exemple)
i also tried many method for unpack this version of confuserex manually (and no this version doesen’t have gCHandle.Free)
so if someone can help me to identify or to unpack this modded version ?
Thanks in advance
-
Lnet.exe
1.5 MB
· Views: 37