You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
NTCore's Phoenix Protector offers a "string encryption" feature, which, as its name tells us, protects the strings present in your program.
Even after searching on the internet for ten minutes, I couldn't find a Phoenix string decryptor; that's why I made one.
Static or dynamic ? Which one should I pick ?
If you believe the software you're analyzing may contain malware code, then you should pick static analysis, because dynamic analysis will load the assembly on your machine, causing possible damage.
How do I find a "method token" ?
Once you'll start this decryptor, it will ask you for a "method token": it's basically just the token of the decryption method. But how do you find it ? Here's a step-by-step guide :
1 - Open your file into DnSpy and find an encrypted string
2 - Find the encryption method
Click on the surrounded method
This will redirect you to the encryption-method definition
3 - There you go !
About
A simple tool which decrypts strings protected with Phoenix Protector
