Crack Sublime Text 3.2.2 Build 3211 and Sublime Text 4 Alpha 4098 with Hex

Crack Sublime Text Windows and Linux.md

---

How to Crack Sublime Text 3.2.2 Build 3211 with Hex Editor (Windows | Without License) ↓

1. Download & Install Sublime Text 3.2.2 Build 3211
2. Visit https://hexed.it/
3. Open file select sublime_text.exe
4. Offset 0x8545: Original 84 -> 85
5. Offset 0x08FF19: Original 75 -> EB
6. Offset 0x1932C7: Original 75 -> 74 (remove UNREGISTERED in title bar, so no need to use a license)
7. Export File and save it to location you want
8. Backup sublime_text.exe file (just rename)
9. Copy sublime_text.exe modified to directory Sublime Text 3
10. Happy Coding :)

Screenshot

---

How to Crack Sublime Text 4 Alpha 4098 with Hex Editor (Windows | Without License) ↓

1. Download & Install Sublime Text 4 Alpha 4094
2. Visit https://hexed.it/
3. Open file select sublime_text.exe
4. Go to Address: 0000A700 change 80 38 00 to FE 00 90
5. Export File and save it to location you want
6. Backup sublime_text.exe file (just rename)
7. Copy sublime_text.exe modified to directory Sublime Text 4 (i.e C:\Program Files\Sublime Text)
8. Use this License

----- BEGIN LICENSE ----- 
TwitterInc 
200 User License 
EA7E-890007 
1D77F72E 390CDD93 4DCBA022 FAF60790 
61AA12C0 A37081C5 D0316412 4584D136 
94D7F7D4 95BC8C1C 527DA828 560BB037 
D1EDDD8C AE7B379F 50C9D69D B35179EF 
2FE898C4 8E4277A8 555CE714 E1FB0E43 
D5D52613 C3D12E98 BC49967F 7652EED2 
9D2D2E61 67610860 6D338B72 5CF95C69 
E36B85CC 84991F19 7575D828 470A92AB 
------ END LICENSE ------

9. Happy Coding :)

Screenshot

---

Blocked by Microsoft Defender SmartScreen -> More Info -> Run Anyway

Screenshot

---

How to Crack Sublime Text 3 & 4 Alpha 4094 with Hex Editor (Linux & MacOS | With License) ↓

1. Download & Install Sublime Text 3 or 4
2. Visit https://hexed.it/
3. Open file select sublime_text
   • Linux Location: /opt/sublime_text/sublime_text
   • MacOS Location: /Application/Sublime Text [version].app (Correct Me If I'm Wrong)
4. Search 97 94 0D and Change to 00 00 00
5. Export File and save it to location you want
6. Backup sublime_text file (just rename)
7. Copy sublime_text modified to default directory Sublime Text
8. Use this License

----- BEGIN LICENSE ----- 
TwitterInc 
200 User License 
EA7E-890007 
1D77F72E 390CDD93 4DCBA022 FAF60790 
61AA12C0 A37081C5 D0316412 4584D136 
94D7F7D4 95BC8C1C 527DA828 560BB037 
D1EDDD8C AE7B379F 50C9D69D B35179EF 
2FE898C4 8E4277A8 555CE714 E1FB0E43 
D5D52613 C3D12E98 BC49967F 7652EED2 
9D2D2E61 67610860 6D338B72 5CF95C69 
E36B85CC 84991F19 7575D828 470A92AB 
------ END LICENSE ------

9. Happy Coding :)

Screenshot

---

macOS 4126 can use this.

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

Thanks, It worked on macOS monterey 12.4

macOS 4126 can use this.

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

Thanks Worked for Windows 10.

macOS 4126 can use this.

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

its working..thanks

ubuntu 20.04 LTS can use this

Mac os
New License : v4 Build 4133

thanks to tnt team

----BEGIN LICENSE-----
TNT Team
Unlimited User License
EA7E-2010859462
6C5E525261BC8146AAAC8783279A74F5
57BF1CB0C1944B5517D42C38DB2282F2
E047071E334FEF878FFF09A3BB2B787B
06CE14F6DDAFB7A8C1123C226C250323
B45CC6567A2575668B94A3ACB773D963
ED045D9F798CC023694AF1467FD51C75
B05B81C8B226863915DC1140ADB97EC4
1CFA3B0FD72AACB8DBA7B6204A7AC4C2
-----END LICENSE-----

Mac os New License : v4 Build 4133

thanks to tnt team

----BEGIN LICENSE----- TNT Team Unlimited User License EA7E-2010859462 6C5E525261BC8146AAAC8783279A74F5 57BF1CB0C1944B5517D42C38DB2282F2 E047071E334FEF878FFF09A3BB2B787B 06CE14F6DDAFB7A8C1123C226C250323 B45CC6567A2575668B94A3ACB773D963 ED045D9F798CC023694AF1467FD51C75 B05B81C8B226863915DC1140ADB97EC4 1CFA3B0FD72AACB8DBA7B6204A7AC4C2 -----END LICENSE-----

not working tho

This works for most of the Sublime Text 4.X x64 (Including 4107) - block the license check via host or patch it out of EXE

RSA Key Patch (allows any key in right format to work)

Search for ...
4157415656575553B828210000
Replace with ...
33C0FEC0C3575553B828210000

Disable License Check (You can do this via hosts file if you rather)

Search for...
6C6963656E73652E7375626C696D6568712E636F6D
Replace with ...
7375626C696D6568712E6C6F63616C686F73740000

You can now use any license basically that follows the same syntax/format/key.

-- BEGIN LICENSE --
Generic Name
Unlimited User License
EA7E-81044230
0C0CD4A8 CAA317D9 CCABD1AC 434C984C
7E4A0B13 77893C3E DD0A5BA1 B2EB721C
4BAAB4C4 9B96437D 14EB743E 7DB55D9C
7CA26EE2 67C3B4EC 29B2C65A 88D90C59
CB6CCBA5 7DE6177B C02C2826 8C9A21B0
6AB1A5B6 20B09EA2 01C979BD 29670B19
92DC6D90 6E365849 4AB84739 5B4C3EA1
048CC1D0 9748ED54 CAC9D585 90CAD815
-- END LICENSE --```

This one still works for ST/SM in Windows. But it needs another patch to stop the "Persistent License Check 1".

yeah that one works

macOS 4126 can use this.

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

Hey! thanks for this one. It worked on parrot sec. os release 5.

I need serial key for linux please. Copy paste only.

I need serial key for linux please. Copy paste only.

as per your wish, ST 4126 + https://gist.github.com/JerryLokjianming/71dac05f27f8c96ad1c8941b88030451?permalink_comment_id=4202408#gistcomment-4202408 is the best fit.

This works for Linux Mint as well.
Added direct link, otherwise you have to scroll too much to find it.
https://gist.github.com/JerryLokjianming/71dac05f27f8c96ad1c8941b88030451?permalink_comment_id=4202408#gistcomment-4202408

macOS 4126 can use this.

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

This is worked in Windows 11 and MacOS Monterey. Ver: 4126
Thank you very much.

macOS 4126 can use this.

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

is it generated? for macos it is not working.

is it generated? for macos it is not working.

All ST license works on all platforms except that it's a banned license in later build, which is this case. You can safely assume all leaked license here will be banned soon. But at least it works on 4126.

is it generated? for macos it is not working.

All ST license works on all platforms except that it's a banned license in later build, which is this case. You can safely assume all leaked license here will be banned soon. But at least it works on 4126.

any working for build 4134?

any working for build 4134?

I personal consider this gist no longer updated. You can go https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47

any working for build 4134?

I personal consider this gist no longer updated. You can go https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47

umm, i meant licenses?
tnt custom ones perhaps

any working for build 4134?

I personal consider this gist no longer updated. You can go https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47

umm, i meant licenses? tnt custom ones perhaps

You should ask the TNT team then. TNT uses pre-cracked binary. Those "invalid" licenses only work on TNT's releases.

any working for build 4134?

I personal consider this gist no longer updated. You can go https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47

umm, i meant licenses? tnt custom ones perhaps

You should ask the TNT team then.

how can i contact them?

how can i contact them?

I don't know.

---

I do consider it's VERY easy to find cracked ST/SM or recipe on the internet. But if you have various limitations on this like

• it must provide a license
• it must be TNT release

then good luck. I doubt that there is ST 4134 released by TNT.

---

@maboloshi is so kind that he has summed up all information for you and even provide recipes. You can crack it just by copy and paste commands. I don't see why you need TNT's release at this point. TNT's release is more like a blackbox which theoretically is more dangerous even we know TNT has "good" reputation in cracking.

how can i contact them?

I don't know.

I do consider it's VERY easy to find cracked ST/SM or recipe on the internet. But if you have various limitations on this like

• it must provide a license
• it must be TNT release

then good luck. I doubt that there is ST 4134 released by TNT.

@maboloshi is so kind that he has summed up all information for you and even provide recipes. You can crack it just by copy and paste commands. I don't see why you need TNT's release at this point. TNT's release is more like a blackbox which theoretically is more dangerous even we know TNT has "good" reputation in cracking.

How can i find patch points by myself, using x64dbg and later edit with hex at user level?
can u share some resources or give a start..you're super welcome.

How can i find patch points by myself, using x64dbg and later edit with hex at user level?
can u share some resources or give a start..you're super welcome.

@DeveloperKev you can learn from this guide https://gist.github.com/opastorello/05f02f902339ebc27ea7f20c1838b066
or from posts of @leogx9r in this gist (such as https://gist.github.com/JerryLokjianming/71dac05f27f8c96ad1c8941b88030451?permalink_comment_id=3762200#gistcomment-3762200). There would be more resources if you search in crack forums.

—– BEGIN LICENSE —–
Mifeng User
Single User License
EA7E-1184812
C0DAA9CD 6BE825B5 FF935692 1750523A
EDF59D3F A3BD6C96 F8D33866 3F1CCCEA
1C25BE4D 25B1C4CC 5110C20E 5246CC42
D232C83B C99CCC42 0E32890C B6CBF018
B1D4C178 2F9DDB16 ABAA74E5 95304BEF
9D0CCFA9 8AF8F8E2 1E0A955E 4771A576
50737C65 325B6C32 817DCB83 A7394DFA
27B7E747 736A1198 B3865734 0B434AA5
—— END LICENSE ——

on linux it works, thanks

—– BEGIN LICENSE —–
Mifeng User
Single User License
EA7E-1184812
C0DAA9CD 6BE825B5 FF935692 1750523A
EDF59D3F A3BD6C96 F8D33866 3F1CCCEA
1C25BE4D 25B1C4CC 5110C20E 5246CC42
D232C83B C99CCC42 0E32890C B6CBF018
B1D4C178 2F9DDB16 ABAA74E5 95304BEF
9D0CCFA9 8AF8F8E2 1E0A955E 4771A576
50737C65 325B6C32 817DCB83 A7394DFA
27B7E747 736A1198 B3865734 0B434AA5
—— END LICENSE ——

win10 work, thanks

—– BEGIN LICENSE —–
Mifeng User
Single User License
EA7E-1184812
C0DAA9CD 6BE825B5 FF935692 1750523A
EDF59D3F A3BD6C96 F8D33866 3F1CCCEA
1C25BE4D 25B1C4CC 5110C20E 5246CC42
D232C83B C99CCC42 0E32890C B6CBF018
B1D4C178 2F9DDB16 ABAA74E5 95304BEF
9D0CCFA9 8AF8F8E2 1E0A955E 4771A576
50737C65 325B6C32 817DCB83 A7394DFA
27B7E747 736A1198 B3865734 0B434AA5
—— END LICENSE ——

for linux work, thanks

Thanks friend

—– BEGIN LICENSE —–
Mifeng User
Single User License
EA7E-1184812
C0DAA9CD 6BE825B5 FF935692 1750523A
EDF59D3F A3BD6C96 F8D33866 3F1CCCEA
1C25BE4D 25B1C4CC 5110C20E 5246CC42
D232C83B C99CCC42 0E32890C B6CBF018
B1D4C178 2F9DDB16 ABAA74E5 95304BEF
9D0CCFA9 8AF8F8E2 1E0A955E 4771A576
50737C65 325B6C32 817DCB83 A7394DFA
27B7E747 736A1198 B3865734 0B434AA5
—— END LICENSE ——

This works on ubuntu

This works everywhere :D but it only works on 4126, not later builds.

—– BEGIN LICENSE —–
Mifeng User
Single User License
EA7E-1184812
C0DAA9CD 6BE825B5 FF935692 1750523A
EDF59D3F A3BD6C96 F8D33866 3F1CCCEA
1C25BE4D 25B1C4CC 5110C20E 5246CC42
D232C83B C99CCC42 0E32890C B6CBF018
B1D4C178 2F9DDB16 ABAA74E5 95304BEF
9D0CCFA9 8AF8F8E2 1E0A955E 4771A576
50737C65 325B6C32 817DCB83 A7394DFA
27B7E747 736A1198 B3865734 0B434AA5
—— END LICENSE ——

This works on ubuntu

Fedora, using stable v4 4126

I HAVE JUST TRIED IT AND IT IS NOT WORKING. HOWEVER, I ACTIVATED MY SUBLIME TEXT WITH ACTIVATOR. HERE IS FOR THOSE WHO WANT TO DOWNLOAD IT: SUBLIME TEXT ACTIVATOR. IT WORKS WITH ALL SUBLIME BUILDS. P.S IT IS NOT MINE AND I AM JUST SHARING IT HERE.

Virus alarm.

@n6333373 the comment with virus download was deleted. Maybe the OP woke up and nuke it.

—– BEGIN LICENSE —–
Mifeng User
Single User License
EA7E-1184812
C0DAA9CD 6BE825B5 FF935692 1750523A
EDF59D3F A3BD6C96 F8D33866 3F1CCCEA
1C25BE4D 25B1C4CC 5110C20E 5246CC42
D232C83B C99CCC42 0E32890C B6CBF018
B1D4C178 2F9DDB16 ABAA74E5 95304BEF
9D0CCFA9 8AF8F8E2 1E0A955E 4771A576
50737C65 325B6C32 817DCB83 A7394DFA
27B7E747 736A1198 B3865734 0B434AA5
—— END LICENSE ——

This works on ubuntu

On macOS Monterey as well

—– BEGIN LICENSE —– Mifeng User Single User License EA7E-1184812 C0DAA9CD 6BE825B5 FF935692 1750523A EDF59D3F A3BD6C96 F8D33866 3F1CCCEA 1C25BE4D 25B1C4CC 5110C20E 5246CC42 D232C83B C99CCC42 0E32890C B6CBF018 B1D4C178 2F9DDB16 ABAA74E5 95304BEF 9D0CCFA9 8AF8F8E2 1E0A955E 4771A576 50737C65 325B6C32 817DCB83 A7394DFA 27B7E747 736A1198 B3865734 0B434AA5 —— END LICENSE ——

This works on ubuntu

On macOS Monterey as well

does it work in ventura?

Does anyone have the crack for 4142 release? linux.

Does anyone have the crack for 4142 release? linux.

You can try this.

For version 4 Build 4142:

Keygen+Patcher for Win64:

https://www7.zippyshare.com/v/fWB3Bb88/file.html

License+patched for Linux Intel X86_64:

https://www54.zippyshare.com/v/1kFKQTHd/file.html

License+patched for Linux ARM64:

https://www28.zippyshare.com/v/PGEUAw0q/file.html

License+patched for MacOS UB (Intel X64 and ARM64/M1/M2):

https://www28.zippyshare.com/v/EQBcUZ6U/file.html

Notes:

1. On Linux, after unpacking archive with 7zip you might need to make "sublime_text" executable (in case it doesn't run).
2. You can use keygen on Windows to generate license for Linux/MacOS versions (only for this patched version by X-Force).

For version 4 Build 4142:

Keygen+Patcher for Win64:

https://www7.zippyshare.com/v/fWB3Bb88/file.html

License+patched for Linux X64:

https://www54.zippyshare.com/v/1kFKQTHd/file.html

On Linux, after unpacking archive with 7zip you might need to make "sublime_text" executable (in case it doesn't run).

Note: you can use keygen on Windows to generate license for Linux version (only for this patched version by X-Force).

tnx for the virus, x-fucking-force!

tnx for the virus, x-fucking-force!

1st: don't be childish.
2nd: there is no virus. If your security tool detect a virus, it's a false positive.. If you don't trust it, run it in a sandbox like a VM or SandBoxie.

tnx for the virus, x-fucking-force!

1st: don't be childish. 2nd: there is no virus. If your security tool detect a virus, it's a false positive.. If you don't trust it, run it in a sandbox like a VM or SandBoxie.

yeah, i just tested.
what will you say now?

yeah, i just tested.
what will you say now?

Are you dumb or what?

yeah, i just tested.
what will you say now?

Are you dumb or what?

real

For version 4 Build 4142:

Keygen+Patcher for Win64:

https://www7.zippyshare.com/v/fWB3Bb88/file.html

License+patched for Linux X64:

https://www54.zippyshare.com/v/1kFKQTHd/file.html

On Linux, after unpacking archive with 7zip you might need to make "sublime_text" executable (in case it doesn't run).

Note: you can use keygen on Windows to generate license for Linux version (only for this patched version by X-Force).

Worked Perfectly for me.

For version 4 Build 4142:
Keygen+Patcher for Win64:
https://www7.zippyshare.com/v/fWB3Bb88/file.html
License+patched for Linux X64:
https://www54.zippyshare.com/v/1kFKQTHd/file.html
On Linux, after unpacking archive with 7zip you might need to make "sublime_text" executable (in case it doesn't run).

Note: you can use keygen on Windows to generate license for Linux version (only for this patched version by X-Force).

Worked Perfectly for me.

r u in linux?

share one working license

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

i had to reinstall my pc for you prick!

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

why dont u share solution without sharing fking executables that can fk almost anyone by clicks!

It's really not that hard to write an xxd script, here's my personal patcher.nu script:

if ('crash_reporter.exe' | path exists) { rm crash_reporter.exe }
if ('update_installer.exe' | path exists) { rm update_installer.exe }
if (not ('sublime_text.exe.old' | path exists)) { mv sublime_text.exe sublime_text.exe.old }
xxd -p sublime_text.exe.old | sd 4157415656575553b828210000 33c0fec0c3575553b828210000 | sd 6c6963656e73652e7375626c696d6568712e636f6d 7375626c696d6568712e6c6f63616c686f73740000 | xxd -r -p | save sublime_text.exe

Now please stop spam bumping this thread, fucking GitHub is sending gist notifs as emails now, and I can't turn it off

It's really not that hard to write an xxd script, here's my personal patcher.nu script:

The other moron could have diff the cracked file vs the genuine one also... but he's too dumb to use brain. Sigh.

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

why dont u share solution without sharing fking executables that can fk almost anyone by clicks!

you can just crack these by yourself, X-Force Team crack aren't doing any harm at all.

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

why dont u share solution without sharing fking executables that can fk almost anyone by clicks!

you can just crack these by yourself, X-Force Team crack aren't doing any harm at all.

@Hazuki-san did you just put the crack from X-Force Team into your ST-collections repo ?

@Hazuki-san did you just put the crack from X-Force Team into your ST-collections repo ?

of course not, used IDA and compare between 4107 that i had and 4142.

virus!

@Hazuki-san did you just put the crack from X-Force Team into your ST-collections repo ?

of course not, used IDA and compare between 4107 that i had and 4142.

@Hazuki-san you forgot the license_notification :P

Added MacOS & Linux ARM64 version to my previous post.

Emmm, where can I find the X-Force's patch? I didn't find it from the Google.

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

why dont u share solution without sharing fking executables that can fk almost anyone by clicks!

If you don't want to hex-edit or use EXEs, you can use my open-source Python patcher for ST Winx64 versions <= 4143: https://github.com/rainbowpigeon/sublime-text-4-patcher/
No valid license is needed, just enter any text instead.

share one working license

If you are not happy with solutions given here you can go to Sublime HQ's shop and buy a legit license.

why dont u share solution without sharing fking executables that can fk almost anyone by clicks!

If you don't want to hex-edit or use EXEs, you can use my open-source Python patcher for ST Winx64 versions <= 4143: https://github.com/rainbowpigeon/sublime-text-4-patcher/ No valid license is needed, just enter any text instead.

why dont u share bash scripts?
btw your python patcher seems to be fishy, a single py was enough

there's literally only one .py file lmao just read and see the code itself

there's literally only one .py file lmao just read and see the code itself

i meant whole, why?

If you don't want to hex-edit or use EXEs, you can use my open-source Python patcher for ST Winx64 versions <= 4143: https://github.com/rainbowpigeon/sublime-text-4-patcher/ No valid license is needed, just enter any text instead.

why dont u share bash scripts? btw your python patcher seems to be fishy, a single py was enough

I’m not familiar with Bash so I used Python.
Yup the single Python file is enough for end-users and it was intended to be this way. Feel free to not download the other files as they are just for development purposes.

Emmm, where can I find the X-Force's patch? I didn't find it from the Google.

Here: https://scnlog.me/apps/win/

Emmm, where can I find the X-Force's patch? I didn't find it from the Google.

Here: https://scnlog.me/apps/win/

viruses!

Emmm, where can I find the X-Force's patch? I didn't find it from the Google.

Here: https://scnlog.me/apps/win/
tks bro🫡

Updated keygen+patch for build 4143 Win64:

https://www82.zippyshare.com/v/9RHh6rdn/file.html

Linux X64 patched+license key:

https://www9.zippyshare.com/v/BBiK5NsL/file.html

Updated keygen+patch for build 4143 Win64:

https://www82.zippyshare.com/v/9RHh6rdn/file.html

Linux X64 patched+license key:

https://www9.zippyshare.com/v/BBiK5NsL/file.html

Thanks Linux Version worked perfectly

https://raw.githubusercontent.com/rainbowpigeon/sublime-text-4-patcher/main/sublime_text_4_patcher.py works well for:

Windows (Sublime Text Build 4143)

Just needs

pip3 install pefile

As a pre-req.

https://raw.githubusercontent.com/rainbowpigeon/sublime-text-4-patcher/main/sublime_text_4_patcher.py works well for:

Windows (Sublime Text Build 4143)

Just needs

pip3 install pefile

As a pre-req.

Thank you very much for your share! It worked for me: https://prnt.sc/a5xpuuQ8nPsA

Thanks Linux Version worked perfectly

@idlpar May you please reupload at some place?

Or @ShaGrAt-LsD ? Thanks in advance.

Thank you for your suggestion. It worked absolutely fine. See the latest screenshot

@idlpar I thought you were on Linux? Do you still have the Zippyshare file on your hard drive?

Re up of Linux version 4143:

https://www93.zippyshare.com/v/0RBcCDoU/file.html

Re up of Linux version 4143:

https://www93.zippyshare.com/v/0RBcCDoU/file.html

why my pc is showing viruses

Antivirus software aren't very intelligent, they can't interpret code like we can, they just see code - be it in a program legitimately for a good purpose or code in a malicious program, it's safer for everyone if that code is considered malicious than to find out later that it's not, thinking that it's safe. This is what you call a "false positive" - it's incredibly common.

Hell many years ago, I would make ESET Nod32 go insane, after renaming a blank text file to keygen.exe ... It was very amsuing to see it go apeshit over literally nothing when explaining to clients about viruses and threats.

what is the way to patch Linux version ? the key listed here is over 3 years old and is not accepted with current version as it needed upgrading

97 94 0D Changed to 00 00 00

----- BEGIN LICENSE ----- 
TwitterInc 
200 User License 
EA7E-890007 
1D77F72E 390CDD93 4DCBA022 FAF60790 
61AA12C0 A37081C5 D0316412 4584D136 
94D7F7D4 95BC8C1C 527DA828 560BB037 
D1EDDD8C AE7B379F 50C9D69D B35179EF 
2FE898C4 8E4277A8 555CE714 E1FB0E43 
D5D52613 C3D12E98 BC49967F 7652EED2 
9D2D2E61 67610860 6D338B72 5CF95C69 
E36B85CC 84991F19 7575D828 470A92AB 
------ END LICENSE ------

Re-upload on a different host for peoples who can't download from Zippyshare.

Sublime Text 4143:

Keygen+Patch for Win64:
https://rapidgator.net/file/0e5e5b017ffc7ae94026040432122235/SUBLIME_TEXT_V4.4143_WIN64.7z.html

Patched+License for all Linux:
https://rapidgator.net/file/f8345f6d6aeba1814eac48116f8865ae/SUBLIME_TEXT_V4.4143_LINUX_X64.7z.html
https://rapidgator.net/file/95ace901eaa483bda993a754ba10c113/SUBLIME_TEXT_V4.4143_LINUX_DEB_X64.7z.html
https://rapidgator.net/file/f49ae7ebfe8087f7cdb4ec3c1ffb9dcc/SUBLIME_TEXT_V4.4143_LINUX_DEB_ARM64.7z.html
https://rapidgator.net/file/aada10281494d3a0de98c9288dd9d819/SUBLIME_TEXT_V4.4143_LINUX_ARM64.7z.html

Patched+License for MacOS X64/ARM64 (M1/M2):
https://rapidgator.net/file/35d8cc088395f795ab42683bba7b6871/SUBLIME_TEXT_V4.4143_MACOS_UB.7z.html

https://rapidgator.net/file/0e5e5b017ffc7ae94026040432122235/SUBLIME_TEXT_V4.4143_WIN64.7z.html

This version is not only uploaded to a random site that makes you wait 45 seconds to start downloading, but is 520kb, contains sandbox evasion code, is packed with UPX, alters the registry, and contains multiple other dlls and files - Including the actual 110.5kb file which it subsequently runs to appear legitimate.

The user ShaGrAt-LsD also has 0 public gists, and hasn't committed to Github in at least a year, with no activity since they forked 3 repos at the start of last year.

I personally wouldn't trust this random file.

@t94xr @ShaGrAt-LsD
they both are same, providing free viruses!

@t94xr @ShaGrAt-LsD
they both are same, providing free viruses!

@t94xr is clever, and actually has some credibility on Github. It's also true that some AV's do indeed pick up Keygens. The problem is that when it's Keygen + Malware, the AV picks up the first, people disable it, and get hit by the second.

The download did actually have a Keygen (It was about 1/4 the size of the upload) - It just also had malware.

https://rapidgator.net/file/0e5e5b017ffc7ae94026040432122235/SUBLIME_TEXT_V4.4143_WIN64.7z.html

This version is not only uploaded to a random site that makes you wait 45 seconds to start downloading,

If one don't like rapidgator he can use the zippyshare link I posted.

but is 520kb, contains sandbox evasion code, is packed with UPX, alters the registry, and contains multiple other dlls and files - Including the actual 110.5kb file which it subsequently runs to appear legitimate.

If you had really look at the exe you'd see there's nothing like sandbox evasion or whatever. It's a simple Nullsoft installer that unpack the dlls and the keygen in temp dir and execute it from there. You can just unpack it with 7zip if you want. The Keygen itself is 110kb and is compiled with GCC, is NOT packed with UPX or any other packer, and is easy to analyze in IDA or Ghidra to see there is no bad code in there.

It just also had malware.

You are simply a liar.

but sending malware is not a good thing, we both know.

All the time, try HexEditor, Easy to do that

but sending malware is not a good thing, we both know.

It's easy to compare initial and patched executables to see there is nothing like a malware in X-Force's crack.

@DeveloperKev if you don't trust the patcher, you can do it yourself using the instruction from a comment of maboloshi

@ShaGrAt-LsD the patcher may install a rootkit or backdoor. It's not easy for a normal person to check that.

but sending malware is not a good thing, we both know.

It's easy to compare initial and patched executables to see there is nothing like a malware in X-Force's crack.

didnt i check

@ShaGrAt-LsD the patcher may install a rootkit or backdoor. It's not easy for a normal person to check that.

Maybe this is the wrong place for you.

@ShaGrAt-LsD the patcher may install a rootkit or backdoor. It's not easy for a normal person to check that.

Yeah but given you can actually just read the code
https://raw.githubusercontent.com/rainbowpigeon/sublime-text-4-patcher/main/sublime_text_4_patcher.py
It's clean. Nothing in there that I can see that's malicious.

Nothing in there that I can see that's malicious.

That version is clean - Yes. Their version includes multiple other unrelated files.

Hey @t94xr, that's not the source code for the patcher from @ShaGrAt-LsD

And 8 lines of bash script from @maboloshi is much clearer and safer than that.

Hello, someone has been able to check if there are bad intentions in the shared files of @ShaGrAt-LsD I have version 4143 installed... how you disable auto-update, alternatively to modify hosts file???

@arcanisgk you should check yourself. But it's easier to check a simple patcher, such as the bash script from maboloshi.

…

Hello, someone has been able to check if there are bad intentions in the shared files of @ShaGrAt-LsD I have version 4143 installed... how you disable auto-update, alternatively to modify hosts file???

definitely

hi

@ShaGrAt-LsD the patcher may install a rootkit or backdoor. It's not easy for a normal person to check that.

Yeah but given you can actually just read the code https://raw.githubusercontent.com/rainbowpigeon/sublime-text-4-patcher/main/sublime_text_4_patcher.py It's clean. Nothing in there that I can see that's malicious.

pls can you combine Merge and ST4 together in same py file @t94xr

fake ones possible

Sublime Text Dev channel v4146 Crack without license activation。
JUST FOR INTEL MACOS！
https://github.com/QiuChenly/MyMacsAppCrack

Sublime Text Dev channel v4146 Crack without license activation。 JUST FOR INTEL MACOS！ https://github.com/QiuChenly/MyMacsAppCrack

@maboloshi you can look at this for 4146 patch. You might need to extract the x86_64 part using lipo

@Destitute-Streetdwelling-Guttersnipe Previous binary file comparison, crack ideas and @leogx9r completely different.

@Destitute-Streetdwelling-Guttersnipe Previous binary file comparison, crack ideas and @leogx9r completely different.

@maboloshi This patch just change the initial license check to 6A 00 58 C3, and then use codesign.
I think you can easily find other patch offsets

@Destitute-Streetdwelling-Guttersnipe I don't have a lot of time these days, so I'm going to give it a try when the time comes.

@maboloshi i am counting on you.

what is the way to patch Linux version ? the key listed here is over 3 years old and is not accepted with current version as it needed upgrading

97 94 0D Changed to 00 00 00

----- BEGIN LICENSE ----- 
TwitterInc 
200 User License 
EA7E-890007 
1D77F72E 390CDD93 4DCBA022 FAF60790 
61AA12C0 A37081C5 D0316412 4584D136 
94D7F7D4 95BC8C1C 527DA828 560BB037 
D1EDDD8C AE7B379F 50C9D69D B35179EF 
2FE898C4 8E4277A8 555CE714 E1FB0E43 
D5D52613 C3D12E98 BC49967F 7652EED2 
9D2D2E61 67610860 6D338B72 5CF95C69 
E36B85CC 84991F19 7575D828 470A92AB 
------ END LICENSE ------

@MasterCATZ There's a patch for linux at https://gist.github.com/opastorello/4d494d627ec9012367028c89cb7a1945
That one doesn't need the TwitterInc license.

Hi, I wrote a patcher for linux, and you guys can use the code and just change the patterns. thanks to everyone for writing the offsets and hex patterns, Subzero](https://github.com/socialfright/subzero), Thanks, I will make one for all OS's but I just wanted to send a proof of concept.

Fyi that link is 404 ??

Sorry its on my github page i dont know why the link is not working

Fyi that link is 404 ??

github.com/socialfright/subzero i cant get that link to work

The subzero link originally pointed to https://gist.github.com/maboloshi/url which is why it was broken for some people.

https://github.com/socialfright/subzero works properly.

rapidgator.net/file/0e5e5b017ffc7ae94026040432122235/SUBLIME_TEXT_V4.4143_WIN64.7z.html

This version is not only uploaded to a random site that makes you wait 45 seconds to start downloading, but is 520kb, contains sandbox evasion code, is packed with UPX, alters the registry, and contains multiple other dlls and files - Including the actual 110.5kb file which it subsequently runs to appear legitimate.

The user ShaGrAt-LsD also has 0 public gists, and hasn't committed to Github in at least a year, with no activity since they forked 3 repos at the start of last year.

I personally wouldn't trust this random file.

@Reelix I have analyzed the program on triage, and the sandbox scan can be viewed here.

It's packed with ACProtect + UPX,

rapidgator.net/file/0e5e5b017ffc7ae94026040432122235/SUBLIME_TEXT_V4.4143_WIN64.7z.html

This version is not only uploaded to a random site that makes you wait 45 seconds to start downloading, but is 520kb, contains sandbox evasion code, is packed with UPX, alters the registry, and contains multiple other dlls and files - Including the actual 110.5kb file which it subsequently runs to appear legitimate.
The user ShaGrAt-LsD also has 0 public gists, and hasn't committed to Github in at least a year, with no activity since they forked 3 repos at the start of last year.
I personally wouldn't trust this random file.

@Reelix I have analyzed the program on triage, and the sandbox scan can be viewed here.

It's packed with ACProtect + UPX,

No it's not. It seems it's time to get better tools...

rapidgator.net/file/0e5e5b017ffc7ae94026040432122235/SUBLIME_TEXT_V4.4143_WIN64.7z.html

This version is not only uploaded to a random site that makes you wait 45 seconds to start downloading, but is 520kb, contains sandbox evasion code, is packed with UPX, alters the registry, and contains multiple other dlls and files - Including the actual 110.5kb file which it subsequently runs to appear legitimate.
The user ShaGrAt-LsD also has 0 public gists, and hasn't committed to Github in at least a year, with no activity since they forked 3 repos at the start of last year.
I personally wouldn't trust this random file.

@Reelix I have analyzed the program on triage, and the sandbox scan can be viewed here.
It's packed with ACProtect + UPX,

No it's not. It seems it's time to get better tools...

I beg to differ @ShaGrAt-LsD
Virus scan here: https://www.joesandbox.com/analysis/1178886

Thanks, @Aholicknight. Your detailed analysis reveals lots of suspicious actions of this patcher.

License+patched for Linux ARM64:

This disk seems to be unavailable，can you send me a linux arm64 license?it's so hard to find，thanks

o.baka@hotmail.com

@strotee

Hex patches?

https://pastebin.com/raw/KywbN0xV
Same instructions for 4152. These work for portable x64, btw.

https://pastebin.com/raw/KywbN0xV Same instructions for 4152. These work for portable x64, btw.

Thank you but for me is not working. I tried but I cannot find it.. on

It works. Start with a clean, portable source, when you search in HxD, click on the Hex tab. After you search for & replace the two values, then save the file in HxD and exit and open the file. Click on Help then Enter License, copy/paste the license (altering the [Enter your name] with your name). It's going to attempt to connect so that's why having a firewall (Simplewall) is crucial.

No it's not. It seems it's time to get better tools...

Sorry, are you actually trying to claim that you accidentally have multiple IoC's, and that it was due to changing some hex bytes?

It works. Start with a clean, portable source, when you search in HxD, click on the Hex tab. After you search for & replace the two values, then save the file in HxD and exit and open the file. Click on Help then Enter License, copy/paste the license (altering the [Enter your name] with your name). It's going to attempt to connect so that's why having a firewall (Simplewall) is crucial.

I don't use portable one.. for normal installed sublime you don't have the solve?

iN hXd if I search/find it find the strings but if I Replace it can't find the second line. Manually typing the code over the string still says unregistered.

4152 hex (Windows x64/leogx9r's method):
E8 17 FE 20 00 49 8B 96 B8 02 00 00 48 8D 0D 35 0C 00 00 41 B8 98 3A 00 00 E8 FE FD 20 00 4C 89 -> 90 90 90 90 90 49 8B 96 B8 02 00 00 48 8D 0D 35 0C 00 00 41 B8 98 3A 00 00 90 90 90 90 90 4C 89 (Invalidation/Validation Functions)
30 5E C3 E9 66 25 00 00 55 41 57 41 56 41 55 41 -> 30 5E C3 E9 66 25 00 00 48 31 C0 C3 56 41 55 41 (License Validity Checking)
F5 FF 90 48 83 C4 30 5B 5F 5E 41 5E 5D C3 55 56 57 48 83 EC 30 48 8D 6C -> F5 FF 90 48 83 C4 30 5B 5F 5E 41 5E 5D C3 48 31 C0 48 FF C0 C3 48 8D 6C (Server Validation Thread)

After patch just enter anything to license and it should work.

F5 FF 90 48 83 C4 30 5B 5F 5E 41 5E 5D C3 55 56 57 48 83 EC 30 48 8D 6C -> F5 FF 90 48 83 C4 30 5B 5F 5E 41 5E 5D C3 55 56 57 48 83 EC 30 48 8D 6C (Server Validation Thread) these are the same values

@fredgolightly I'm sorry, my copy/paste system probably had some hiccups.

F5 FF 90 48 83 C4 30 5B 5F 5E 41 5E 5D C3 55 56 57 48 83 EC 30 48 8D 6C -> F5 FF 90 48 83 C4 30 5B 5F 5E 41 5E 5D C3 48 31 C0 48 FF C0 C3 48 8D 6C

Why does VT flag both files (the before and after) with Trapmine?

Before - https://www.virustotal.com/gui/file/c6c228c96a32bbb23304701d418c1428b3526331bf80cbb77a3fb82217f5282c

After - https://www.virustotal.com/gui/file/4716c1879f539fa110f6eb224acf806893ecab90e5da4009a6c3e82091cf008f

@nopeitsnothing it's another false positive from Trapmine. Other antivirus engines didn't detect anything.

https://pastebin.com/raw/KywbN0xV Same instructions for 4152. These work for portable x64, btw.

Thank you but for me is not working. I tried but I cannot find it.. on

this is work for me sublime text 4152 https://github.com/N1ght420/Sublime-Patch

https://pastebin.com/raw/KywbN0xV Same instructions for 4152. These work for portable x64, btw.

Thank you but for me is not working. I tried but I cannot find it.. on

this is work for me sublime text 4152 https://github.com/N1ght420/Sublime-Patch

Thank you very much is worked perfectly

this is work for me sublime text 4152 https://github.com/N1ght420/Sublime-Patch

It seems like the Pastebin link was deleted. Incase this GitHub repo gets deleted, I moved the readme onto this site so it won't get deleted: https://go.0xfc.de/wrcy2j

I have also created a patcher from the GitHub repo https://github.com/N1ght420/Sublime-Patch incase you do not know how to use a hex editor. This patcher was created with dUP2, and also includes the setup. The patch.rar archive password is 123

Virustotal for patcher is here

Virustotal for patcher + setup is here

Download: https://www.mirrored.to/files/0LBL9JOI/Sublime_Text_v4152_x64___Patch_0.rar_links

Enjoy!

@Aholicknight Virustotal result for the patcher looks scary : 44 security vendors and 1 sandbox flagged this file as malicious

@Aholicknight Virustotal result for the patcher looks scary : 44 security vendors and 1 sandbox flagged this file as malicious

@Destitute-Streetdwelling-Guttersnipe It shows 44 flags because I created the patcher with dup2, a very popular patcher that scene groups use, which is available here

This patcher also makes no internet connections, does not interact or even open any other files on the computer except the target exe (sublime text).

If you still do not trust me that it's just false positives I also uploaded the patcher on JoeSandbox, which can be seen here: https://www.joesandbox.com/analysis/1290344

@Aholicknight Virustotal result for the patcher looks scary : 44 security vendors and 1 sandbox flagged this file as malicious

@Destitute-Streetdwelling-Guttersnipe It shows 44 flags because I created the patcher with dup2, a very popular patcher that scene groups use, which is available here

This patcher also makes no internet connections, does not interact or even open with any other files on the computer except the target exe (sublime text).

If you still do not trust me that it's just false positives I also uploaded the patcher on JoeSandbox, which can be seen here: https://www.joesandbox.com/analysis/1290344

@Aholicknight I prefer to patch in web browser (without download or run anything) like this https://destitute-streetdwelling-guttersnipe.github.io/RomPatcher.js/#{"PATCHER":[{"name":"sublime_text_4154","file":"data:;base64,VVBTMQAgboMAIG6D+pUXwPqVF8AybecD"}]}

https://pastebin.com/raw/5tngKCuf

If anyone is on windows or linux, I made a simple patcher in python for 4152 (stable). https://github.com/socialfright/subzerox
Linux is untested.

4160 is out and the resolution for its crack is the same as I posted on 9/18.

Im working with Ubuntu 22.04.3 and currently every which way i have tried to replace the file or put the new one in it has failed. Not sure if its just an Ubuntu thing or if i just need to crack the lock on the read only folder that sublime_text is stored or if there is a different location. (I have even tried changing the permissions of the folder but it says its already a read-write, but also tells me its a read only when i try changing permissions via terminal)

@xovtar what about change user to root then replace the file?

So for Linux/Windows x64, I have created a Sublime Text 4 plugin which can patch itself.
Tested working on Sublime Text latest stable/dev build: 4168/4169

https://github.com/n6333373/warehouse/raw/main/SelfPatcher.zip

Quick Demo

dev.mp4

stable.mp4

will you have a release for the new update version 4166 linux ?

So for Linux/Windows x64, I have created a Sublime Text 4 plugin which can patch itself. Tested working on Sublime Text latest stable/dev build: 4168/4169

https://github.com/n6333373/warehouse/raw/main/SelfPatcher.zip

Quick Demo

thanks Mate works like charm in both linux and windows 11

If I were people, I'd rather avoid a compiled DLL from someone who created their first repo a week ago and wait for an open-source version.

4169 hex (Windows x64/leogx9r's method):
E8 93 58 20 00 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 E8 7A 58 20 00 -> 90 90 90 90 90 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 90 90 90 90 90 (Invalidation/Validation Functions)
E4 24 00 00 55 41 57 41 56 41 55 41 -> E4 24 00 00 48 31 C0 C3 56 41 55 41 (License Validity Checking)
55 56 57 48 83 EC 30 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 -> 48 31 C0 48 FF C0 C3 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 (Server Validation Thread)

After patch just enter anything to license and it should work.

4169 hex (Windows x64/leogx9r's method): E8 93 58 20 00 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 E8 7A 58 20 00 -> 90 90 90 90 90 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 90 90 90 90 90 (Invalidation/Validation Functions) E4 24 00 00 55 41 57 41 56 41 55 41 -> E4 24 00 00 48 31 C0 C3 56 41 55 41 (License Validity Checking) 55 56 57 48 83 EC 30 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 -> 48 31 C0 48 FF C0 C3 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 (Server Validation Thread)

After patch just enter anything to license and it should work.

Thanks man, it works perfectly.

@Hazuki-san, you forgot the patch for licenseNotifyThread. @leogx9r didn't mention it in the analysis, but put it in his/her own patcher script. See https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47?permalink_comment_id=3802197#gistcomment-3802197

4169 hex (Windows x64/leogx9r's method): E8 93 58 20 00 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 E8 7A 58 20 00 -> 90 90 90 90 90 49 8B 96 B8 02 00 00 48 8D 0D 5D 0C 00 00 41 B8 98 3A 00 00 90 90 90 90 90 (Invalidation/Validation Functions) E4 24 00 00 55 41 57 41 56 41 55 41 -> E4 24 00 00 48 31 C0 C3 56 41 55 41 (License Validity Checking) 55 56 57 48 83 EC 30 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 -> 48 31 C0 48 FF C0 C3 48 8D 6C 24 30 48 C7 45 F8 FE FF FF FF 89 D6 48 89 CF 6A 28 (Server Validation Thread)

After patch just enter anything to license and it should work.

It's works, thx

So for Linux/Windows x64, I have created a Sublime Text 4 plugin which can patch itself. Tested working on Sublime Text latest stable/dev build: 4168/4169

https://github.com/n6333373/warehouse/raw/main/SelfPatcher.zip

Quick Demo

I've installed this plugin, but this menu item is inactive, I ca'nt press. What I need to do?

OS: Pop!_OS 20.04

So for Linux/Windows x64, I have created a Sublime Text 4 plugin which can patch itself. Tested working on Sublime Text latest stable/dev build: 4168/4169
https://github.com/n6333373/warehouse/raw/main/SelfPatcher.zip

Quick Demo

I've installed this plugin, but this menu item is inactive, I ca'nt press. What I need to do?

OS: Pop!_OS 20.04

One possibility is that it the place it should be placed is Menu > Preferences > Browse Packages... rather than the Packages folder which lives aside sublime_text.

So for Linux/Windows x64, I have created a Sublime Text 4 plugin which can patch itself. Tested working on Sublime Text latest stable/dev build: 4168/4169
https://github.com/n6333373/warehouse/raw/main/SelfPatcher.zip

Quick Demo

I've installed this plugin, but this menu item is inactive, I can't press. What I need to do?
OS: Pop!_OS 20.04

One possibility is that it the place it should be placed is Menu > Preferences > Browse Packages... rather than the Packages folder which lives aside sublime_text.

Thank you for your answer. But I found a better method:

sudo sed -i 's/\x80\x78\x05\x00\x0f\x94\xc1/\xc6\x40\x05\x01\x48\x85\xc9/g' /opt/sublime_text/sublime_text

@vodiylik you should also prevent ST from notifying its server about your ST.

Do we have something for macOS build 4169?

So for Linux/Windows x64, I have created a Sublime Text 4 plugin which can patch itself. Tested working on Sublime Text latest stable/dev build: 4168/4169
https://github.com/n6333373/warehouse/raw/main/SelfPatcher.zip

Quick Demo

I've installed this plugin, but this menu item is inactive, I ca'nt press. What I need to do?
OS: Pop!_OS 20.04

One possibility is that it the place it should be placed is Menu > Preferences > Browse Packages... rather than the Packages folder which lives aside sublime_text.

Success
@pop-os:/opt/sublime_text$ sudo ./sublime_text
while its open in admin mode. Preferences > Browse Packages
Folder will open ...paste SelfPatch folder here.
Navigate back to Sublime. Help > Patch this application
Restart sublime [relaunch normally]

I really hope no one is using that self patcher package. Hopefully @defencedog and @janabil are fake GH accounts (given lack of any real activity / loc) but if not almost certainly screwed as is @vodiylik . The binary uses TBF https://github.com/secretsquirrel/the-backdoor-factory possible to do legit patching with it? Sure. Are there far easier methods that don't use a literal backdoor kit? yes.

I really hope no one is using that self patcher package. Hopefully @defencedog and @janabil are fake GH accounts (given lack of any real activity / loc) but if not almost certainly screwed as is @vodiylik . The binary uses TBF github.com/secretsquirrel/the-backdoor-factory possible to do legit patching with it? Sure. Are there far easier methods that don't use a literal backdoor kit? yes.

@JavaTryCatchMe do you have any proof or links you can provide if they have been using TBF?

@JavaTryCatchMe we are not fakes! Maybe some PC knowledge is required to understand how to apply patch

The patch is legit, I've used it on Linux and Windows and it works.

@JavaTryCatchMe we are not fakes! Maybe some PC knowledge is required to understand how to apply patch

The patch is legit, I've used it on Linux and Windows and it works.

it is not hard to apply the patch. I am not even saying it doesn't work. Plenty of malware disguises itself as something legitimate and may even do that legitimate thing (or in this case the act of cracking the application). Plenty also does not do anything suspect for some period of time, or even for most users only phoning home with some basic information and to wait to see if it should do something else or run something truly malicious.

What I am saying is you are running closed source binary executable code in full trust situations on your system from a stranger. I am saying that the binary itself has code in it from "The Backdoor Factory" linked above, that is a toolkit primarily used for remote code execution and root kits.

It is not impossible that code is used in a non-nefarious way but there are also plenty of ways not to use it.

If (hopefully) ones suspect level of random strangers binaries is a 8/10 by default and then that binary has ties with a known backdoor maybe think twice about running it...

@JavaTryCatchMe

I am the author of SelfPatcher. Please do share the proof you've found that my patcher uses TBF github.com/secretsquirrel/the-backdoor-factory. That would be interesting.

The only 3rd-party lib I used is https://github.com/secretsquirrel/SigThief whose code is fairly short and I believe it doesn't use TBF. I believe I don't I use TBF for sure. The only thing left is https://github.com/Nuitka/Nuitka which I used to compile my module into .pyd/.so files. I don't believe it uses TBF for sure (otherwise, a big news).

---

Fwiw, people are less active here. https://gist.github.com/maboloshi/feaa63c35f4c2baab24c9aaf9b3f4e47 is much more active. Actually, SelfPatcher is open-source to some of trusted cracker there, but you don't have to believe me.

First, sorry @Aholicknight sorry I missed your initial comment requesting what I found related to TBF. I saw the defencedog notification and the reply after that, and didn't scroll back far enough.

@n6333373 if I made a mistake, and spending some more time in IDA it is likely so, I apologize. After being pointed to the plugin I noticed the binary distribution which was a bit odd, rather than just the dependencies/tools. I spent about 10 minutes looking for anything horrific originally. It involving compiled python always adds a layer of abstraction. There wasn't anything obvious. There were no obvious network imports but these things can be hidden.

Only a spurious comment about code from BDF.

This paired with the one obvious link as well in the code of "https://github.com/sponsors/secretsquirrel" which first and foremost talks about their primary project of the Back Door Factory and malware related topics.

Again this was a dozen minutes reviewing a suspect random binary in an area where things can often be fraught with malicious code. It wasn't run, there was no deep analysis.

So of course with the comments I went back and took some more time.

As I see it now now:

• After running the extension sandboxed and reviewing the changes made to the assembly on the main executable there is almost certainly no malicious changes made.

• The references I found, while existed, clearly were not from the BDF library but the SigThief library @n6333373 mentioned. Specifically https://github.com/secretsquirrel/SigThief/blob/ffb501bcd86acd439e4458a33e9fc5ebed4b59a8/sigthief.py#L14 . SigTheif doesn't do anything malicious only transfer signatures between PEBs and is not used in a malicious way here.

• There are no other signs of anything malicious, network connections, etc. This isn't a full breakdown but again with a deeper dive than a glancing pass. Can things hide through something like this? Sure but is it likely here? no. I will note I only looked at the windows binary and not the linux library.

As I said at the top and will say it again now, I was almost certainly wrong. @n6333373 is quite believable and I am sorry for the hasty conclusions I initially made.