[unpackMe] SampleCrackme CodeVeil3x

SampleCrackme CodeVeil3x.zip

first one is not decrypted but nag has be removed

second one is near to decrypted

SampleCrackme.rar

SampleCrackme_msil.rar

Edited August 29, 201114 yr by ksanket

A short tutorial on how to kick CodeVeil:

Use Simple Msil Decryptor in order to decrypt MSIL.

Load the file in Reflector and enter on internal class "-", <Module>() and look at the body of .cctor() (static <Module>() on C#)

You will see this:

static <Module>()

{

<PrivateImplementationDetails>{F6D90D41-4F63-490F-A605-6F7BB23E0F39}.$$method0x6000009-0(false, true);

A.B();

}

We should nop the bolded method so let's see what is inside that:

internal static void $$method0x6000009-0(bool ‎, bool ‎)

{

if (‎)

{

try

{

$$method0x600000A-0(‎); // check if you are running on 64 bits if so exist!

}

catch (SecurityException exception)

{

string text = string.Format("The assembly '{0}' requires Full Trust to run properly. Please contact the publisher for instructions on how to enable Full Trust.", Assembly.GetExecutingAssembly());

if (Environment.UserInteractive)

{

MessageBox.Show(null, text, "Full Trust Required", MessageBoxButtons.OK, MessageBoxIcon.Hand);

Environment.Exit(1);

}

throw new InvalidOperationException(text, exception);

}

}

$$method0x600000B-0(); // if random.Next(8) == 1) create a Tread WTF ?

}

All we have to do is to set the body of method internal static void $$method0x6000009-0(bool ‎, bool ‎)

with ret (2A) and we are done.

This also brings back the 64 bits compatibilty!

Everytime I try to save the patched file it says: Reflexil has failed to read this assembly.