Jump to content
Tuts 4 You

[UnpackMe] SampleCrackme CodeVeil3x


CodeExplorer

Recommended Posts

A short tutorial on how to kick CodeVeil:

Use Simple Msil Decryptor in order to decrypt MSIL.

Load the file in Reflector and enter on internal class "-", <Module>() and look at the body of .cctor() (static <Module>() on C#)

You will see this:

static <Module>()

{

<PrivateImplementationDetails>{F6D90D41-4F63-490F-A605-6F7BB23E0F39}.$$method0x6000009-0(false, true);

A.B();

}

We should nop the bolded method so let's see what is inside that:

internal static void $$method0x6000009-0(bool ‎, bool ‎)

{

if (‎)

{

try

{

$$method0x600000A-0(‎); // check if you are running on 64 bits if so exist!

}

catch (SecurityException exception)

{

string text = string.Format("The assembly '{0}' requires Full Trust to run properly. Please contact the publisher for instructions on how to enable Full Trust.", Assembly.GetExecutingAssembly());

if (Environment.UserInteractive)

{

MessageBox.Show(null, text, "Full Trust Required", MessageBoxButtons.OK, MessageBoxIcon.Hand);

Environment.Exit(1);

}

throw new InvalidOperationException(text, exception);

}

}

$$method0x600000B-0(); // if random.Next(8) == 1) create a Tread WTF ?

}

All we have to do is to set the body of method internal static void $$method0x6000009-0(bool ‎, bool ‎)

with ret (2A) and we are done.

This also brings back the 64 bits compatibilty!

  • Like 1
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...