Hello!

I made a new crackme with this things:

 

Language: Visual Basic .NET

Protection: ExePack.NET

Rules: Crack this crackme to show the good message. But you can't dissamble the code, edit it and compile it again! So you can't use Reflexir. Let's see how you do it

Level: 2/10

 

crackme_lordcoder.rar

Steps to crack:

1. Open in ILSpy2
   
2. File - > Save Code (To create the project and resource.)
   
3. Click on the - folder for the project.
   
4. Select the only class object. 
   
5. File -> Save Code and name as main.cs
   
6. Rename functions to whatever to make it compile, such as: http://www.privatepaste.com/e286e5bf2d
   
7. Inside the last method, before the Assembly.Load add:
   

   
   
   using (var fStream = new FileStream("derp.exe", FileMode.CreateNew, FileAccess.ReadWrite))
   
   	   {
   
   	       using (var sWriter = new BinaryWriter(fStream))
   
   	           sWriter.Write(new BinaryReader(deflateStream).ReadBytes(count));
   
   	   }

This will create derp.exe in the same folder which is the compressed resource. Next:

1. Open the new derp.exe in ILSpy.
   
2. File -> Save Code
   
3. Fix the minor issues ILSpy makes when saving code etc. (InternalXmlHelper stuff.)
   
4. Open Form1.cs, locate Button1_Click
   
5. Change the first bool flag = true; to bool flag = false;
   
6. Done.
   

Edited June 1, 201312 yr by atom0s

Yes you're right. But you edited the full code. I mean to use a HEX editor. But your solution was cool also. Well done

CrackMe LordCoder 1.Patched.rar

Edited June 1, 201312 yr by converse

Yes you're right. But you edited the full code. I mean to use a HEX editor. But your solution was cool also. Well done

 

Ok, after dumping the real crackme, the main click function starts with:

IL_0000:      nop 00

IL_0001: ldc.i4.1 17

IL_0002:  stloc.0 0A

IL_0003:  ldloc.0 06

IL_0004:  stloc.1 0B

IL_0005:  ldloc.1 07

Which is found at: 0x15DC

 

Set 17 to 16 to crack it.

Edited June 1, 201312 yr by atom0s

Well done @atom0s. And @c0n how did you patched it?