Jump to content
Tuts 4 You

[CrackMe] ExePack.NET CrackMe#1

LordCoder

By LordCoder
in CrackMe

 Share
Go to solution Solved by atom0s,

Recommended Posts

LordCoder

LordCoder

Posted
Posted

Hello!


I made a new crackme with this things:


 


Language: Visual Basic .NET


Protection: ExePack.NET


Rules: Crack this crackme to show the good message. But you can't dissamble the code, edit it and compile it again! So you can't use Reflexir. Let's see how you do it :)


Level: 2/10


 


crackme_lordcoder.rar

  • Solution
atom0s

atom0s

Posted
  • Solution
Posted (edited)

Steps to crack:


  1. Open in ILSpy2
  2. File - > Save Code (To create the project and resource.)
  3. Click on the - folder for the project.
  4. Select the only class object. 
  5. File -> Save Code and name as main.cs
  6. Rename functions to whatever to make it compile, such as: http://www.privatepaste.com/e286e5bf2d
  7. Inside the last method, before the Assembly.Load add:

    
using (var fStream = new FileStream("derp.exe", FileMode.CreateNew, FileAccess.ReadWrite))
    
	   {
    
	       using (var sWriter = new BinaryWriter(fStream))
    
	           sWriter.Write(new BinaryReader(deflateStream).ReadBytes(count));
    
	   }

This will create derp.exe in the same folder which is the compressed resource. Next:


  1. Open the new derp.exe in ILSpy.
  2. File -> Save Code
  3. Fix the minor issues ILSpy makes when saving code etc. (InternalXmlHelper stuff.)
  4. Open Form1.cs, locate Button1_Click
  5. Change the first bool flag = true; to bool flag = false;
  6. Done. :)

90049134.png


Edited by atom0s
  • Like 1
LordCoder

LordCoder

Posted
  • Author
Posted

Yes you're right. But you edited the full code. I mean to use a HEX editor. But your solution was cool also. Well done :)


atom0s

atom0s

Posted
Posted (edited)

Yes you're right. But you edited the full code. I mean to use a HEX editor. But your solution was cool also. Well done :)

 

Ok, after dumping the real crackme, the main click function starts with:




IL_0000:      nop 00



IL_0001: ldc.i4.1 17



IL_0002:  stloc.0 0A



IL_0003:  ldloc.0 06



IL_0004:  stloc.1 0B



IL_0005:  ldloc.1 07














Which is found at: 0x15DC






 






Set 17 to 16 to crack it.







			
				


	Edited  by atom0s
	
	

			
		


		

		
			

		
	


	
    


	



					
					
					
				

					

					
					







	

	

	

		

			

				

	
		LordCoder
	

				
				
			

		

		

			

				


LordCoder
			

			

			    Posted 
				
			

		

	

	
	

		




	

		

			

				
    
					
						
  • Author
    • 
					
					
					
					
					
				

			

			
    
				
  • 
					
					
      
						
						
                        
						
						
						
							
								
							
							
							
							
							
							
						
					
    
				
    • 
				
			

		


		

		   
		   Posted 
		   
			
			
				
				
			
		

	


	

    

	

		
		

			
Well done @atom0s. :) And @c0n how did you patched it?



			
		


		

		
	


	
    


	



					
					
					
				
			
			



		

	


	
	
	
	
	
		
	

			
				
				



	
	
		

			
				
Create an account or sign in to comment

				
You need to be a member in order to leave a comment

			
	
			

				

					

						
Create an account

						
Sign up for a new account in our community. It's easy!

						
							
						
						Register a new account
					

					

						
Sign in

						
Already have an account? Sign in here.

						Sign In Now
					

				

			

		

	


			
		

	

	
		

			

				
					


    
          Share
    

    

				
				
                

                


				
			

		

	







	

		
			
				Go to topic listing
			
		
	

	




						


	

		
    
			
				
					
					
  • 
				
			
		

	


					

					


					

				

			

			
		

		
		


	

		×
		

			
				

					
				

			

			

			

			
		

	






	

		×
		

			
    
				
  • Create New...
    •