Jump to content
Tuts 4 You

{qP} CrackMe

{qP}

By {qP}
in CrackMe

 Share

Recommended Posts

{qP}

{qP}

Posted
Posted

Difficulty : 3? You decide. I'm interested in your opinion of the difficulty level!
Language : .NET
Platform :  Microsoft Windows
OS Version : Microsoft Windows XP and Above
Packer / Protector : Intellilock

Description :

Figure out the correct string for the textbox. If correct, you will be prompted with a "Success!" messagebox. 

Screenshot :

PDMcZmY.png

12182016CrackMe.zip

crystalboy

crystalboy

Posted
Posted (edited)

Level in my opinion is 1. Here my solution. :)

 

Spoiler

Correct serial is: DP4YGP74THX052O

How to solve:

- Break on MessageBox.Show method on System.Windows.Forms.MessageBox then trace until we find the method responsible to perform the check

qP_CrackMe_breakpoint.png

The comparision between inserted serial and the correct serial is made through CompareString:

q_P_Crack_Me_serial.png

Then have the right serial to solve the challenge:

q_P_Crack_Me_goodboy.png

 

 

Edited by crystalboy
  • Like 3
{qP}

{qP}

Posted
  • Author
Posted (edited)
3 hours ago, crystalboy said:

Level in my opinion is 1. Here my solution. :)

 

  Hide contents

Correct serial is: DP4YGP74THX052O

How to solve:

- Break on MessageBox.Show method on System.Windows.Forms.MessageBox then trace until we find the method responsible to perform the check

qP_CrackMe_breakpoint.png

The comparision between inserted serial and the correct serial is made through CompareString:

q_P_Crack_Me_serial.png

Then have the right serial to solve the challenge:

q_P_Crack_Me_goodboy.png

 

 

Awesome, thank you for your freedback!

Yeah the main reason I did this was to see if someone could see the raw string. I used something that 'scrambles' the string I used (DP4YGP74THX052O) in the source. So if someone uses a reflector they would see the wrong string. But, I guess it actually doesn't work which is fine I was just seeing how that plus obfuscation would work out together.

I can show you what I mean about the 'scrambles' part when I get home.

I'll still use the scramble method because I use some external .ini files for my programs, and if I scramble the text in the .ini files my program 'deceypts' it and can still reads what my settings are. Also if a user opens the .ini it's just random looking strings too. So it's okay I guess.

 

Edited by {qP}
Forgot something.
mrexodia

mrexodia

Posted
Posted

Most obfuscators are useless against debuggers if you are trying to hide values, just makes it a little more annoying...

  • Like 1
  • 1 month later...
man of the war

man of the war

Posted
Posted

Easy

 

 

00.png

+noble

+noble

Posted
Posted

bztfni.png

Solved by hooking microsoft.visualbasic.compilerservices.operators.comparestring and forcing it to return 0

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...