Jump to content
Tuts 4 You

Custom protect


Recommended Posts

Difficulty : 10
Language :  .NET
Platform : Windows x86
OS Version : All
Packer / Protector : Custom protect (with native packaging)

Challenge : Figure out the correct string for the textbox.




Edited by Nickitee
  • Like 2
Link to comment
Share on other sites

  • 2 weeks later...

I suck with .NET related things anymore, haven't kept up with all the new things people do. But here is the actual crack me file removed from the protector (native code). Bypassing the protector is fairly easy. I wrote a simple loader that hooks VirtualProtect (this protect heavily relies on it) and just changed all pages to be a PAGE_EXECUTE_READWRITE. This allows any dumping tool such as MegaDumper to get the original crackme within the protection.

So someone with .NET unpacking skills can handle it from here.


  • Like 1
Link to comment
Share on other sites

Part 1. Bypassing Native Protection

This is rather simple, just write a loader that hooks VirtualProtect. You will want to force all pages being protected to use PAGE_EXECUTE_READWRITE instead. Once done and you have loaded the crackme with your loader, use a tool like MegaDumper to do a full .NET Dump which will yield the real Crack_Me.exe file.

Part 2. Obtaining the Password

More or less a cheap method, but this is just a normal if (str1 == str2) so open the real Crack_Me.exe inside of a .NET debugger tool such as dnSpy. Once open begin debugging and then navigate to mscorlib -> System -> String -> op_Equality. Set a breakpoint here.

Enter a string into the text box such as asdf1234, press the button. Walk through the breaks until the first param is your password, check second param for the real password.

  • Like 6
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...