Jump to content
Tuts 4 You

CrackMe 2 // ConfuserEx 1.0.0-custom


lucifeey
Go to solution Solved by Gyrus,

Recommended Posts

Difficulty :  4/10
Language : .NET
Platform : Windows
OS Version : All
Packer / Protector : ConfuserEx 1.0.0-custom

Description :

Find out the password and give a tutorial how u got that.

Screenshot :

Spoiler

7cd2fc3dd3f2408bbbf053689c24afb8.png

 

CrackMe02.exe

Edited by lucifeey
Forgot OS Version
  • Like 1
Link to comment
Share on other sites

  • Solution

Difficulty: 4/100

Password:

Spoiler

GladUFoundThis!

Run the crackme using dnSpy, do not set initial breakpoint. Break (Ctrl+Break) the execution. Debugger lands on:

mscorlib -> System.IO -> __ConsoleStream -> ReadFileNative()

Step out (Shift+F11). Enter any password. Keep stepping out untill you reach:

CrackMe02 -> ejdGIfwNyDgtHkPvvAolmbGeopHDb -> SJVWQsKldSOfuZPsxaVVTZTVvhnG()

Step out again. Password is in Locals list.

Link to comment
Share on other sites

1 hour ago, cawk said:

hmm? what have you changed apart from renaming?

I just changed unclearly the type charset, so it forces to use normal chars. and the wonderful attribute so some deobfuscators wont detect it as confuserex.

Edited by lucifeey
.
Link to comment
Share on other sites

XenocodeRCE

Well in short, no real modification, only minor useless addings. I wrote a tutorial on how to custom ConfuserX the right way on rtn-team website

Link to comment
Share on other sites

  • 2 weeks later...
On 4/10/2017 at 11:08 PM, XenocodeRCE said:

Well in short, no real modification, only minor useless addings. I wrote a tutorial on how to custom ConfuserX the right way on rtn-team website

Is this post still on rtn's site? I don't see a thread about this there. Would be interested in reading it.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...