Posted April 8, 20187 yr Difficulty : 3 Language : C# (.NET) Platform : Windows x32/x64 OS Version : Windows 7/8/10 Packer / Protector : None [just sum anti-skid stuff] Description : get the password Screenshot : Download: CrackMe.exe
April 9, 20187 yr Solution I have password my friend. I'm not surprised that the "Password:" is being loaded for so long. This calculation is unique. Where did I just see ... Pass is: 5j/bFy;&<A~9!(:e:p<*m%$gXAyh!*%9 How did I get the password? I've tried a lot of programs. But always full stack or crash. Programs like (dnSpy ... and other debuggers) They were useless in this case. So I had to explore the entire IL code. I tried profiling in .dot Trace. I found you were using base64 there. So I tried to write a base64 decryption program. Nothing helped. 1) So I used Peek from Jetbrains .dot. 2) I got the source code 3) Created a new project in VS2010 4) Copied your code and tried to run. 5) I commented on parts such as: //Environment.FailFast (""); 6) Found part where you compare if (str2 == @string) 7) Then Console.Writeline (@string) I'm sorry, but I did not understand much about the string (UTF) calculation. Maybe later. Edited April 9, 20187 yr by !Eddy420CZ Detailed solution..
April 9, 20187 yr Author Spoiler 13 minutes ago, !Eddy420CZ said: I have password my friend. I'm not surprised that the "Password:" is being loaded for so long. This calculation is unique. Where did I just see ... Pass is: 5j/bFy;&<A~9!(:e:p<*m%$gXAyh!*%9 btw: the pw doesnt load long. its just the Threading.Sleep(1000) to prevent boiz to bruteforce
May 7, 20187 yr Password: 5j/bFy;&<A~9!(:e:p<*m%$gXAyh!*%9 Steps: Start app in Windbg When you hit the IsDebuggerPresent exception you simply break at current address Dump strings and you get the password. Difficulty: 1/10
May 5, 20196 yr Alright, it was really easy to remove Opening the .exe on Dnspy we can see that the methods have some kind of decompiler crashing. So what i did was simply loading the .exe and writing each instruction to console to see what is going on. Well a lot of ldc.i4.6 appeared as you can see here Simply made a quick tool to remove this Now you can open it on dnspy and see the actual code. But there are some anti-debuggers so i modified the tool that i made to remove the antidebuggers too. like this You can simply debug it now CrackMe (1)-Cleaned.exe Edited May 5, 20196 yr by TobitoFatito Replaced links with images
Create an account or sign in to comment