Jump to content
Tuts 4 You
  • 1
Sign in to follow this  
Eddy^CZ

Easy CrackMe in .NET Framework

Question

Eddy^CZ

Difficulty : 2
Language : NET 4.0
Platform : Windows  x32/x64
OS Version : Windows 7,8,10 (All windows with .NET Framework 4)
Packer / Protector : None / Not obfuscated!

Description :

Hello community :)

I created some reversing challenge for you. Lets check it!

Can you get correct password from my application? 

Please if you done this. Post screenshot of program after you sumbmited password and password.

!Eddy420.CZ

Download:

CrackMeForTuts4You.zip

CrackMe V1 2018 - !Eddy420.CZ.jpg

Share this post


Link to post

4 answers to this question

Recommended Posts

  • 1
banme

Unable to get pw, but cracked.

1. Preparation: (I used dnSpy)
Go to the entrypoint and nop all the calls to the protection!
Replace the 'Startup.checkApplication()' with 'Program.openCrackme()'

2. Debug'n'Dump
In dnSpy, set the breakpoint to the Encrypted Dll call, then open up the modules window and dump 'AppSec'

3. Modify
Lookup which method is called and replace the Dll-Call with the method content with the stuff which is executed when the passwordcheck is successful.
[note the dependencies]

Replace the obj.ToString() with "YES!"

Done

3YJrq7KVS4e897EvgXgDWQ.png

Share this post


Link to post
  • 1
GautamGreat
2 minutes ago, !Eddy420CZ said:

You're good enough! :D But to tell the truth it was easy: D What else do you say about the program? do not mind that you did not find the password :): P 

You are comparing the password against a SHA512 hash, and as we all know SHA512 is no reversible. The only way is brutoforce. 

PASSWORD SHA512 is : a5034098f0e6f4b60796145cd59ad2f800ed4971a194816781aa3ac18b02cd9b6a583b73c210ad4fbf341fee718c9de706f6752bf4cd5e3c152d3cfc6ec39db6

Capture.PNG

Share this post


Link to post
  • 0
Eddy^CZ

You're good enough! :D But to tell the truth it was easy: D What else do you say about the program? do not mind that you did not find the password :): P 

Share this post


Link to post
  • 0
Eddy^CZ
6 minutes ago, GautamGreat said:

You are comparing the password against a SHA512 hash, and as we all know SHA512 is no reversible. The only way is brutoforce. 

PASSWORD SHA512 is : a5034098f0e6f4b60796145cd59ad2f800ed4971a194816781aa3ac18b02cd9b6a583b73c210ad4fbf341fee718c9de706f6752bf4cd5e3c152d3cfc6ec39db6

Capture.PNG

Yes you are right :) Otherwise it was not possible. When I saw the others getting a password easily. My opinion is that. Obfuscation is the only solution. Good job guys.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  
×
×
  • Create New...