Posted April 10, 20187 yr Difficulty : 3 Language : C# (.NET) Platform : Windows x32/x64 OS Version : Windows 7/8/10 Packer / Protector : AntiSkid (own) Description : get the password. Screenshot : CrackMe-antiskid.exe
April 11, 20187 yr Solution Great. Very nice. Interestingly. But I got the password. 1) I first tried Reflector 2) Then dot.Peek 3) DnSpy turned off about four times. 4) Then I used de4dot (Ivancito Gui), That allowed me to read the code 5) I searched for a moment where my password is being taken. (and it's base64), then you search in the int field. Maybe.. 6) I opened the original crackme in DnSpy 6) I have modified the condition (if) to always return the truth. 7) And I used the debuger. Your password turned out pretty fast. I thought for a moment. Put it in the original CrackMe. And success. I just wonder what kind you used the obfuscation. Thank you so please write to me in PM. An password is: Spoiler 99dCcnz4d5t9xeWNU7pt4M6anKjPRm7Y Edited April 11, 20187 yr by !Eddy420CZ
May 7, 20187 yr Unfortunately, all your antiskid crack me's have the same flaw. You can simply execute application in a debugger such as Dnspy and when you hit the IsDebuggerPresent you can simply break and dump strings...
May 5, 20196 yr Nothing really different from your last crackme, just need to run it on de4dot before running on the quick tool i made. (Some stuff copy paste from the last tutorial i made for your last crackme) Tutorial: (Run through de4dot first or it will give errors, no idea why) Opening the .exe on Dnspy we can see that the methods have some kind of decompiler crashing. So what i did was simply loading the .exe and writing each instruction to console to see what is going on. Well a lot of ldc.i4.6 appeared as you can see here Simply made a quick tool to remove this Now you can open it on dnspy and see the actual code. But there are some anti-debuggers so i modified the tool that i made to remove the antidebuggers too. like this You can simply debug it now Spoiler 99dCcnz4d5t9xeWNU7pt4M6anKjPRm7Y CrackMe-antiskid-cleaned-Cleaned.exe Edited May 5, 20196 yr by TobitoFatito
May 12, 20196 yr Its too easy .. do a harder one please i just put it in de4dot and then debug it in dnspy .. str,@string = code code: Spoiler 99dCcnz4d5t9xeWNU7pt4M6anKjPRm7Y
May 15, 20196 yr Nothing special, just changing flag to true will make file cracked. CrackMe-antiskid_Done.exe
Create an account or sign in to comment