banme Posted April 10, 2018 Posted April 10, 2018 Difficulty : 3 Language : C# (.NET) Platform : Windows x32/x64 OS Version : Windows 7/8/10 Packer / Protector : AntiSkid (own) Description : get the password. Screenshot : CrackMe-antiskid.exe 1
Solution 0X7C9 Posted April 11, 2018 Solution Posted April 11, 2018 (edited) Great. Very nice. Interestingly. But I got the password. 1) I first tried Reflector 2) Then dot.Peek 3) DnSpy turned off about four times. 4) Then I used de4dot (Ivancito Gui), That allowed me to read the code 5) I searched for a moment where my password is being taken. (and it's base64), then you search in the int field. Maybe.. 6) I opened the original crackme in DnSpy 6) I have modified the condition (if) to always return the truth. 7) And I used the debuger. Your password turned out pretty fast. I thought for a moment. Put it in the original CrackMe. And success. I just wonder what kind you used the obfuscation. Thank you so please write to me in PM. An password is: Spoiler 99dCcnz4d5t9xeWNU7pt4M6anKjPRm7Y Edited April 11, 2018 by !Eddy420CZ 1
TheCrippledModder Posted May 7, 2018 Posted May 7, 2018 Unfortunately, all your antiskid crack me's have the same flaw. You can simply execute application in a debugger such as Dnspy and when you hit the IsDebuggerPresent you can simply break and dump strings...
TobitoFatito Posted May 5, 2019 Posted May 5, 2019 (edited) Nothing really different from your last crackme, just need to run it on de4dot before running on the quick tool i made. (Some stuff copy paste from the last tutorial i made for your last crackme) Tutorial: (Run through de4dot first or it will give errors, no idea why) Opening the .exe on Dnspy we can see that the methods have some kind of decompiler crashing. So what i did was simply loading the .exe and writing each instruction to console to see what is going on. Well a lot of ldc.i4.6 appeared as you can see here Simply made a quick tool to remove this Now you can open it on dnspy and see the actual code. But there are some anti-debuggers so i modified the tool that i made to remove the antidebuggers too. like this You can simply debug it now Spoiler 99dCcnz4d5t9xeWNU7pt4M6anKjPRm7Y CrackMe-antiskid-cleaned-Cleaned.exe Edited May 5, 2019 by TobitoFatito 1
Rainbow Posted May 12, 2019 Posted May 12, 2019 Its too easy .. do a harder one please i just put it in de4dot and then debug it in dnspy .. str,@string = code code: Spoiler 99dCcnz4d5t9xeWNU7pt4M6anKjPRm7Y
73214 Posted May 15, 2019 Posted May 15, 2019 Nothing special, just changing flag to true will make file cracked. CrackMe-antiskid_Done.exe
Security_ Egypt Posted May 16, 2019 Posted May 16, 2019 (edited) ❤️ Edited May 16, 2019 by Security_ Egypt
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now