0X7C9 Posted April 18, 2018 Posted April 18, 2018 Difficulty : 4 (Maybe 5) Language : NET 2.0 Platform : Windows x32/x64 OS Version : Windows 7,8,10 (All windows with .NET Framework 2) Packer / Protector : Crypto obfuscator (only strings, names and all types to non-printable) > ConfuserFx (Anti ildasm, anti tamper, anti dump, anti debug) Description: Greetings to the Tuts4You community. I wrote a CrackMe in C #. I used two protection programs on it. I made it more difficult because the previous one was easy. In this case, the password can be retrieved and not encrypted. Get the long license key and post. Write a simple tutorial how you did it. But you can not modify the program to display the MessageBox of success. Eddy420 (I'm sorry for English, I'm Czech) Screenshot: Dowload CrackMe[!Eddy420].zip
Abigor Posted April 18, 2018 Posted April 18, 2018 Real dif = 1 Key: Spoiler AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F62AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FfaAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F32AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc5AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F8AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F79AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F62AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F93AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fd1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F59AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F89AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FfdAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F62AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F3fAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F38AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F14AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff5AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F41AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F4aAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F35AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F14AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FdcAS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F95AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fe4AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-FeAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F82AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F19AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F42AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FbaAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc9AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff6AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F44AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fb9AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9aAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F31AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F41AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FcbAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fa1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F6dAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9bAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F81AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc8AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9dAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fa2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F3eAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F35AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fd5AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F21AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F3AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fa1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F19AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F4AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F14AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9d 1
Solution GautamGreat Posted April 18, 2018 Solution Posted April 18, 2018 Encryption is so poor. It's unmodified ConfuserEx right? Quote AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F62AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FfaAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F32AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc5AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F8AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F79AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F62AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F93AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fd1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F59AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F89AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FfdAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F62AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F3fAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F38AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F14AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff5AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F41AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F4aAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F35AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F14AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FdcAS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F95AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fe4AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-FeAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F82AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F19AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F42AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FbaAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc9AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff6AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F44AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fb9AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9aAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F31AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F41AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FcbAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fa1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F6dAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9bAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Ff7AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F81AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fc8AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9dAS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fa2AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F3eAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F35AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fd5AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F21AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F3AS-5EFX-12AS-5-FAS-5EFX-12AS-5-Fa1AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F19AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F4AS-5EFX-12AS-5-FAS-5EFX-12AS-5-FAS-5EFX-12AS-5-F14AS-5EFX-12AS-5-FAS-5EFX-12AS-5-F9d Serial number checking procedure Quote // Ui.Form1 // Token: 0x0600000D RID: 13 RVA: 0x00002B1C File Offset: 0x00002B1C private void button1_Click(object sender, EventArgs e) { long num = (long)((ulong)(Form1.num1 - Form1.num2 - Form1.num3 - Form1.num4 - Form1.num5 - Form1.num6 - Form1.num7)); if (!(this.textBox1.Text == string.Empty)) { for (;;) { switch (2) { case 0: continue; } break; } if (!true) { RuntimeMethodHandle runtimeMethodHandle = methodof(Form1.button1_Click(object, EventArgs)).MethodHandle; } if (num < (long)\u0003.\u0001(36)) { for (;;) { switch (3) { case 0: continue; } break; } } else { this.computedPwd(); if (Form1.LIC == this.textBox1.Text) { for (;;) { switch (6) { case 0: continue; } break; } MessageBox.Show(\u0002.\u0001(230), \u0002.\u0001(446), (MessageBoxButtons)\u0003.\u0001(48), (MessageBoxIcon)\u0003.\u0001(52)); return; } Form1.cntTry += \u0003.\u0001(56); if (Form1.cntTry == \u0003.\u0001(60)) { for (;;) { switch (2) { case 0: continue; } break; } this.textBox1.Enabled = (\u0003.\u0001(64) != 0); MessageBox.Show(\u0002.\u0001(489), \u0002.\u0001(534), (MessageBoxButtons)\u0003.\u0001(68), (MessageBoxIcon)\u0003.\u0001(72)); return; } MessageBox.Show(\u0002.\u0001(567) + Form1.cntTry + \u0002.\u0001(592), \u0002.\u0001(639), (MessageBoxButtons)\u0003.\u0001(76), (MessageBoxIcon)\u0003.\u0001(80)); return; } } MessageBox.Show(\u0002.\u0001(144), \u0002.\u0001(195), (MessageBoxButtons)\u0003.\u0001(40), (MessageBoxIcon)\u0003.\u0001(44)); }
0X7C9 Posted April 18, 2018 Author Posted April 18, 2018 2 hours ago, GautamGreat said: Encryption is so poor. It's unmodified ConfuserEx right? Serial number checking procedure Good work on my crackMe, you know! How did you get this il code? Did you use a specific program? Write procedure step by step. Thank you
NightBullet Posted April 27, 2018 Posted April 27, 2018 Just use ConfuserEx Anti Tamper remover & de4dot
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now