Posted April 19, 20187 yr Difficulty : 5 Language : NET 2.0(C#) Platform : Windows x32/x64 OS Version : Windows 7,8,10 (All windows with .NET Framework 2) (if not work you need some VCRedist runtime´s ...) Packer / Protector : Protection scheme from C# code to UPX: Skater Obfuscator (Max Settings) > Net reactor (Max Settings !Without control flow) > UPX(2.29 - Max Settings) Description: You said the protection was weak. So I prepared something a bit more challenging. I wonder if someone can get to the original c # code. Everything is allowed . Try to get part of the code where I verify individual parts of the license key&and of course crack this.. And if it does, it's just possible to write down the process backwards. Thank you for patience. I hope you will like it PS: VM protect I did not use this time, and it's so better. Screenshot: CrackMeV3[!Eddy420]_Fix.zip
April 19, 20187 yr Solution Patched No keygen because I don't want to bruteforce sha1 hashes CrackMe_patched.zip
April 19, 20187 yr Author 32 minutes ago, SHADOW_UA said: Patched No keygen because I don't want to bruteforce sha1 hashes CrackMe_patched.zip Very good job . How did you succeed? Write a short guide to explaining it.
April 19, 20187 yr Author 4 minutes ago, GautamGreat said: UPX and .net reactor. Even all old tutorials are working on this target. Just a month ago .. I did not even know that .net programs can be protected. I would like to write my own. But I do not know how I can work with .net PE sections. Create your own, read data from them. .Because everything is (almost always) overcome with de4dot.
April 19, 20187 yr Author 1 hour ago, SHADOW_UA said: Patched No keygen because I don't want to bruteforce sha1 hashes CrackMe_patched.zip How did you name it so nicely? Types, methods, properties? Is that de4dot? And how can I get some names as original? To preserve the program's functions even after renaming.
April 19, 20187 yr 3 minutes ago, !Eddy420CZ said: How did you name it so nicely? Types, methods, properties? Is that de4dot? And how can I get some names as original? To preserve the program's functions even after renaming. Yes, it is de4dot renaming. You can't restore original names.
April 19, 20187 yr Author 2 minutes ago, SHADOW_UA said: Yes, it is de4dot renaming. You can't restore original names. Please help me. Where can I learn to work with PE sections (.NET). Or some tutorial how can I run (.NET PE) natively as does .net reactor? Are there any opensource programs? I do not mean .NET obfuscationn in this case I've always been interested in how I can protect my .NET code without commercial programs. Thank you
April 19, 20187 yr Author 3 minutes ago, SHADOW_UA said: Yes, it is de4dot renaming. You can't restore original names. Or where I could talk to you about it. I'm interested It's not for earnings.
April 20, 20187 yr @!Eddy420CZ look at this repository, it contains a c++ code that executes a .Net program from a native code
February 16Feb 16 Sorry for bumping this old thread. For this i traced it via CE and found where the license checks happen without deobfuscating/unpacking target. From my understanding this is where the License check happens. 04BB5BAD - 74 6B - je 04BB5C1A -> You have to patch. 04BB5BAF - 8B 55 EC - mov edx,[ebp-14] 04BB5BB2 - 8B 4D F0 - mov ecx,[ebp-10] 04BB5BB5 - E8 6693476C - call mscorlib.ni.dll+22EF20 04BB5BBA - 85 C0 - test eax,eax 04BB5BBC - 74 5C - je 04BB5C1A -> You have to patch. 04BB5BBE - 8B CF - mov ecx,edi 04BB5BC0 - FF 15 0C8D2502 - call dword ptr [02258D0C] { ->04BB5DC0 } 04BB5BC6 - 85 C0 - test eax,eax 04BB5BC8 - 74 28 - je 04BB5BF2 -> You have to patch. Results: Screen Recording - Made with FlexClip.webm
Create an account or sign in to comment