Jump to content
Tuts 4 You
  • 0
NightBaron

.NET CrackMe

Question

NightBaron

Language : .NET
Platform : Windows
OS Version : All Windows (.NET Framework 4.6 or higher)
Packer / Protector : The4Got10's Protector (Modded ConfuserEx) with VM and Native Shield

Description : 

Crack (I don't care if this file is fully unpacked or not) this application and make a short tutorial for it.

I want to know my app are strong or weak.

Thank!

Screenshot :

spacer.png

Protected.7z

if  cant start this app try 2nd file

Protected2nd.7z

 

Share this post


Link to post

4 answers to this question

Recommended Posts

  • 0
NeoNCoding

image.png.9b8034c6ca7ab7f83aac99718cde65b0.png

Share this post


Link to post
  • 0
NightBaron
Posted (edited)
44 minutes ago, NeoNCoding said:

image.png.9b8034c6ca7ab7f83aac99718cde65b0.png

i test on 3 different pc, this app working
did u extract file ? if not pls
extract file then start program
if still error try this i change something.
 

Protected.7z

Edited by NightBaron
add new file (see edit history)

Share this post


Link to post
  • 0
XenocodeRCE

you can dump using megadumper, if you suspend process to prevent anti dbg from running.

result is : ConsoleApp1.exe 1.248 mb 

 

little xor on confuserexstring decryptor method  (it stupid only 1 param out of 3 are usefull) :

 eGUSUsd.png

 

you need to patch a call method at EP (call to native dll) and you can debug and dump correct strings from memory, because it changes every time (not sure but i would say im 60% right)

 

Share this post


Link to post
  • 0
NightBaron
5 hours ago, XenocodeRCE said:

you can dump using megadumper, if you suspend process to prevent anti dbg from running.

result is : ConsoleApp1.exe 1.248 mb 

 

little xor on confuserexstring decryptor method  (it stupid only 1 param out of 3 are usefull) :

 eGUSUsd.png

 

you need to patch a call method at EP (call to native dll) and you can debug and dump correct strings from memory, because it changes every time (not sure but i would say im 60% right)

 

nice to see you here XenocodeRCE

nice trick for dump .net module (it work, Thank)
and i use code virtualization on key check algorithms, maybe debugging is an extremely hard task 

i'm waiting for someone's can get correct key or crack this app for accept every key :)

  • Like 1

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...