Posted July 12, 20196 yr Language: .NET Platform: Windows / any OS with Mono OS Version: Any Protection: My little VM Description: I'm just curious about how strong my VM is so far. Good luck Screenshot: KeygenMe.7z
July 16, 20196 yr The challenge is slightly flawed as the serial is formatted in plaintext. Fun challenge, keygen coming soon Spoiler jameswoods:2C7B-F1E5-D82D-4C8C-6F32-6368-925E-5871 tuts4you:1ECA-4D74-7F82-BC38-1462-ADCC-B17C-F765
July 27, 20196 yr Solution Spoiler washi 39BD-E92C-01AE-2BE4-C37A-FA2B-2E51-C12D Approach: Spoiler 1. Remove ConfuserEx-esque proxies in the runtime dll using cawk's unpacker 2. Run de4dot on it to rename to somewhat readable names. 3. Set breakpoint on the method that suspiciously looks like a button click event handler (private void _B(object A_1, EventArgs A_2), token: 0x06000003). 4. Step into the Entry.Run 5. Notice that the "Nope" messagebox occurs after the first method call. Set bp on this method (0x0600004E) and rerun. 6. Notice that the "Nope" messagebox occurs after the call to 0x060000B6. Set bp on this method and rerun. 7. Method looks suspiciously like a VM dispatcher using a dictionary (case 10). A quick peek into the methods called here reveals that this line can be refactored to something like: 8. Setting a breakpoint on this line, and repeatedly running this, while inspecting the virtual stack reveals exactly what the code does. No need for devirtualization. Keygen.7z xSilent.Runtime.refactored.dll.7z Edited July 27, 20196 yr by Washi Added modified runtime dll
July 29, 20196 yr Author Yup, the KeyGen "algorithm" wasn't the most advanced to say the least :D Anyways, I made the entire project open source on GitHub if anyone wants to have a peek
September 15, 20195 yr If the project wasn't opensourced, i'd probably never be able to make a devirt, so thank you for helping me make my first 'complete' devirt Great practice and i hope you keep on updating it CrackMe_Devirted_Cracked.rar Edited September 16, 20195 yr by TobitoFatito
Create an account or sign in to comment