Since the challenge description allows it, I'm going for the quick serial fish for now
Secret Key: AWX610881RFFJSDJSZV
Vendor: Fadi Sami Khalid
Address: Jordan - Amman - Khalda
Obfuscation does not really matter if your methods are just simple string comparisons. The x86 generated by the JIT compiler still reveals everything
- Run app, enter random stuff in textboxes, press Validate to trigger the JIT compiler to compile the validation method. Notice text of the label changes to Not Correct.
- Attach WinDbg, set breakpoint on Control.set_Text (use !name2ee System.Windows.Forms.dll System.Windows.Control.set_Text to get the address to breakpoint). Continue execution and press Validate again.
- Type !clrstack to notice the click handler is in Form1._01.01. Copy the address of the handler and dump the x86 code using !U <address>. (dump here https://pastebin.com/br3s09Gv)
- Notice in x86 code its just a bunch of string.Equals calls. Set a breakpoint on all string.Equals(string, string) calls in the method. Continue execution and press Validate one more time again.
- Use !dumpstackobjects to read out the correct values for every one of these calls.