Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Fu*ckuscator v1.1

Asentrix
Asentrix
in CrackMe

Featured Replies

Posted

Fu*ckuscator v1.1

Brand new obfuscator on the market.

I've already completed this crackme but wanted to see what you guys come up with.

Good luck!

File Information

Submitter Asentrix

Submitted 12/28/2020

Category CrackMe

View File

Fu*ckuscator v1.1

Is this another confuser mutant ?

Spoiler

Correct pass: wjdaisjdaowidjasoijdwdjaisuhdiouhaeoiheufaiouehfasiuohfeiofhuasdifu98729837642897346298374629837462897346928374

Approach

Spoiler

Didn't even open the app in a decompiler or attempted to deobfuscate. CrackMe's that use string.Equals with the correct serial immediately makes it a 0/10 difficulty challenge :)

Steps to reproduce:

  • Run program
  • Attach WinDbg and load SOS extension (.loadby sos clr)
  • Set breakpoint on System.String.Equals(string, string), (e.g. using !name2ee mscorlib.dll System.String.Equals to get the address, and using bp to set the breakpoint)
  • Continue
  • Enter random text
  • Notice breakpoint hit.
  • Run !dumpstackobjects
  • Observe correct password:

image.png.b99797b0032864193b0cdf538ad36603.png

 

Edited by Washi

    • Like 4
    • Author
    On 12/30/2020 at 11:42 AM, Washi said:
      Reveal hidden contents

    Correct pass: wjdaisjdaowidjasoijdwdjaisuhdiouhaeoiheufaiouehfasiuohfeiofhuasdifu98729837642897346298374629837462897346928374

    Approach

      Reveal hidden contents

    Didn't even open the app in a decompiler or attempted to deobfuscate. CrackMe's that use string.Equals with the correct serial immediately makes it a 0/10 difficulty challenge :)

    Steps to reproduce:

    • Run program
    • Attach WinDbg and load SOS extension (.loadby sos clr)
    • Set breakpoint on System.String.Equals(string, string), (e.g. using !name2ee mscorlib.dll System.String.Equals to get the address, and using bp to set the breakpoint)
    • Continue
    • Enter random text
    • Notice breakpoint hit.
    • Run !dumpstackobjects
    • Observe correct password:

    image.png.b99797b0032864193b0cdf538ad36603.png

     

    Nice work :)

    • 2 weeks later...

    i cant deob the calli ;  

    some new encryption may be ?

     

    but i reconstruct the exe with some old tools

    How i have done ======

    1. dotnet dumper with dont rename option 

    2. reconstruct blod , us , string with cff explorer (i used)

    3. universel fixer for fixed some dummy pe

    4. de4dot option --keep-names-d --keep-types 

    5. now we can reflect the code with lutz reflector

    6. confuser codecracker tools 

    7. drop again de4dot with 45 error what ever now SIMPLE ASSEMBLY EXPLORER for crack

    CrackMe69420_C_Cracked.exe

    Edited by Death

    • Like 1
    • 2 months later...

    Passwords:

    Spoiler

    wjdaisjdaowidjasoijdwdjaisuhdiouhaeoiheufaiouehfasiuohfeiofhuasdifu98729837642897346298374629837462897346928374

    1. Remove Hide Methods, Remove Calli and Cflow

    2. Remove Math

    3. Decrypt Base64

     

    That's about it. For new guys, figure it out yourself first. 😁

    • Like 1

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.