This time we will start here:
This crackme was prepared by costy (thanks!). Because it is created in .NET I used Windows 8.1 VM. When I was trying to solve it I used tool called ILSpy. First look - below:
I was looking for some interesting function(s) inside the binary and this is what I found:
As you can see this is very simple crackme but the case is: it should help us to understand a little bit more about cracking .NET binaries, so we are here:
As you saw in the message from the author ('my favourite method';)) - patching - is not allowed. :<
But we'll handle it anyway, let's read the code:
Inside InitializeComponent() function we'll find the skeleton of our program but more interesting function should be Button1_Click(), let's see what's inside:
So far, so good. But what is this? Looks like some super-extra-advanced-algorithm:
Let's try to "reverse" it and translate it a little bit. We have a few conditions here:
- num2 and num3 must equal 4744 and- num2 - num3 must be 0 and
- num2 must be bigger than 0 and
- num3 must be bigger than 0 too.
So - in 'my pseudocode' - it will now looks like this:
Let's see the bigger picture:
Checking if it works:
Great, let's run the crackme to check our solution on our 'live environment' (to do that I also installed .NET 3.5 because I was using a fresh and clean Win8.1 VM):
...and...
I think now it's a good time to see some other/new examples on crackmes.one.
Good luck!
Special thanks goes to my Patreon:
- Daniel.
Thanks! You are AWESOME! ;]
See you next time!
Cheers,
Cody
Brak komentarzy:
Prześlij komentarz