Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > .NET Reverse Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #141  
Old 07-06-2007, 01:20 PM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Wink I'm Back

Hello every one ,, Sorry for not being around for a while now !

will be back with more stuff soon...

@Kesk:

Sure,,,
__________________
Life can only be understood backwards but It must be read forwards.
Reply With Quote
  #142  
Old 07-07-2007, 01:13 AM
kesk kesk is offline
Member
 
Join Date: Jul 2007
Posts: 18
Default Janus webforms controls

Ok,

The components licensing is the place where i change the code to break. I found that the dll is expecting a regitry key, if the key is not found then it install a key, but both the keys are different. I present below the code that i got from Reflector in VB.net.
------------------------------------
Public Overrides Function GetLicense(ByVal context As LicenseContext, ByVal type As Type, ByVal instance As Object, ByVal allowExceptions As Boolean) As License
Dim designTime As Boolean = (context.UsageMode = LicenseUsageMode.Designtime)
Dim a As a = Nothing
a = New a(Me, type, True, designTime)
If ((designTime AndAlso (Not a Is Nothing)) AndAlso Not a.b) Then
Dim flag2 As Boolean = False
Try
Dim key As RegistryKey = Registry.LocalMachine.OpenSubKey(String.Format(a.a (ChrW(5308) & ChrW(5304) & ChrW(5295) & ChrW(5309) & ChrW(5312) & ChrW(5290) & ChrW(5307) & ChrW(5294) & ChrW(5317) & ChrW(5299) & ChrW(5322) & ChrW(5335) & ChrW(5342) & ChrW(5340) & ChrW(5257) & ChrW(5308) & ChrW(5346) & ChrW(5340) & ChrW(5341) & ChrW(5326) & ChrW(5334) & ChrW(5340) & ChrW(5317) & ChrW(5290) & ChrW(5308) & ChrW(5305) & ChrW(5271) & ChrW(5303) & ChrW(5294) & ChrW(5309) & ChrW(5257) & ChrW(5308) & ChrW(5326) & ChrW(5339) & ChrW(5343) & ChrW(5326) & ChrW(5339) & ChrW(5257) & ChrW(5292) & ChrW(5336) & ChrW(5335) & ChrW(5341) & ChrW(5339) & ChrW(5336) & ChrW(5333) & ChrW(5340) & ChrW(5317) & ChrW(5310) & ChrW(5298) & ChrW(5257) & ChrW(5312) & ChrW(5326) & ChrW(5323) & ChrW(5257) & ChrW(5343) & ChrW(5348) & ChrW(5273) & ChrW(5350)), UIPanelManager.b))
If (key Is Nothing) Then
key = Registry.LocalMachine.OpenSubKey(String.Format(a.a (ChrW(5308) & ChrW(5304) & ChrW(5295) & ChrW(5309) & ChrW(5312) & ChrW(5290) & ChrW(5307) & ChrW(5294) & ChrW(5317) & ChrW(5312) & ChrW(5336) & ChrW(5344) & ChrW(5279) & ChrW(5277) & ChrW(5276) & ChrW(5275) & ChrW(5303) & ChrW(5336) & ChrW(5325) & ChrW(5326) & ChrW(5317) & ChrW(5299) & ChrW(5322) & ChrW(5335) & ChrW(5342) & ChrW(5340) & ChrW(5257) & ChrW(5308) & ChrW(5346) & ChrW(5340) & ChrW(5341) & ChrW(5326) & ChrW(5334) & ChrW(5340) & ChrW(5317) & ChrW(5290) & ChrW(5308) & ChrW(5305) & ChrW(5271) & ChrW(5303) & ChrW(5294) & ChrW(5309) & ChrW(5257) & ChrW(5308) & ChrW(5326) & ChrW(5339) & ChrW(5343) & ChrW(5326) & ChrW(5339) & ChrW(5257) & ChrW(5292) & ChrW(5336) & ChrW(5335) & ChrW(5341) & ChrW(5339) & ChrW(5336) & ChrW(5333) & ChrW(5340) & ChrW(5317) & ChrW(5310) & ChrW(5298) & ChrW(5257) & ChrW(5312) & ChrW(5326) & ChrW(5323) & ChrW(5257) & ChrW(5343) & ChrW(5348) & ChrW(5273) & ChrW(5350)), UIPanelManager.b))
End If
Dim text As String = CStr(key.GetValue(a.a(ChrW(5305) & ChrW(5339) & ChrW(5336) & ChrW(5325) & ChrW(5342) & ChrW(5324) & ChrW(5341) & ChrW(5300) & ChrW(5326) & ChrW(5346))))
If (Not [text] Is Nothing) Then
flag2 = Me.a([text])
End If
Catch obj1 As Object
End Try
If flag2 Then
UIBarsLicenseProvider.a(type, instance)
End If
End If
If a.b Then
If designTime Then
If a.a.d Then
If allowExceptions Then
UIBarsLicenseProvider.b(type, Me)
Else
a = Nothing
End If
ElseIf a.a.e Then
a.a.a(True)
End If
ElseIf (Not a.a.c OrElse a.a.d) Then
a.c = True
a.a = UIBarsLicenseProvider.a(type)
End If
End If
If ((designTime AndAlso (Not a Is Nothing)) AndAlso Not a.b) Then
context.SetSavedLicenseKey(type, a.LicenseKey)
End If
Return a
End Function
----------------------

What does the ChrW(5305),ChrW(5339), etc means?. Also, there are so many different types of 'a' in the code. How can this occur?

thanks for any replies and clarifications.

kesk
Reply With Quote
  #143  
Old 07-07-2007, 10:52 AM
LibX LibX is offline
Administrator
 
Join Date: Feb 2007
Location: The Netherlands
Posts: 118
Default

Those are Unicode encoder chars

Regards
LibX // RETeam
Reply With Quote
  #144  
Old 07-09-2007, 07:05 AM
kesk kesk is offline
Member
 
Join Date: Jul 2007
Posts: 18
Default Janus webforms controls

Hi LibX,

I am a newbie, so pls dont get angry or frustrated by my questions :-)

Is there a way i could convert the Unicode chars to normal Ascii or other plain text chars?

kesk

Quote:
Originally Posted by LibX View Post
Those are Unicode encoder chars

Regards
LibX // RETeam
Reply With Quote
  #145  
Old 07-10-2007, 12:55 PM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Wink A quick answer

@Kesk :

I don't think LibX will answer this question, but

Or you can start by studying the Class "System.Text.Encoding" in Visual studio and it will sure help you convert between different encodings.....

Enjoy....
__________________
Life can only be understood backwards but It must be read forwards.

Last edited by Kurapica : 01-11-2008 at 04:45 AM.
Reply With Quote
  #146  
Old 07-10-2007, 03:42 PM
LibX LibX is offline
Administrator
 
Join Date: Feb 2007
Location: The Netherlands
Posts: 118
Default

Well i will answer it :P
And tKC is right u should take a look at the System.Text.Encoding class
(so yes its possible as long as the unicoded encoded chars are ascii values and not real unicode chars, but u can always print them to a textbox ofcource )

Regards,
LibX // RETeam
Reply With Quote
  #147  
Old 07-14-2007, 05:28 AM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Wink The Entire stuff reloaded

This is the full shit we worked on from the beginning of this thread, I've revised some PDFs and fixed some things too, For those who missed anything you can get them all now

PDFs + Utilities + CrackMEs


gReetZ

http://www.filesend.net/download.php...075b436ba99cdb
__________________
Life can only be understood backwards but It must be read forwards.
Reply With Quote
  #148  
Old 07-21-2007, 04:41 PM
rongchaua rongchaua is offline
Senior Member
 
Join Date: Apr 2007
Posts: 91
Default

@tKC:
I have downloaded your all things. I'm interested in unpacking Reactor.
I have my simple crackme protected with Reactor. After I dumped it from memory, the assembly I received, has more IL Instructions more.
http://www.box.net/shared/p4acd7jgbt
Can you tell me more how can I receive my IL Code again? With your crackme after dump from memory we can restore the il code but with newest version of Reactor. This method doesn't work anymore.
Regards.

Last edited by rongchaua : 07-21-2007 at 05:06 PM.
Reply With Quote
  #149  
Old 07-22-2007, 11:54 AM
LibX LibX is offline
Administrator
 
Join Date: Feb 2007
Location: The Netherlands
Posts: 118
Default

Yes u have to remove the necrobits before u can access the code, all il pointers are pointing to a wrong location

Regards
LibX // RETeam
Reply With Quote
  #150  
Old 07-22-2007, 12:18 PM
rongchaua rongchaua is offline
Senior Member
 
Join Date: Apr 2007
Posts: 91
Default

Hi Libx,
do you have a paper with removing Necrobits. I have googled but found nothing. .

Last edited by rongchaua : 07-22-2007 at 12:41 PM.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.