Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > .NET Reverse Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #371  
Old 03-03-2008, 08:02 PM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Wink Not much to say

nothing much to say, I don't know any other tool that you can use to rename the assembly members !

but all I can do is to show you the Registration Form node location in reflector tree and I hope it's helpful as a start.



And remember that this assembly uses strings encryption so maybe you should write a decoder to make things easier.

Good luck
__________________
Life can only be understood backwards but It must be read forwards.
Reply With Quote
  #372  
Old 03-04-2008, 01:16 AM
kesk kesk is offline
Member
 
Join Date: Jul 2007
Posts: 18
Default

Dear Karupica,

I appreciate your comment. I dont claim to be a very good cracker, but i am good at what i do. Like i said, so far i have been able to modify the code and give a cracked dll only. Never was i able to create a keygen. The crackme's have some difficulty, but by and large i have been able to make a keygen for them. When it comes to commercial, i fail miserably to make a keygen. Thats why i would like to learn, not to release a keygen per se for the soft. This happened to be some what easy to make a keygen (i could get the code of the old keygen and tried to make one for the new version), so i started to work. But after 15days of studying and trying, i failed. Thats where i would like some guidance and help.

Hope you appreciate my desire to learn only.

kesk


Quote:
Originally Posted by Kurapica View Post
I wish that the help you need had been more general and not specific to some commercial software !! maybe then I could have had enough motive to dig and help...

Good luck
Reply With Quote
  #373  
Old 03-04-2008, 05:03 AM
drake7707 drake7707 is offline
Junior Member
 
Join Date: Mar 2008
Posts: 4
Default

Thanks for your reply

It seems i was able to find the 2 methods that check the nhc.dat file. For who is wondering it's in class 41




As a side note, is there an add-in for reflector that allows refactoring names (so i could change them manually)?
Reply With Quote
  #374  
Old 03-04-2008, 05:55 AM
JackTheRipper JackTheRipper is offline
Member
 
Join Date: Jan 2008
Posts: 22
Default

Quote:
Originally Posted by drake7707 View Post
As a side note, is there an add-in for reflector that allows refactoring names (so i could change them manually)?
Dis# has this capability; it's not a Reflector plugin but a decompiler itself; just double click on a member/variable in the decompiled code window and rename.

Download-Link #1:
_http://www.live-share.com/files/305777/Dis_3.1.2.cr.rar.html

Download-Link #2:
_http://rapidshare.com/files/91719996/Dis_3.1.2.cr.rar.html

Download-Link #3:
_http://uploaded.to/?id=je1by7

It also has an automatic "deobfuscation" function for class names.

I hope this helps

Last edited by JackTheRipper : 03-04-2008 at 05:57 AM. Reason: Adding information
Reply With Quote
  #375  
Old 03-04-2008, 11:14 AM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Wink You are welcome

Quote:
Originally Posted by kesk View Post
Dear Karupica,

I appreciate your comment. I dont claim to be a very good cracker, but i am good at what i do. Like i said, so far i have been able to modify the code and give a cracked dll only. Never was i able to create a keygen. The crackme's have some difficulty, but by and large i have been able to make a keygen for them. When it comes to commercial, i fail miserably to make a keygen. Thats why i would like to learn, not to release a keygen per se for the soft. This happened to be some what easy to make a keygen (i could get the code of the old keygen and tried to make one for the new version), so i started to work. But after 15days of studying and trying, i failed. Thats where i would like some guidance and help.

Hope you appreciate my desire to learn only.

kesk
You are very welcome and I will be very glad to help you, I'm sorry If I didn't understand your previous post correctly.

greetz
__________________
Life can only be understood backwards but It must be read forwards.
Reply With Quote
  #376  
Old 03-04-2008, 01:11 PM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Default CrackME #15

Hi everyone
It's been a while since we wrote a crackme so this is a nice one to refresh your minds

It's not very hard but needs a little brain, Of course you can do it in one patch but It's not allowed so you must write a valid keygen and a tutor for the rest of us to show us how you solved it.

Enjoy...

http://rapidshare.com/files/97017142...ME_15.rar.html
__________________
Life can only be understood backwards but It must be read forwards.
Reply With Quote
  #377  
Old 03-04-2008, 04:16 PM
drake7707 drake7707 is offline
Junior Member
 
Join Date: Mar 2008
Posts: 4
Default

Bah, i give up on the nhc thing, it took me way too long to finally isolate the method that -i think- may be the one checking the serial, so i copied it to try to write a brute force keygen, but i can't get it to work.

I really should do continue programming my projects for school now @_@


if anyone cares, this is what i have: http://webs.hogent.be/~701217dk/nhc/nhcattempt.zip
Reply With Quote
  #378  
Old 03-05-2008, 10:53 AM
jfx jfx is offline
Member
 
Join Date: Oct 2007
Posts: 12
Default

Name: "Mj. Vasyliy Pupkin"
Company: ".K.G.B."
Key: F6C4-63C7-945F-0302

Tutor:
1. Dump with "Salamander .NET DeProtector"; (Skip)
2. View sources in ".NET Reflector";
3. Use "{smartkill}" to view "Kurapica CrackME #15";
4. Make k-gen with "Visual Studio 2k5";
5. The end.

Code:
 class Class1
    {
        public static string Generate(string Name, string Company)
        {
            long[] xorBase = new long[] {
                0xa071e3b0c2cL, 0xe50b67e2fbaL, 0xcd8e9b2c06fL,
                0xf5c8bccf6c0L, 0x626c7da0db3L, 0xf593a461bb3L,
                0x1168aaf4303L, 0x84a91a01901L, 0x791413aef49L,
                0x3898178c597L
            };

            long calcCode = Calc("KURAPICA CRACKME #15" + 
                Name.ToUpper() + Company.ToUpper());

            int index = (new Random((int)DateTime.Now.Ticks)).Next(0, 9);

            return String.Format("{0:X12}{2:X2}{1:X2}", 
                calcCode ^ xorBase[index], index + 1, index + 2);
        }

        private static long Calc(string buffer)
        {
            long num4 = 0L;
            int num2 = 0;
            int length = buffer.Length;

            while ((length - 1) >= 0)
            {
                num4 ^= (long)(buffer[num2] << 8);

                for (int i = 0; i < 8; i++)
                    if ((num4 & 0x8000L) == 0x8000L)
                        num4 = (num4 << 1) ^ 0x3fdL;
                    else
                        num4 = num4 << 1;

                length--;
                num2++;
            }

            if ((num4 & 0x100000000000L) == 0L)
                num4 |= 0x100000000000L;

            return (num4 & 0xffffffffffffL);
        }
    }

Last edited by jfx : 03-05-2008 at 03:54 PM. Reason: Add source
Reply With Quote
  #379  
Old 03-05-2008, 11:58 AM
Kurapica Kurapica is offline
Senior Member
 
Join Date: May 2006
Location: Archives
Posts: 357
Default

Very nice :-)

I didn't expect to see the solution so quickly, Don't say it was easy too !! I will make it harder next time.

But I wonder why you used Deprotector ? It's not packed and can be directly viewed in Reflector...
__________________
Life can only be understood backwards but It must be read forwards.
Reply With Quote
  #380  
Old 03-05-2008, 03:52 PM
jfx jfx is offline
Member
 
Join Date: Oct 2007
Posts: 12
Default


PEiD say: nothing found... and i not test it with reflector :lol: only after dump
Sorry - my mistake.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.