Pages

Saturday, May 22, 2021

Reverse Engineering .NET for beginner :crackmes.de's crackme by rayko

 Hi ALL 


As promised i will share writeup of beginner challenge so i think one of the easy challenges to start with are .NET application the first target is crackmes.de's crackme by rayko that you can download from :

https://crackmes.one/crackme/5ab77f6633c5d40ad448cc4b


the password of the zip file is : crackmes.de

the first step that i do every time before starting the program in virtual environment is looking information throw PE parsing using PESTUDIO that give many information about the executable file :

 

It seems that run in 32 bit cpu in the same time we confirm that we are dealing with .NET


 In this section we can see some security feature that are implemented in the executable file i m going to talk about those security measure later now i assume that i m beginner and the first goal is to find the solution for this challenge  

 

 the string part is very important in some too easy challenge the login and/or password are found in this section beside that we can get an idea about functions used to construct this program

 

When i run the program it request a Name and Serial and then click the check button that display the message try Again huuum Ok it s time to get a look in the code 

 

I use dnSPY tool one of the best to de-compile a .Net executable file, Now it s time to get a look in the code

 

After viewing the code there's two function that get my attention btnCheck_Click and Encrypt when looking at the first function there s a relationship between the Name and serial key so in this type of challenge we need a KeyGen (key generator) for every name has it s own serial key so to generate the serial key by looking at Encrypt function or patch the file in way to display the serial for us

it seems that the function take every character from the Name textbox and do some mathematical conversion anyway after adding the necessary serial key to display box :

 

 Save and compile the new file  and we have some good result :

So every time you have the serial key in the display to validate the challenge even if  your input is wrong

I hope it was helpful for you and thank you for reading.


Kind regards 

By OffensiveNoob


 

 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Offensive Lab : simple Format string challenge

 Hi All  Today i will write about a very easy challenge from Offensive LAB where you can solve it through using reverse engineering techniq...

  • Tryhackme : Dav
    Hi All I m trying to do Dav box in Tryhackme so here s my note during the process of pentesting : after a scan with nmap i found http port 8...
  • TryHackme : Boiler CTF
    HI All Lets play another box in tryhackme and learn something new today it will be Boiler CTF room I used to start any box  enumeration wi...