Cheat Engine Forum Index Cheat Engine
The Official Site of Cheat Engine
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


easy crack me

 
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes
View previous topic :: View next topic  
Author Message
Fafaffy
Cheater
Reputation: 65

Joined: 12 Dec 2007
Posts: 28

PostPosted: Sun Mar 22, 2009 11:26 pm    Post subject: easy crack me Reply with quote

ok, this was made in VB 2008 express edition.
the way this validates the code is by going to a url that uses the GET method to check the serial, if it's valid it says that, else my program will make a message box explaining the problem.
this should be easy to NOP the website check and making it think that it's valid.
oh and by the way this adds a couple of registries, to delete them go to HKEY_CURRENT_USER and delete the fafaffy folder

_________________
Brillia wrote:
I FUCKING FUCK SEX
Back to top
View user's profile Send private message Send e-mail
Boon
Cheater
Reputation: 0

Joined: 13 Jan 2009
Posts: 29
Location: Latvia

PostPosted: Mon Mar 23, 2009 2:29 am    Post subject: Reply with quote

There seems to be an xss vulnreability.
Code:

http://valid.fafaffy.com/index.php?&sn=%3Cfont%20color=red%3Exss%3C/font%3E%3CSCRIPT%3Ealert(document.cookie);%3C/SCRIPT%3E


edit:
Cracked!
Any serial is accepted now.
Back to top
View user's profile Send private message
ElitestFX
Expert Cheater
Reputation: 0

Joined: 01 Nov 2007
Posts: 218

PostPosted: Mon Mar 23, 2009 11:35 am    Post subject: Reply with quote

How did you approach this?
Back to top
View user's profile Send private message
Boon
Cheater
Reputation: 0

Joined: 13 Jan 2009
Posts: 29
Location: Latvia

PostPosted: Mon Mar 23, 2009 12:38 pm    Post subject: Reply with quote

If the question was addressed to me ,then I tampered with IL ,
It used to be like this(pseudocode):
push result from web
push <the string the web would return if the key is right>
<compare>
If (equal)
<stuff to do when password is right>
else
<stuff to do when password is wrong>

I did a small change

push <the string the web would return if the key is right>
push <the string the web would return if the key is right>
<compare>
If (equal)
<stuff to do when password is right>
else
<stuff to do when password is wrong>'Never happens , since It's comparing identical strings.

I find it really hard to explain , sorry.
Back to top
View user's profile Send private message
ElitestFX
Expert Cheater
Reputation: 0

Joined: 01 Nov 2007
Posts: 218

PostPosted: Mon Mar 23, 2009 1:09 pm    Post subject: Reply with quote

No need to apologize. I understand your detailed explanation. I appreciate your time in responding.

What is IL? I googled it and found IL Assembly, but I wasn't sure if that was what you were talking about.
http://www.codeproject.com/KB/msil/ilassembly.aspx

How did you located that routine? When I open the crackme in OllyDBG, the disassembler, dump, and stack was empty. I got the code loaded by breaking on MessageBoxW, and I tried to trace back from there. I failed trying to find the check.

Any hints on where to break?
Back to top
View user's profile Send private message
Boon
Cheater
Reputation: 0

Joined: 13 Jan 2009
Posts: 29
Location: Latvia

PostPosted: Mon Mar 23, 2009 1:28 pm    Post subject: Reply with quote

I didn't use olly for this task , I find cracking anything .NET with the normal tools quite frustrating.

Yes , it's the same IL I was talking about.

I used .NET reflector with Reflexil addon(for modification)

This is how it looks
Back to top
View user's profile Send private message
S3NSA
:3
Reputation: 1

Joined: 06 Dec 2006
Posts: 1908
Location: England.

PostPosted: Mon Mar 23, 2009 1:30 pm    Post subject: Reply with quote

IL stands for Intermediate Language and is what programs written in .NET are compiled into. Upon runtime they use the .NET Framework JIT (Just in time) compiler to compile it into native code.

You won't be able to analyse a program written in .NET in OllyDBG, not completely sure but I think it's because the compiler converts the IL as needed when executing. You may analyse .NET executables and dynamic libraries in IDA.

_________________
~ You can find me on irc.ccplz.net x
Back to top
View user's profile Send private message Visit poster's website
Fafaffy
Cheater
Reputation: 65

Joined: 12 Dec 2007
Posts: 28

PostPosted: Mon Mar 23, 2009 3:00 pm    Post subject: Reply with quote

still thought this would be easy to anyone, cuz it checks the string that came back from the server, all you had to do was NOP the check or change the string.
_________________
Brillia wrote:
I FUCKING FUCK SEX
Back to top
View user's profile Send private message Send e-mail
ElitestFX
Expert Cheater
Reputation: 0

Joined: 01 Nov 2007
Posts: 218

PostPosted: Mon Mar 23, 2009 3:06 pm    Post subject: Reply with quote

Boon, thanks for the information about Reflexil. It's a very useful add-in. I basically used your method. Instead of comparing prompt with 602, I made it compare two constants of 601. =)



S3NSA, I will definitely look into using IDA.

fafaffy, I suppose it is easy for the people who know which tools to use. Wink
Back to top
View user's profile Send private message
rockman1190
Grandmaster Cheater
Reputation: 0

Joined: 10 Jan 2007
Posts: 730

PostPosted: Fri Apr 03, 2009 8:51 am    Post subject: What is IDA? Reply with quote

S3nsa, what is IDA? I've got an .exe to be cracked and PE Detective says it's .NET ... you said ollydbg won't be able to "read" it... Thanks.

Edit: I googled. IDA website
http://www.hex-rays.com/idapro/idadownfreeware.htm
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    Cheat Engine Forum Index -> General programming -> Crackmes All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group

CE Wiki   IRC (#CEF)   Twitter
Third party websites