devsoft on 4:25 PM 05/23/2023: [ebp-14C] will always contain the valid key for the instance
garfield on 12:39 PM 05/27/2023: im guessing you trying to make some bad cheat loader in c# and asking people how fast their dumping speedrun on dnspy was right?
thebovl on 9:41 AM 05/29/2023: No. Your wrong!
devsoft on 10:41 AM 05/29/2023: @thebovl, which one? :)
The loader is not managed code, and I guess is c++ with a common RunPE, running a .NET payload. So the solution without a patch might only pass by cheating it... :\
thebovl on 7:02 PM 05/29/2023: I wont reveal all of her features! You'll have to guess for yourselves.
devsoft on 10:53 AM 05/30/2023: @thebovl the question is only one. Is it acceptable to cheat the value? Since you defined the no patching rule :\
devsoft on 11:46 AM 05/30/2023: I'll apply for a solution that involves patching. But since it will be refused, I will never see it, because your examples just ask to don't get resolved :\
thebovl on 6:55 AM 05/31/2023: @devsoft The most important task is to solve it, so yes
thebovl on 4:09 PM 06/01/2023: @devsoft
I'm glad that this crackme was solved!
But in any case, the original task I conceived was to write a crackme for which a person would need to write a program that would read the memory and issue a key, and it was this crackme that should have become it :\
In any case, I'm glad it worked out for you! :)
thebovl on 4:11 PM 06/01/2023: @devsoft I just started learning c++ so don't judge too harshly
devsoft on 4:32 PM 06/01/2023: @thebovl No judgment at all! I'm no big expert myself! I just like breaking stuff ^^.
I tried, but the task itself is going to be hard as hell. Somewhere in the sea of RAM, there must be a pointer to the offset, but the "seeker's" I Know they depend on multiple scans. Which is instantly killed due this dynamic key system. Although I know when the value will be at ebp-14C, I can't pause the PID execution to extract it :\. But I'm eager for someone else to post a solution involving either a pointer scan, or an offset extraction. But since I'm thinking while typing, I did realize all strings have a fixed LEN of 16. This constant might be a weakness, but only time will tell.
Anyway, this is a complex system with multiple usages and it's always nice to check out, where and how is it being used.
devsoft on 4:57 PM 06/01/2023: Posting a new solution without patching ^^, this is half you want, since it's based on a weakness.
thebovl on 5:12 PM 06/01/2023: @devsoft ^^
Anhmai on 8:52 AM 08/03/2023: nice =)))) i try it but key is random =))) rand(), when i debug and i input correct key, then funtion ShellExecuteA(0, 0, "notepad.exe", 0, 0, 5) = open notepad.exe. And load main.dll, right?
-----------------------------------------------;
; ;
; ;
; Injector ;
; ;
; ;
;-----------------------------------------------;
[+] Injecting...
[+] Inject was successful!
Anhmai on 8:54 AM 08/03/2023: key length is 16 characters ^^
Abino on 6:58 PM 03/16/2024: fumo, ninguém fala em português nessa merda kkk
dredge on 1:03 PM 08/09/2024: Your key lTbpaD4F1QtkoPJN expired!
You can buy key at: keybuyCrackme.com
If your have the key, enter it below!
Key: pZYaBYxtEU3vpXkJ
;-----------------------------------------------; ; ; ; ; ; Injector ; ; ; ; ; ;-----------------------------------------------; [+] Injecting... [+] Inject was successful!