| What he said^ |
==> |
| Was cool to learn how CIL or MSIL assembly and opcodes work. |
==> |
| Okay, I managed to solve it by patching... I opened it and IDA again with dnSpy on the side, to try find patterns and similar strings. Finally i managed to find the two jump conditions for the if and the flag... and changed them to their opposite to gain access without having to type the password even once.
Great crackme! |
==> |
| Ok so i think i got it?
It's random every time, it's only possible with a debugger techinacally.. i think.
Correct me if im wrong please |
==> |
| Okay yeah, before I saw your comment I discovered dnSpy lol.
I think I'm close to solving this now. dnSpy is useful. |
==> |
| Can you provide a little hint?
I just don't know how to approach it. Tried IDA pro like I do every time but it won't even let me debug. Tried .NET decompilers and still nothing. |
==> |
| Roboticol^^
Download 010 editor, and search for the hex bytes in the area of where you want to patch the code until you only find one occurance. And patch there.
That's how I do it most of the time, and how I did it here. |
==> |
| Nice one. |
==> |
| Very nice crackme.
Solved it by patching the anti-crackme function to ret at the beginning so I can debug, and then patched the if. Turns out the password is plaintext when it reaches the if lol... but anyways disabling the anti-crackme was necesarry.
Thanks for the fun! |
==> |
| always 0*** sorry |
==> |
| Hey, can someone explain to me why 536870892 and 24576 work?
Quite new to this.
What I dont get it:
v10 = random_time_num();
if ( ((num2_copy + random_nums[v11] - v10) & 0x7FFF) != 0 )
break;
How do these numbers make the expression always 10?
num2_copy is just a copy of num2. and it's static.
but random_nums[v11] is a random number... so is v10 if i understood correctly.
How do we make it 0 again and again 20 times, with randomness taking place?
Any help appreciated :} |
==> |