Wednesday 3 August 2011

Patching If Statements

What are If Statements?
The following picture shows a if statement.If statements test a condition:
DJ Crypter - Microsoft Visual Basic 2008 Express Edition_2011-08-04_10-16-33
Tools:
We will be using Simple Assembly Explorer to patch if statements.
Click Me to Download

You will also need a program to patch.
Click me to Download
Patching:
1.I have made a program which checks my name (Ultimate Coder).If the user enters a wrong name it informs the user that he/she entered a wrong name.

Program Manager_2011-08-04_10-31-53

2.Open Up SAE and browse to the place where you downloaded the program shown in the screen above.Right click the file then click on “Class Editor”.

Simple Assembly Explorer - by WiCKY Hu_2011-08-04_10-38-21


















3.A window should appear.Browse to the place show in the picture and right click on the line shown below and click on edit.

Class Editor - CDocuments and SettingsFasialDesktopfPahltching If Statemnts


4.Another window should pop up.Now to patch the if statement we have to reverse it.Before, The if statement checked that if the value of MyName is Ultimate Coder.If yes then it would show That the name was correct else it showed that the name was not correct.The line selected in the picture above checks if the value of MyName is Ultimate Coder if  false then it would jump to to line 14 and show a message
box.We will change it so that if the value is false then it would show You Got My Name.Now change the operand to the selected one in the picture below.

_2011-08-04_10-53-27

5.So now instead of going to line 14 it goes straight to line 10 which says You Got My Name.Click on Ok and then press on save in the menu bar.Save it to a place and then run the program.Put in any value and you will always see You Got My Name.

Program Manager_2011-08-04_11-02-45

Congratulations.You have successfully patched a program.

How to: Crack a Program (Bypass HWID Authentication


Credits to ampix0
This video demonstrates how to bypass software, which has been protected by a HWID system (HWID = Hardware Id)
You can easily bypass most .NET HWID applications using this method..
Downloads:

CrackMe Download

Process ID Generator

WireShark 32bit

WireShark 64bit

Fiddler2

Good Luck,

And,

Please post your Hacked accomplishments below..


DumbAssembly

 

DumbAssembly

 

DumbAssembly is an automatic unpacker for the RedGate SmartAssembly .NET protector. It supports versions of SmartAssembly up to 6.1 and removes the following protections:

Features

  • Code flow obfuscation
  • Import obfuscation
     
  • String encryption
  • Resource encryption
     
  • Assembly embedding and encryption
     
  • Tamper detection


If the input assembly was signed, the unpacked assembly is automatically re-signed with a randomly generated (or manually specified) strong name key pair.


The archive contains binaries and the complete source code.

 

Download :

Click Me

Simple Assembly Explorer

Simple Assembly Explorer (SAE) is an OPEN SOURCE .Net assembly tool.

 

Features:

  • Assembler: call ilasm to assemble il file
  • Disassembler: call ildasm to disassemble assembly
  • Deobfuscator: de-obfuscate obfuscated assembly
  • Strong Name: remove strong name, sign assembly, add/remove assembly to/from GAC
  • PE Verify: call peverify to verify assemblies
  • Class Editor: browse/view assembly classes, edit method instructions
  • Run Method: run static methods
  • Profiler: Trace function calls and parameters with SimpleProfiler
  • Relector: plugin which call Reflector to browse selected assembly
  • Editor: plugin which call an editor to edit selected assembly
  • ILMerge: plugin which call ILMerge to merge selected assemblies
  • Plugin Sample: simple plugin sample
  • Copy Info: copy information of selected assemblies to clipboard
  • Open Folder: open container folder
  • Delete File: delete selected files
Download:
Click Me

Greetings

This blog was created by Ultimate Coder & LemonZ.We are proud members of Deceptive Engineering forum.

We hope you enjoy your visit here.