Tutorials to .com

Tutorials to .com » Asp » Optimization » Dotfuscator completely broken

Dotfuscator completely broken

Print View , by: iSee ,Total views: 11 ,Word Count: 785 ,Date: Fri, 17 Apr 2009 Time: 2:04 AM

Some Internet users recently asked me to help solve a control. Dotfuscator confused with the string into this form of encryption is also
IL_2b19: ldstr bytearray (9F FA 9A FC 9E FE 8B 00 6E 02 71 04) / / ........ nq
IL_2b1e: call string a $ PST06000001 (string)

. net software protection is none other than the trial time limit, limit access to IP, with license key, run-time shows that these types of copyright tips.
Limited time or IP is the most easy to get, whether there was confusion, he should call the East-West framework, and the framework can not confuse things, so find DateTime, Request wording like, get a few.
If the key, is also easy to track, at least he's exposure category to receive a key. If the control check in the illegal use of abnormal out, it is more foolish, because. Net will provide the call stack when an error for me to track. shows and characters copyright to prompt confusion of the most difficult (it is not easily confused, find) because he never did work as an official version.
I only pose the control is Intersoft WebGrid.net 3.5, because he dealt with Remotesoft Protector. This Protector is not confused, and he is. Net code into win32 mirror, only to retain the metadata. Break his deal with controls and break-off plus the dense win32 difficult procedure, I did not so capable. Of course, the use of this software is also little things, because too expensive, to thousands of U.S. dollars
The break is a trial version of the Chart control, rendering the chart when he left a faint watermark copyright statement. To break from his confusion, he can only function to start a string that is string a $ PST06000001 (string) . to write a function of inverse operation
By Decompiler decompile the function:
private static string a (string A_0)
(
char [] chs = new char [(uint) A_0.Length];
int i = 732379897;
for (int j = 0; j <(int) chs.Length; j + +)
(
char ch = A_0.Chars (j);
byte b1 = (byte) (ch & '\ u00ff' ^ i + +);
byte b2 = (byte) (ch>> '\ b' ^ i + +);
chs [j] = (ushort) (b2 <<8 | b1);
)
return string.Intern (new string (chs));
)
First glance, it seems very difficult to gain the upper hand. To confuse the process even further AND and XOR and shift and OR, there are two intermediate variables, and then mixed together ... but the algorithm must be reversible, otherwise how could he be encryption and decryption. Sure enough, look carefully, there are many places is to frighten people. have AND and OR is irreversible, it is certain that the operation is related to the waste:
The first sentence of byte b1 = (byte) (ch & '\ u00ff' ^ i + +); b1 is the 8-bit integer, so the fundamental ch & ff will not change anything, they can be simplified to (byte) (ch ^ i + +)
The second sentence of byte b2 = (byte) (ch>> '\ b' ^ i + +); do not see what is wrong, ch is a 16-bit and 8 may be shifted to right impact
The third sentence of chs [j] = (ushort) (b2 <<8 | b1); yanking people in, b2 is the 8-bit, 8 shifted to right is 0 a, 0 | b1 is b1
Well, the function is simplified
private static string a (string A_0)
(
char [] chs = new char [(uint) A_0.Length];
int i = 732379897;
for (int j = 0; j <(int) chs.Length; j + +)
(
char ch = A_0.Chars (j);
chs [j] = (byte) (ch ^ i + +);
i + +;
)
return string.Intern (new string (chs));
)

Under this simple ^ ^ is the inverse operation, he is the encryption method itself! I can il watermark in the characters to find, but there is a place of bluffing, as it functions to deal with byte, so confusion after the 8-bit should be high-0, but the confusion in the string il high eight things have obviously added randomly, did not affect the results of decryption. So, I encrypted using wildcard characters to Look, for example, 9F?? 9A??. to find a show that a function of copyright information, and to empty it, get!
This was recommended by confusion ms or browser ...


Posted by Yok at September 7, 2004 09:48 PM | TrackBack

Comments
Yok has become. Net expert to crack it?


Asp Optimization Articles


Can't Find What You're Looking For?


Rating: Not yet rated

Comments

No comments posted.