{smartassembly} 4.0.3414

[NoneForce]

Download :

Code:

http://rapidshare.com/files/277546952/_smartassembly__4.0.3414.rar

Pass :

Code:

NoneForce@PC7

[Kurapica]

Amazing crack, very hard one.

hehe I was too close but I think I should give it more time next time

Good work.

[bball0002]

Quote:

Originally Posted by Kurapica

Amazing crack, very hard one.

hehe I was too close but I think I should give it more time next time

Good work.

Yeah, I posted this in the requests section yesterday. This crack has actually been out for a while. MegaX is an incredible reverser. (I'm going to assume that this is MegaX's release, since it's the same build that he cracked.)

[Kurapica]

does MegaX have an account here ? or does he use another nick ?

[bball0002]

Quote:

Originally Posted by Kurapica

does MegaX have an account here ? or does he use another nick ?

I'm not sure. He posted that release on a chinese forum. (http://bbs.pediy.com/showthread.php?p=646790 is the original link. Mod's delete if this link is against the rules). I'm pretty sure he cracked a recent Xenocode version as well.


Actually, he has an account over at reteam. Only one post though, he posted about unpacking .net Reactor 3.8.0.0 BETA.

Lol, he also cracks all the Dis# apps.

[bball0002]

Also, slightly off-topic, @ Kurapica: You said you were close to cracking it. Is there a way to edit the PE without decrypting the strings? I noticed after playing around with this crack, if you use the highest possible string encoding/encryption in smartassembly, any attempts to edit the exe do not work, even if the application is NOT strongsigned. I was reading around and noticed people saying that {SmartAssembly} uses the strongname during string encryption, but if you choose to NOT sign the assembly, and use the highest string encryption, you will see that you cannot edit the file.

Just wondering if you had any insight on that.

[Kurapica]

@ bball0002 :

the version I was working on is older than this release and when 4.1 was out I stopped working on that old version.

I'm on windows 7 now, anyway I suspect there is something weird, because even when you enable the strong name option you can still modify the assembly and it won't crash !

on XP-SP2 the version I was working on behaves in a different way, If you try to modify the produced assembly in anyway it will crash !

------------------------------------------------------------------------

Anyway I was working on an XP-SP2 machine with SA 4.0 and .NET framework 2.0 without SPs.

what I noticed is that in Windows 7 the strongname signature is not working okay, you can try to run the release and you will see that you can modify the signed assembly and it will work just fine.

still investigating....

[bball0002]

Does Windows 7 have .NET Framework 3.5 SP1 installed? That bypasses the strongname by default, which could be why strongname isn't working in Win7. I think that may be the reason because I'm on Windows XP SP3 running .NET 3.5 SP1 and I can edit strong-signed (without string encrypted) assemblies and they still run fine.

But what I'm referring to is the "Strings Encoding" settings. If you check the first two checkboxes and choose NOT to sign the assembly with a strongname, you still cannot edit the assembly. I don't really know what they're doing to prevent modification.

The setting I'm talking about is this:

Code:

{smartassembly} can dynamically bind the encoded strings to the assembly structure. This will highly improve protection, as any attempt to modify the assembly will make it crash.

Combining this with this setting:

Code:

{smartassembly} can compress and encrypt the encoded strings. This will highly improve protection and reduce assembly size, with just a one-time decompression and decryption at start up.

Makes the assembly unmodifiable.

[Kurapica]

Quote:

{smartassembly} can dynamically bind the encoded strings to the assembly structure. This will highly improve protection, as any attempt to modify the assembly will make it crash.

I once had the decryption code of the strings but I lost it ! anyway I remember that it uses two important values, the PublicKey of the signed assembly and the MetaData token of the decryption method, so if you modify any of these values the decryption of strings will fail and raise an exception and finally crash your application.