View Single Post
  #1  
Old 03-04-2011, 13:05
Sailor_EDA Sailor_EDA is offline
Friend
 
Join Date: Nov 2004
Posts: 67
Rept. Given: 8
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 42
Thanks Rcvd at 4 Times in 2 Posts
Sailor_EDA Reputation: 2
Need some tips on in memory patching of a .Net dll

Hi folks,

I'm working on a target that uses a .Net dll that has all the security call for the serial checking etc. The problem is that this dll is strongname protected so if I just byte patch, the executable detects this at runtime and says the dll is corrupt and so on.

I haven't had much luck with strongname protected dll's before and I'm hoping one of you can help me with this.

I've read a long time back that the solution is to have a loader that patches the dll in memory once its loaded. I haven't had much luck in finding any tuts that talk about this specific case.

In addition, this particular target also utilizes a ha$p license manager however, by looking at the disassembled code I'm sure this can be bypassed pretty easily.

In anycase, here is a link to the target. PM for the password.

http://www.megaupload.com/?d=4MSYPFEH

Btw, this is an addon to M$ Vi$io so you'll need that to use it. In spite of being an addon, it has its own exe file that works as a loader. The exe is written in vba I couldn't gather much information from IDA.

Any tips or pointers?

Sailor_EDA
Reply With Quote