#16
|
|||
|
|||
Quote:
Probably you are saying this because ildasm crashes while dumping, but this only means that obfuscator inserted some invalid metadata. So: 1 - If you find and remove this metadata you are still able to decompile/recompile. 2 - Future version of ILDASM will be able to manage invalid metadata so it would not be a problem anymore. Quote:
Code:
00012140 0E 0E 04 20 01 01 02 03 20 00 01 80 A0 00 24 00 ... .... ..€ .$. 00012150 00 04 80 00 00 94 00 00 00 06 02 00 00 00 24 00 ..€..Ħħ........$. 00012160 00 52 53 41 31 00 04 00 00 01 00 01 00 CD 62 12 .RSA1........Íb. 00012170 05 0E 7C CD 6F 51 AF 2C 41 FD CC 65 44 AC E3 CF ..|ÍoQ¯,AýÌeD¬ãÏ |
#17
|
||||
|
||||
SystemeD
I patched byte you've shown and sent patched DLL to my friend to test it. This time .NET compiler said : "Invalid program" (or something like this). May its because of joining your method and method of patching 80 at offset 102C. Tonight, I played with a simple file compiled with and without Strong Name. I noticed after compiling with KEY, 80 A0 and PublicKey are the major differences between two files. So my suggestion is : Patching whole PublicKey and 2 bytes before it to 00. I must test it again. And... Present version of ILDASM (.NET SDK 1.1) crashes at decompiling time and the produced file is uncompilable. Do you decompile and recompile the mentioned dll successfully? Last edited by Newbie_Cracker; 03-13-2005 at 04:00. |
#18
|
|||
|
|||
Quote:
Quote:
Quote:
PS: I suggest you to patch only the strong name infos at first. Test if the assembly works and after apply all other cracking patches. Last edited by SystemeD; 03-14-2005 at 18:39. Reason: Added PS... |
#19
|
|||
|
|||
what i have encoutered is ildasm does work, but the output file it produces contains a lot of ascii characters(not a-z). then ilasm will have problem to compile it back.
|
#20
|
|||
|
|||
Can you point me to your target?
|
#21
|
|||
|
|||
RedGate SQL Bundle - "RedGate.Licensing.Client.dll"
i ran ildasm, dumped everything. then couldn't compile it back (without changing any il code) hxxp://www.red-gate.com/downloads/bundle.exe |
#22
|
|||
|
|||
Did you try it with Reflector. If in Reflector, you only see garbage function names, member variables, the dll used obfuscation, and ILASM can failed when recompiling.
|
#23
|
|||
|
|||
jjhsd:
Funny! I just played with it few months ago but I don't remember what I did exactly... I think it's time to take a look at the new version... |
#24
|
|||
|
|||
SysteMD:
the software's protection can be defeated by other ways, but not using decompiling. TQN: yeah, i have tried and can see garbage function names from there. |
#25
|
|||
|
|||
It's not completely true, I tested it and, for example, I succeded to decompile/remove Strong Name Signature/recompile the assembly named "RedGate.Licensing.Client.dll".
The only problem I encountered is that Ildasm produced a resource file with an invalid name ("똁.resource"). So I renamed it in "a.resource" and modified the dump to point to the new resource file. I recopiled the assembly and it worked. I don't know if it is the problem you had but I would use decom/recomp technic for this target too. |
#26
|
|||
|
|||
jjhsd and SystemD:
PAY ATTENTION AND STOP USING THE "QUOTE" BUTTON WHEN A "QUOTE" IS NOT NECESSARY. You just add to the burden of the database and I'm gettig tired of fixing your posts. Regards,
__________________
JMI |
#27
|
|||
|
|||
yes, it works. I didn't change resource file name in the dump, that's why it failed.
thank you. : ) |
#28
|
||||
|
||||
StrongName Signature Remover
Last night I saw a little tool for removing StrongName Signature from .NET applications in Woodman forum.
Little description of this tools is : SNRemove v1.00 Copyright (c) 2005 Nir Sofer Web Site: http://www.nirsoft.net But it didn't fix SN Signature in ASP .NET Applications. So I created this patcher to solve this for all .NET Applications. It's the result of this topic. Best regards. Last edited by Newbie_Cracker; 09-26-2005 at 04:02. |
#29
|
||||
|
||||
Nice Job, Thanks!
NeWBiE_Cracker |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
different DLLs have same udd name in OllyDbg | BlackWhite | General Discussion | 8 | 07-31-2014 03:04 |
Unpacking DLLs | thomasantony | General Discussion | 22 | 08-18-2005 05:34 |
DLLs | armmad8 | General Discussion | 2 | 06-09-2005 22:13 |