Go4Expert

Go4Expert (http://www.go4expert.com/)
-   Ethical hacking Tips (http://www.go4expert.com/articles/ethical-hacking-tutorials/)
-   -   Introduction to Cracking - (Part I) (http://www.go4expert.com/articles/introduction-cracking-part-i-t17368/)

SaswatPadhi 6May2009 11:20

Introduction to Cracking - (Part I)
 

Introduction



This is my first article here. I hope it would be useful to everyone. Please not that this article is ONLY for educational purposes and in no way I encourage illegal cracking of applications.

Now as this is the first part, I would start with something very basic. Let's start with decompiling -- the process of extracting the source code from the compiled exe. Yes, you heard it right, source from exe ! Let me clear it first that exact decompilation is not possible for many programming languages like C++, VB 6.0 etc.. But there are a few that can be quite satisfactorily decompiled to source-code e.g. Java, .NET (VB, C#, J#, VC++, Delphi.NET), Flash (decompilation from swf to fla) etc...

In this article, I will only talk about decompiling .NET programs (if I get good response then I will continue other decompilation techniques in next parts).

Tools



For decompiling .NET apps, the only tool you need is .NET Reflector. It's an excellent decompiler by Red Gate and best of all, it's available for FREE. You can just google for .NET Reflector by Red Gate and the first result is what you need. You can grab a free copy with some plug-ins which I think are necessary. So, here is a summary of what you need :

Application
  1. .NET Reflector by Red Gate
  2. The app you want to decompile (let's call it XYZ.exe)
Plugins :
  1. Snippy
  2. Code Search
  3. Reflexil
  4. Deblector
  5. SilverlightLoader (if you want to decompile Silverlight)

Setup ...



Now, after downloading Reflector, you've to set it up (won't take long).
  1. Extract the zip file to any directory you like.
  2. Now extract the plugins to the sub-folder "Plugins".
  3. Open Reflector.exe and goto View -> Add-Ins.
  4. Click "Add..." and navigate to plugins directory.
  5. CodeSearch and Snippy come with only 1 dll, so you can add them right away :pleased:.
  6. But Reflexil and some others come with multiple dll files. You will have to add the correct dll. For ease, generally they are named in the format "<plugin-name>.dll" or "Reflector.<plugin-name>.dll. E.g. Reflexil's plugin is "Reflexil.dll" and Snippy's is "Reflector.Snippy.dll". So add such files. Adding wrong dlls would result in an error, but Reflector won't crash.

After adding plugins to Reflector, it's ready for you to decompile any .NET app ;).

Decompilation



Before you start decompiling apps, take a look at the small list box below the menu-bar. You can choose the language into which Reflector will decompile the exe. .NET apps built with any .NET language can be decompiled into any other .NET language :).

Now, File -> Open -> <select your exe>. Reflector will decompile it for you !
You get the almost EXACT source-code of the app. Decompilation by Reflector is so exact that sometimes, you can directly copy the code from Reflector and re-build the app !

Possible Uses


  1. You have lost the source-code of your c00L .NET app and badly want it back !
  2. You want to crack the serial for a software built with .NET. When you get the source, you know how the software expects the serial to be, so you can easily crack it. (Details will be in next part ..)
  3. Check if your code obfuscation is good enough to protect it from target users. (I will talk in details about obfuscation in next parts...)

Limitations



Several obfuscation schemes can protect .NET apps from being easily decompiled (but they can't make make it totally un-decompilable ;)). I will talk about cracking some obfuscations in next parts ...

Till then .. take care 'n' good bye.

Thanks for reading this.

hanleyhansen 6May2009 19:14

Re: Introduction to Cracking - (Part I)
 
Excellent info!! Looking forward to the upcoming parts.

SaswatPadhi 6May2009 19:36

Re: Introduction to Cracking - (Part I)
 
Glad to know that you liked it :smile:.

Next parts will be posted soon.

jatinpreet 7May2009 21:45

Re: Introduction to Cracking - (Part I)
 
Nice article, keep them coming!

kiddo 8May2009 11:57

Re: Introduction to Cracking - (Part I)
 
It's good for a newbie like me, thx... keep going

mainac 8May2009 14:21

Re: Introduction to Cracking - (Part I)
 
what does it entail mostly on?

mainac 8May2009 14:32

Re: Introduction to Cracking - (Part I)
 
can't wait for the next article on part 1

mainac 8May2009 14:34

Re: Introduction to Cracking - (Part I)
 
i loved the part can't wait for the upcoming one

kisanka 8May2009 15:19

Re: Introduction to Cracking - (Part I)
 
excellent! the best article so far I read on g4e. keep other parts coming regularly..

SaswatPadhi 8May2009 15:27

Re: Introduction to Cracking - (Part I)
 
Thanx everyone for the overwhelming response ! :happy:

I've submitted the Part-II today. I hope you would like that too.

shabbir 8May2009 15:35

Re: Introduction to Cracking - (Part I)
 
Quote:

Originally Posted by mainac (Post 47369)
what does it entail mostly on?

Quote:

Originally Posted by mainac (Post 47371)
can't wait for the next article on part 1

Quote:

Originally Posted by mainac (Post 47372)
i loved the part can't wait for the upcoming one

You should have all in one posts :D

SaswatPadhi 8May2009 17:39

Re: Introduction to Cracking - (Part I)
 
mainac = maniac ?!

Just joking, never mind. :D

coreljohn 21May2009 18:55

Re: Introduction to Cracking - (Part I)
 
ya fine

shabbir 3Jun2009 09:41

Re: Introduction to Cracking - (Part I)
 
Nomination this Article for Article of the month - May 2009

shabbir 17Jun2009 18:57

Re: Introduction to Cracking - (Part I)
 
Vote for this article in Article of the month - May 2009

SaswatPadhi 17Jun2009 19:00

Re: Introduction to Cracking - (Part I)
 
Quote:

Originally Posted by shabbir (Post 49788)
Vote for this article in Article of the month - May 2009

But the list does not mention it !!! :huh:

shabbir 17Jun2009 20:17

Re: Introduction to Cracking - (Part I)
 
I have included the third part which links to Part I and II and so mentioned them here as well that Part III if you liked chances are you like it this one as well.

SaswatPadhi 17Jun2009 20:27

Re: Introduction to Cracking - (Part I)
 
Oh ! Thanx !! :)

Crump 19Aug2009 18:38

Re: Introduction to Cracking - (Part I)
 
Hmm. None of the Deblector .DLLs are working for me

:thinking:

SaswatPadhi 19Aug2009 18:45

Re: Introduction to Cracking - (Part I)
 
@ Crump:
Check this : http://stackoverflow.com/questions/4...-use-deblector

Crump 19Aug2009 18:49

Re: Introduction to Cracking - (Part I)
 
Thanks.

Are there any tutorials to making passloads or something on these forums by any chance?

SaswatPadhi 19Aug2009 18:55

Re: Introduction to Cracking - (Part I)
 
I don't think ...

kiddo 21Aug2009 22:02

Re: Introduction to Cracking - (Part I)
 
nice post!
BTW, how can we know a program is created from .NET?

bianconeri.36 22Aug2009 01:21

Re: Introduction to Cracking - (Part I)
 
Bravo!

SaswatPadhi 22Aug2009 11:52

Re: Introduction to Cracking - (Part I)
 
Quote:

Originally Posted by kiddo (Post 55683)
nice post!
BTW, how can we know a program is created from .NET?

Drag it onto Reflector, it will try to decompile it instantly.
If it fails, the app is not a .NET one :)

kiddo 23Aug2009 20:53

Re: Introduction to Cracking - (Part I)
 
Quote:

Originally Posted by SaswatPadhi (Post 55728)
Drag it onto Reflector, it will try to decompile it instantly.
If it fails, the app is not a .NET one :)

that sounds not really effective.
Is there another way to identify it without the 'refletor'?
like we differ someone face.

SaswatPadhi 23Aug2009 20:59

Re: Introduction to Cracking - (Part I)
 
Another option is to use PEiD ( I mentioned about it in some part II or III of this series. )
It's the *most* effective option.

It works not only for .NET apps, but for all kinds of EXEs, even encrypted, packed ones too.

Download PEiD and use it to examine the exe. If it's a .NET one, PEiD will show "Microsoft Visual C# / Basic .NET". Not only that, it gives loadz of useful info about the exe. :)

kiddo 23Aug2009 21:16

Re: Introduction to Cracking - (Part I)
 
ow, thx 4 the info,
I haven't continue to the part 3,
lol...

kiddo 23Aug2009 21:57

Re: Introduction to Cracking - (Part I)
 
Hi, I've tried the 'reflector' to crack some exes,
but none success,
maybe they aren't .NET,
can anyone gave one program as example to crack?

I can't find the DLL file of Deblector, what is it named?

SaswatPadhi 24Aug2009 19:45

Re: Introduction to Cracking - (Part I)
 
> can anyone gave one program as example to crack?
I gave a link to an example crack-me (by w02057) : http://crackmes.de/users/w02057/crac...02057/download in Part-III.
There are tons more at www.crackmes.de

> I can't find the DLL file of Deblector, what is it named?
DeblectorAddIn.dll

rahulgupta 5Oct2009 13:17

Re: Introduction to Cracking - (Part I)
 
Hey bro i liked the article but what is .NET exe. Can we use this method to crack othr formats like game Exe's too.

Thanks

SaswatPadhi 5Oct2009 19:17

Re: Introduction to Cracking - (Part I)
 
You can use this method to crack .NET games.
Games that are not in programmed .NET, won't be decompiled by Reflector.

But don't expect much, because these tutorials are just for beginners. Cracking games would require considerable knowledge/skill in cracking.

Good luck :)

shipra123 29Oct2009 18:26

Re: Introduction to Cracking - (Part I)
 
Excellent...I loved this post a lot. I am looking forward to more posts.

JenWarez6 21Nov2009 15:55

Re: Introduction to Cracking - (Part I)
 
Gr8 tut, bu what can i do with the source of the application?

technica 24Dec2009 17:45

Re: Introduction to Cracking - (Part I)
 
Even if this is your first article, it seems to be clean in content. Nice to read the article. Thanks for sharing.

sunfizu 20Sep2010 15:02

Re: Introduction to Cracking - (Part I)
 
nice one bro.. when will you post part-2.................


All times are GMT +5.5. The time now is 22:37.