Reverse Engineering And Cracking A .Net Binary Using dnSpy

Learning how to crack a .net binary

Image for post
Image for post

Let’s see how to solve this .net crackme. Let’s try the crackme with some random credentials to see how it goes.

Image for post
Image for post

We can see reading through the code that the registration key depends on the result of a random value. My first idea was that maybe the random number generation is guessable when providing no seed for the constructor. Here’s the validation code.

Image for post
Image for post

But after checking how the Random constructor work when it’s given no seed I concluded that’s not an option. Here are the official docs for you to check.

As the key depends on this random value given by the Random.Next()method the most efficient way to crack the binary is to patch it.

I removed the validation for the serial using dnSpy and as you can see here the cracked binary works for any username and password you provide.

Image for post
Image for post

And that was it! Hope you enjoyed this writeup


syscall59

Hacking/Infosec writeups and articles

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store