Step #1
Download and extract DotNetResolver, which is coded by The Unknown Programmer.
Website: LINK TOOL
You could also use programs like .NET Reflector or Simple Assembly Explorer but
I prefer DotNetResolver because it is easy to use for beginners and completely free.
Step #2
Start DotNetResolver (Run as Administrator) and select the assembly (.NET-File) that you want to crack.
Once you opened your file using DotNetResolver, you should see this if you click the file in the TreeView:
Step #3
Now we will actually crack the file, to do that click the little arrow at the left side,
next to the file-name, it will look like this:
Now click the arrow next to the file-name again, (Not .My or .My.Resources as we do
not need to modify these things for now) and you will see this:
What you see above are the classes and modules of the selected file, let's click the
arrow next to your form (Form1) now, we will see Functions and Subs of this class.
If the program is protected using only the most simple method (Seal.Initialize) we need
to go to the entry-point of the application, where the NetSeal-Class will be called before
the actual program that we want to use will appear, to do that click .ctor() : Void!
On the right side, at the Decompiler-Tab, we will now see the code that was resolved
and converted from MSIL to easy-to-read Visual Basic, it should look like this:
In order to edit / modify the assembly and remove the NetSeal-Protection, we need to
switch to the MSILEditor-Tab, which is located next to the Decompiler- and the Properties-Tab.
Once we clicked it, we will see the pure MSIL-Code, which we can now edit. First we need
to find the 3 lines that are calling the NetSeal-Protection (initializing NetSeal), these will
be nop'd (Which means that the offset that will be nop'd will not do anything at all anymore,
more information about NOP can be found here: http://en.wikipedia.org/wiki/NOP )
The 3 lines that are initializing NetSeal can be easily found, they look like this:
The 3 lines that are initializing NetSeal can be easily found, they look like this:
The next step is to NOP these offsets, in order to "remove" them from the application, like this:
Now our MSIL-Code should look similar to this, there are many NOP'd offsets that are doing
absolutely nothing, but keep in mind that they are actually not removed from the program!
The last thing we have to do is saving our edited application, by clicking the Save-Icon in DotNetResolver.
I always save my files like <NAME>.patched.exe, in order to know that I have modified the file.
Once it is saved it should not show anything about NetSeal and directly show the form of the program!
Please be aware that most of the programs that are protected using NetSeal are using many more
ways of protection, as I mentioned in the beginning. We will cover these things in the other two
parts of my tutorial-series, this thread is just to show you how to get into cracking .NET-Assemblies.
I hope you enjoyed reading this, it was completely hand-written so please leave a comment if you
like it, constructive criticism, questions and suggestions are also very welcome! If you want to test
your 1337 Cracking-Skills, you can find the download-link of the application I used over here !
Thanks for reading 
0 Comments:
Post a Comment