I just want to give you a simple example ~~~~
1. Tools used
Reflector.exe is used to view. net code. This is needless to say. net is a necessary learning tool.
Ildasm.exe: used to compile dll and exe into IL files.
Ilasm.exe: used to compile the IL file back to dll or exe
Emeditor processing tool, if you don't have it, you can download the registration code emeditor.rar.
2Ildasm and ilasm basic knowledge:
Use of ilasm.exeand ildasm.exe
First open the cmd command. Cd to C: \ Program Files \ Microsoft Visual Studio 8 \ SDK \ v2.0 \ Bin
Then, pull the DLL file named exeinto it (because we want to use the command, you can directly open ildasm.exe to open the directory)
For example, text. dll (which contains console. writeline ("hello word "))
Ildasm text. dll. You can find the method to open the dll.
Ildasm text. dll/output: text. il press enter to compile an il file (open it in notepad and edit hello word to save it)
Then, use the ilasm tool to decompile it into a dll or exe file.
Ilasm text press enter to automatically find the text4.il file and compile it into text4.exe
Or ildasm text/dll can be compiled into a text. dll file (remember to delete the original text4.dll first)
3. Start working.
Currently, I have a program with a password.
Start cracking
Open our program with reflector and start to analyze where verification is available
This step requires patience.
I found a way to exit the program without a dongle.
Now we use ildasm.exe to open our program and convert the program into an IL file.
Convert to UTF-8 format.
Four files are generated.
The most important is the il file.
Open with EmEditor
Find the method we want to modify SetDoLock ()
In this example, I delete them and change them
. Method public hidebysig instance void SetDoLock () cel managed {// code size 103 (0x67). maxstack 5 IL_0000: ret} // end of method Login: SetTextBox
Save
Now ilasm.exe is used to compile the IL file back to dll or exe.
I will not talk about the above methods.
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727>ilasm.exe C:\IL\aa.il
Let's take a look at the generated exe.
Run the generated exe in the original program.
The attack is successful !!
Author: bluejance Source: http://www.cnblogs.com/li-peng/