Several common tools for. NET Cracking

In the. NET hack we often refer to Reflector\simpleassemblyexplorer and CFF explore tools. Let's say, for example, how they use a simple Windows Form program, and the code looks like this:

?

123456789101112131415161718192021222324252627

public partial class Conversion : Form    {        public Conversion()        {            InitializeComponent();        }        bool isTrialExpired = true;        private void button1_Click(object sender, EventArgs e)        {            double c = Convert.ToDouble(textBox1.Text);            double f = (c * 9 / 5) + 32;            label3.Text = f.ToString();        }        private void TrialExpiredCheck()        {            if (isTrialExpired)            {                MessageBox.Show(@"Trial Duration has expired! Installed Freh copy", "!!!!Alert Message!!!!");                Application.Exit();            }        }        private void Conversion_Load(object sender, EventArgs e)        {            TrialExpiredCheck();        }            }

The pop-up message box runs normally and the program exits.

There are several ways to hack this program: 1. Let istrialexpired be false;2. Empty the Conversion_load Method 3. Empty the Trialexpiredcheck method. We will now use the above 3 tools to achieve this:

Reflector:

Reflector must have Reflexil plugin. Use the reflector opener to find the Conversion_load method, and select Reflexil in tool:

Now we need to add a istrialexpired = False code to the Conversion_load method, as follows:

Modify the Conversion_load as follows:

Click "OK" button, then save as:

Operation Result:

Simpleassemblyexplorer:

Open Program Select Class Editor:

bool istrialexpired = true; This code is actually two sentences bool istrialexpired = false; Istrialexpired = True, the second sentence is executed in the construction method, and corresponds to the first 3 commands shown here, we just need to delete the 3 instructions.

Operation Result:

CFF Explore:

Open the program with ILDASM

Find the Trialexpiredcheck method, here we do 2 hack, 1 delete application.exit (); 2. Delete all contents of the method:

Open program with CFF Explore

Enter 20cc at Rav:

Attention

IL_0018:/* (0A) 00001A */call void [System.windows.forms]system.windows.forms.application::exit () The address of this sentence is 1 a 00 00 0A

Change the 1 a 0A all to 00, then click the Modify button

Save as:

Operation Result:

If you want to delete the entire contents of the Trialexpiredcheck method, delete both of the following directives:

You need to change the marked part to 00:

Run results after saving:

Download there are inappropriate places to welcome everyone to shoot bricks!

Several common tools for. NET Cracking