杀鸡用OllyDebug C＃应用程序 [英] Cracking C# application with OllyDebug

问题描述

我想知道是否有一种方法来破解与OllyDebug C＃Windows应用程序。我有简单的我自己的crackme编写的应用程序使用Visual C＃2010前preSS。当我与OllyDebug打开和修改ASM code，因为我需要，没有复制到可执行文件选项OllyDebug因为我的登记表窗口动态新操作符分配（这是我相信，VirtualAlloc的（在调试器）函数调用）。虽然我能够修改ASM code（这简直是NOP'ing乙脑跳跃），我没能救我有裂痕code .exe文件，看起来像OllyDbg的看到code在数据段应用程序启动时，仅是动态分配这是不存在的。
谁能帮我这个问题？我想修改的* .exe有可能需要至少2个方法：

I would like to know if there is a way to crack C# Windows application with OllyDebug. I have simple my own CrackMe application written with Visual C# 2010 Express. When I open it with OllyDebug and modify ASM code as I need, there is no "Copy to executable" option in OllyDebug since my registration form window is dynamically allocated with "new" operator (which is, I believe, VirtualAlloc() function call in debugger). Though I am able to modify ASM code (which is simply NOP'ing JE jumps), I am not able to save my .exe file with cracked code, looks like OllyDbg "sees" the code in data segment which is not existing when the application launches and only is dynamically allocated. Can anyone help me with the problem? I think modifying *.exe should be possible with at least 2 approaches:

1）挖深入code。与OllyDbg中，找到地方实际code被分配之前，因为RegistrationForm的新实例不会奇迹般地出来的空间内（，不是吗？）

1) Dig deeper into code with OllyDbg and find place where actual code is held before allocation (because new instance of RegistrationForm doesn't come magically out of space, does it?)

2）如果它允许快速创建应用的VS中实施例preSS并且不需要太多的复杂code，使用静态调用所以每次点击注册表示相同RegistrationForm窗口（其将应用程序的code区举行，因此将在OllyDbg的是modifyable）。

2) If it allows fast creation of application in VS Express and doesn't require too much complicated code, use static calls so each time clicking on "Register" shows the same RegistrationForm window (which will be held in code section of application and therefore will be modifyable in OllyDbg).

这将是确定指出如何重写code和保持它的简单分配RegistrationForm的同一实例（单身？）。我唯一​​需要的就是破解＆安培;保存* .EXE，重新推出，并在任何数据填写到完成注册

It will be OK to point out how to rewrite code and keep it simple to allocate same instance of RegistrationForm (singleton?). The only thing I need is to crack&save *.exe, relaunch and fill in any data to "complete registration".

下面是$ C $ MyCrackMe类c。与Main（）方法：

Here is code of MyCrackMe class with Main() method:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;

namespace MyCrackMe {
    class MyCrackMe {
        public static void Main() {
            MyForm mainWindow = new MyForm();
            System.Windows.Forms.Application.Run(mainWindow);
        }
    }
}

主窗口类：

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;

namespace MyCrackMe {
    public partial class MyForm : Form {
        public MyForm() {
            InitializeComponent();
        }

        private void exitToolStripMenuItem_Click(object sender, EventArgs e) {
            Application.Exit();
        }

        private void aboutToolStripMenuItem_Click(object sender, EventArgs e) {
            MessageBox.Show("All rights reserved", "Message");
        }

        private void registerToolStripMenuItem_Click(object sender, EventArgs e) {
            RegistrationForm registrationForm = new RegistrationForm();
            registrationForm.Show();
        }
    }
}

登记表类：

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Runtime.InteropServices;

namespace MyCrackMe {
    public partial class RegistrationForm : Form {
        // Use DllImport to import the Win32 MessageBox function.

        [DllImport("user32.dll", EntryPoint = "MessageBoxA", CharSet = CharSet.Ansi)]
        public static extern int MsgBox(int hWnd, String text, String caption, uint type);

        public RegistrationForm() {
            InitializeComponent();
        }

        private void button1_Click(object sender, EventArgs e) {
            if (textBox1.Text == "lincoln" && textBox2.Text == "12345") {
                MsgBox(0, "Registration completed successfully!", "Registration Message", 0);
            } else {
                MsgBox(0, "Registration failed", "Message", 0);
            }
        }
    }
}

下面是截图OllyDbg的消息，并设置断点时非常

Here is OllyDbg screenshot and message which comes when setting breakpoints

推荐答案

.NET使用IL字节codeS，也被编译当你运行应用程序本地指令，所以它在.NET虚拟机运行，类似去渣。你也许现在是奥利调试框架，它自身会做，不是你的JIT生成原生code。 （您想如果我理解正确的话）。保存补丁.NET应用程序是不是在奥利据我所知可用。但也有其他的解决方案来处理/观察MSIL code。

.NET is using IL bytecodes, that gets compiled to native instructions when you run the application, so it runs in the .NET VM, similar to java. What you might be doing now with olly is debug the framework it self, not your JIT generated native code. (which you want If I understand you correctly). Saving patched .NET application is not available in olly as far as I know. However there are other solutions to manipulate/observe MSIL code.

• dbgclr


• 反汇编


• Cordbg中


• CFFExplorer

• dbgclr
• ildasm
• cordbg
• CFFExplorer

此外 PEBrowse 可以调试JIT生成的本机$ C $ç呢！

Also PEBrowse can debug the JIT generated native machine code too!

您可能也有兴趣在这些文章：

You might be also interested in these papers:

• 通过反向的.NET应用程序code工程Shukhrat Nekbaev

OWASP .NET调试

DOTNET

重写MSIL上飞在MSDN

.NET内部机制和本地编译

Stackexchange网络有一个专门用于逆向工程网站，请有加盟:)有可能是一种<一个href=\"http://reverseengineering.stackexchange.com/questions/2254/patching-a-net-4-0-binary-in-olly-or-cff-explorer\">answer对于已经在那里你的问题。

Stackexchange network has a site dedicated for reverse engineering, please join us there :) There might be an answer already for your question over there.

这篇关于杀鸡用OllyDebug C＃应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！