Collection of free/opensource .NET tools

Dotpeek

https://www.jetbrains.com/decompiler/
Free .NET decompiler provided by JetBrains.

ILSpy

https://github.com/icsharpcode/ILSpy
Open source .net decompiler.

Reflexil

https://github.com/sailro/Reflexil
The .NET Assembly Editor, provides plugin for ILSpy and Reflector.

Simple Assembly Explorer

https://github.com/wickyhu/simple-assembly-explorer
If you want to edit IL, this one is easier to use than ILSpy + Reflexil.

de4dot

https://github.com/0xd4d/de4dot
.NET deobfuscator and unpacker.

Collection of free/opensource .NET tools by @sskaje: https://sskaje.me/2016/05/collection-freeopensource-net-tools/

Incoming search terms:

ARM __moddi3

When I was debugging an app on iPhone 4 (armv7), I found a function call:

Since ARM does not have Division/Modulo operators, compilers use other ways making your code work on devices like iPhone.

I followed the __moddi3 on iPhone 4, the moddi3() is provided by llvm’s compiler-rt (lib/builtins/moddi3.c).

Parameters a and b are 64-bit long and returned value is also 64-bit.

But in ARMv7, registers are 32-bit long. I’m trying to find out which registers are used.

I wrote a simple C file and compile to armv7 and x86_64

Compile to x86_64

Disassembe x86_64

x86_64 uses idivq, in this program:

Compile to armv7

Disassemble armv7

In armv7:

If both dividend and divisor are less than 0x100000000.

$r2 may be negative, like 0xfffffff3. ($r3 == 0).

means $r0 – $r2 == divisor

If signed integer $r2 is smaller than 0x80000000,
((long long) $r1 << 32 | $r0) - ((long long ) $r3 << 32 | $r2) == divisor.

ARM __moddi3 by @sskaje: https://sskaje.me/2016/01/arm-__moddi3/

error: failed to launch process debugserver: Security

I jailbroken my iPhone 4s with iOS 8.2 and tried to ran debugserver, then I met this error:

Google doesn’t help.

Just because, the App I’m trying to crack is an In-House app, not from AppStore, I have to ran it after installation and choose to trust the developer.

error: failed to launch process debugserver: Security by @sskaje: https://sskaje.me/2016/01/failed-launch-process-debugserver-security/

Set up DebugServer on iOS 7

I had my iPhone 4 jailbroken, so I can debug/crack apps on iPhone.

Server: iPhone 4 + debugserver
Client: Mac OS X + lldb

Server

DebugServer

Debugserver can be found on iOS: /Developer/usr/bin/debugserver
Just follow instructions: debugserver on iPhone Wiki

Save following content as a plist like dbg.plist

Apply the entitlement

If entitlement above is not applied, debugserver won’t be able to listen to a TCP port.

Remove FairPlay

FairPlay is Apple’s DRM applied to apps on AppStore.
If you see cryptid 1 like below, try Clutch!

Disable ASLR

Try otool -hv to your App, if you see PIE flags, you have to disable ASLR.

See: Mach-O Disable ASLR/PIE

Make sure you have python installed on your iPhone.

Find your target app.

Client

Copy a decrypted and de-aslr-ed app binary to your OS X and:

Set up DebugServer on iOS 7 by @sskaje: https://sskaje.me/2016/01/set-up-debugserver-ios-7/

Incoming search terms: