- Messages
- 1,263
- Reaction score
- 965
- Points
- 973
So the past few days, I've been helping a few devs remove strings from their tools, to say, stop people getting their webservers IP and messing with their systems. This is not a definitive fix, and bypassing this is easy, BUT, using methods of .NET obfuscation, even if parts of the source are cracked, no strings are there to be tampered with.
Things you will need
Example & Method
~ Harry
Things you will need
- Webserver (PHPMyAdmin is optional) - I'm using
- Simple knowledge of "bytes"...
- Half a brain (this is a C+P tutorial)
Example & Method
Create a file on your webserver, call it what ever you want, but make sure it's a ".txt" file. This file will display a string of bytes and your program will convert this to a byte array, then to a string, and use this string as a "key" to Decrypt all of your future strings. (This will make more sense soon)
First, we need to get our link to the file we just created. I am using WAMP, so my URL is " ". We need to convert this to hex. This website is perfect:
In the top textbox, enter your url (include "http://"), then hit convert.
My input/output:
This random letters and numbers are our bytes. We need to convert these to look like this:
Simply split your output into values of two:
Add a "," after each (don't do this on the last byte):
And add "0x" in front of each:
Do this to all the bytes!
Now we have a byte array to our key file on our webserver.
Now lets place some text into this file, and attempt to display it in a MessageBox.
I will put "test" into mine.
Double Click your Form
Include these at the top of your code:
We now will create a byte array to our server.
Place this code inside "Form1_Load":
Now we can convert the bytes to text by using this function:
Now we will show this in a message using a WebClient.
Above the "private void Form1_Load(object sender, EventArgs e)" function, place this:
Now place this inside of "Form1_Load":
When you run this, a MessageBox should show and say "test".
First, we need to get our link to the file we just created. I am using WAMP, so my URL is " ". We need to convert this to hex. This website is perfect:
In the top textbox, enter your url (include "http://"), then hit convert.
My input/output:
Code:
Input: http://localhost/key.txt
Output: 687474703a2f2f6c6f63616c686f73742f6b65792e747874This random letters and numbers are our bytes. We need to convert these to look like this:
Code:
0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x2F, 0x6B, 0x65, 0x79, 0x2E, 0x74, 0x78, 0x74Simply split your output into values of two:
Code:
68 74 74 70...
Code:
68, 74, 74, 70,...
Code:
0x68, 0x74, 0x74, 0x70,...Now we have a byte array to our key file on our webserver.
Now lets place some text into this file, and attempt to display it in a MessageBox.
I will put "test" into mine.
Double Click your Form
Include these at the top of your code:
Code:
using System.Net;
using System.Security.Cryptography;We now will create a byte array to our server.
Place this code inside "Form1_Load":
Code:
byte[] myByteArray = { BYTE ARRAY REPLACES THIS TEXT };
Code:
public string BytesToString(byte[] arr)
{
return Encoding.UTF8.GetString(arr);
}Now we will show this in a message using a WebClient.
Above the "private void Form1_Load(object sender, EventArgs e)" function, place this:
Code:
WebClient client = new WebClient();Now place this inside of "Form1_Load":
Code:
MessageBox.Show(client.DownloadString(BytesToString(myByteArray)));When you run this, a MessageBox should show and say "test".
Now we need to use these two functions in order to Encrypt and Decrypt our strings:
As you may see, our key string is clearly visible, and anyone who gets this will be able to decrypt our top kek encrypted strings. We will Encrypt this using bytes, and store it on our webserver instead. Make sure to remove your key from your code, once you have chosen a key, make the:
be:
Now, we have to keep our key 16 characters long, or it will not work.
So make a 16 character key and throw it into the string to hex converter website again.
We need to convert this to bytes again, but no "," or "0x" this time. My output looks like:
Now we replace "test" with the bytes above in our key.txt file.
If we run our program now, we should get a MessageBox with the bytes you have entered.
Now we want to convert this to be able to use it as our key.
In Form1_Load, add this:
Now our Encryption has a key, we can Encrypt a string. So lets create another file on our server and call it "test.txt".
Under the code we have added in "Form1_Load", add this:
Run the program and make note of the exact characters in the MessageBox... Put these into the string to HEX converter website again.
I am Encrypting the string:
When Encrypted, it is:
Converting this to hex, it becomes:
Now we have to split this again, but only the spaces, no comma or "0x":
Now place this split hex into our "test.txt" file on our webserver, and attempt to retrieve and Decrypt it!
Now we will use some of the same byte array as gaining the key in order to get this (same method at least), but instead of " ", we need " "
We only need to replace 3 bytes and add one. So our byte array for the key.txt link is:
You may notice the end being:
. This is ".txt" in HEX. that must mean the last 7 bytes are "key.txt". From these, will update the first 3, and add one after. I will replace
to
, as this is "test" in hex to bytes.
Under the code already in "Form1_Load", remove the MessageBox.Show code, and add a new array:
. I will replace "BYTES HERE" with:
Now add this under our new byte array:
Now we can display the Decrypted text in a MessageBox like so:
Code:
string key = "L1$Ba8s!5)g$Sb41";
public string Encrypt(string data)
{
using (var des = new TripleDESCryptoServiceProvider { Mode = CipherMode.ECB, Key = Encoding.UTF8.GetBytes(key), Padding = PaddingMode.PKCS7 })
using (var desEncrypt = des.CreateEncryptor())
{
var buffer = Encoding.UTF8.GetBytes(data);
return Convert.ToBase64String(desEncrypt.TransformFinalBlock(buffer, 0, buffer.Length));
}
}
public string Decrypt(string data)
{
using (var des = new TripleDESCryptoServiceProvider { Mode = CipherMode.ECB, Key = Encoding.UTF8.GetBytes(key), Padding = PaddingMode.PKCS7 })
using (var desEncrypt = des.CreateDecryptor())
{
var buffer = Convert.FromBase64String(data.Replace(" ", "+"));
return Encoding.UTF8.GetString(desEncrypt.TransformFinalBlock(buffer, 0, buffer.Length));
}
}As you may see, our key string is clearly visible, and anyone who gets this will be able to decrypt our top kek encrypted strings. We will Encrypt this using bytes, and store it on our webserver instead. Make sure to remove your key from your code, once you have chosen a key, make the:
Code:
string key = "L1$Ba8s!5)g$Sb41";
Code:
string key;Now, we have to keep our key 16 characters long, or it will not work.
So make a 16 character key and throw it into the string to hex converter website again.
Code:
Input: L1$Ba8s!5)g$Sb41
Output: 4c312442613873213529672453623431We need to convert this to bytes again, but no "," or "0x" this time. My output looks like:
Code:
4C 31 24 42 61 38 73 21 35 29 67 24 53 62 34 31If we run our program now, we should get a MessageBox with the bytes you have entered.
Now we want to convert this to be able to use it as our key.
In Form1_Load, add this:
Code:
string ourKeyBytes = client.DownloadString(BytesToString(myByteArray));
byte[] bytes = ourKeyBytes.Split().Select(t => byte.Parse(t, System.Globalization.NumberStyles.AllowHexSpecifier)).ToArray();
key = BytesToString(bytes);Under the code we have added in "Form1_Load", add this:
Code:
MessageBox.Show(Encrypt("STRING I WANNA ENCRYPT");I am Encrypting the string:
Code:
ProfoundModz
Code:
72JeeVa1RmLbwn0PJVU4RQ==
Code:
37324a6565566131526d4c62776e30504a56553452513d3d
Code:
37 32 4A 65 65 56 61 31 52 6D 4C 62 77 6E 30 50 4A 56 55 34 52 51 3D 3DNow place this split hex into our "test.txt" file on our webserver, and attempt to retrieve and Decrypt it!
Now we will use some of the same byte array as gaining the key in order to get this (same method at least), but instead of " ", we need " "
We only need to replace 3 bytes and add one. So our byte array for the key.txt link is:
Code:
0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x2F, 0x6B, 0x65, 0x79, 0x2E, 0x74, 0x78, 0x74You may notice the end being:
Code:
0x2E, 0x74, 0x78, 0x74
Code:
0x6B, 0x65, 0x79
Code:
0x74, 0x65, 0x73, 0x74Under the code already in "Form1_Load", remove the MessageBox.Show code, and add a new array:
Code:
byte[] myOtherByteArray = { BYTES HERE };
Code:
0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x74, 0x78, 0x74Now add this under our new byte array:
Code:
string myOtherMessageBytes = client.DownloadString(BytesToString(myOtherByteArray));
byte[] Otherbytes = myOtherMessageBytes.Split().Select(t => byte.Parse(t, System.Globalization.NumberStyles.AllowHexSpecifier)).ToArray();Now we can display the Decrypted text in a MessageBox like so:
Code:
MessageBox.Show(Decrypt(BytesToString(Otherbytes)));I created a program so quickly Encrypt a string and byte it into the byte format (XX XX XX...) for me, and then I put this into a file using ":" between each encrypted string. Then I download it, and split it using ":" into an array, and then I can assign each string that I need to manually. If you'd like me to show you how to do this, PM me, and I'll share some sources.
Also consider "downloading" parts of your code (encrypt it like above). I'll make a tutorial on this in the future.
Also consider "downloading" parts of your code (encrypt it like above). I'll make a tutorial on this in the future.
Code:
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Threading.Tasks;
using System.Windows.Forms;
using System.Net;
using System.Security.Cryptography;
namespace String_Encryption_Tool
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
WebClient client = new WebClient();
public string BytesToString(byte[] arr)
{
return Encoding.UTF8.GetString(arr);
}
string key;
public string Encrypt(string data)
{
using (var des = new TripleDESCryptoServiceProvider { Mode = CipherMode.ECB, Key = Encoding.UTF8.GetBytes(key), Padding = PaddingMode.PKCS7 })
using (var desEncrypt = des.CreateEncryptor())
{
var buffer = Encoding.UTF8.GetBytes(data);
return Convert.ToBase64String(desEncrypt.TransformFinalBlock(buffer, 0, buffer.Length));
}
}
public string Decrypt(string data)
{
using (var des = new TripleDESCryptoServiceProvider { Mode = CipherMode.ECB, Key = Encoding.UTF8.GetBytes(key), Padding = PaddingMode.PKCS7 })
using (var desEncrypt = des.CreateDecryptor())
{
var buffer = Convert.FromBase64String(data.Replace(" ", "+"));
return Encoding.UTF8.GetString(desEncrypt.TransformFinalBlock(buffer, 0, buffer.Length));
}
}
private void Form1_Load(object sender, EventArgs e)
{
byte[] myByteArray = { 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x2F, 0x6B, 0x65, 0x79, 0x2E, 0x74, 0x78, 0x74 };
//MessageBox.Show(client.DownloadString(BytesToString(myByteArray)));
string myKeyBytes = client.DownloadString(BytesToString(myByteArray));
byte[] bytes = myKeyBytes.Split().Select(t => byte.Parse(t, System.Globalization.NumberStyles.AllowHexSpecifier)).ToArray();
key = BytesToString(bytes);
byte[] myOtherByteArray = { 0x68, 0x74, 0x74, 0x70, 0x3A, 0x2F, 0x2F, 0x6C, 0x6F, 0x63, 0x61, 0x6C, 0x68, 0x6F, 0x73, 0x74, 0x2F, 0x74, 0x65, 0x73, 0x74, 0x2E, 0x74, 0x78, 0x74 };
string myOtherMessageBytes = client.DownloadString(BytesToString(myOtherByteArray));
byte[] Otherbytes = myOtherMessageBytes.Split().Select(t => byte.Parse(t, System.Globalization.NumberStyles.AllowHexSpecifier)).ToArray();
MessageBox.Show(Decrypt(BytesToString(Otherbytes)));
}
}
}
