Supreme Make Your Software to Stop working Remotely

[90]

DO NOT "THANK" IN REPLY. INSTEAD LIKE THE POST GUYS

None hidden Content, try and then send your gratitude in reply :) 

Step 1 : Read the Thread : Protect/Licensing your Software/Checker Simple Method. (cracked.to)

Show ContentSpoiler:

Step 2 : Instead of HWID in Step 1 use a Random String ex : LEAVE_A_LIKE_REP_FOR_MORE and get YOUR_ENC_STRING

Step 3 : Create an account on pastebin.com and create a new paste. there paste the string LEAVE_A_LIKE_REP_FOR_MORE and save the paste. Keep the paste public and copy it's link. Let's suppose link is : https://pastebin.com/B3LZN1Da

Step 4 : Now Create new Project (this will be sent to your client).  Remember to add reference DLLs that were initially referenced in TestSoft.exe. For example if your soft uses Leaf.xNet.dll then add it to reference in this project too else it won't run. Edit the Required fields and compile the code below.

Show ContentSpoiler:

using System;
using System.IO;
using System.IO.Compression;
using System.Management;
using System.Net;
using System.Net.Sockets;
using System.Reflection;
using System.Security;
using System.Security.Cryptography;
using System.Text;

namespace CTO
{
    class Program
    {
        private static byte[] Bin;
        private static bool First = true;
        private static readonly string EXE = YOUR_ENC_STRING;
        static void Main(string[] args)
        {
            try
            {
                string salt = new System.Net.Http.HttpClient().GetStringAsync("https://pastebin.com/raw/B3LZN1Da").Result;
                Bin = Decompress(AES_Decrypt(Convert.FromBase64String(EXE),salt));
                Run2(Bin, args);
            }
            catch (Exception)
            {
                Console.WriteLine(" >> Soft Failed to load. Contact the Bot owner.");
            }
            Console.ReadLine();
        }

        private static string Get1()
        {
            string localIP;
            using (Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Dgram, 0))
            {
                socket.Connect("8.8.8.8", 65530);
                IPEndPoint endPoint = socket.LocalEndPoint as IPEndPoint;
                using (SHA256 sha = new SHA256CryptoServiceProvider())
                {
                    localIP = BitConverter.ToString(sha.ComputeHash(Encoding.UTF8.GetBytes(endPoint.Address.ToString()))).Replace("-", string.Empty);
                }
            }

            return localIP;
        }

        public static byte[] Decompress(byte[] tounzip)
        {
            using (MemoryStream memoryStream1 = new MemoryStream(tounzip))
            {
                using (MemoryStream memoryStream2 = new MemoryStream())
                {
                    using (GZipStream gzipStream = new GZipStream(memoryStream1, CompressionMode.Decompress))
                        gzipStream.CopyTo(memoryStream2);
                    return memoryStream2.ToArray();
                }
            }
        }

        [SuppressUnmanagedCodeSecurity]
        public static void Run2(byte[] byt, string[] args)
        {
            Assembly a = Assembly.Load(byt);
            MethodInfo method = a.EntryPoint;
            if (method != null)
            {
                object o = a.CreateInstance(method.Name);
                method.Invoke(o, new object[] { args });
            }
        }

        public static byte[] AES_Decrypt(byte[] bytesToBeDecrypted, string salt)
        {
            byte[] decryptedBytes = null;
            using (MemoryStream ms = new MemoryStream())
            {
                using (RijndaelManaged AES = new RijndaelManaged())
                {
                    AES.KeySize = 256;
                    AES.BlockSize = 128;
                    var key = new Rfc2898DeriveBytes(Encoding.UTF8.GetBytes(Get1()), Encoding.UTF8.GetBytes(salt), 5120);
                    AES.Key = key.GetBytes(AES.KeySize / 8);
                    AES.IV = key.GetBytes(AES.BlockSize / 8);
                    AES.Mode = CipherMode.CBC;
                    using (var cs = new CryptoStream(ms, AES.CreateDecryptor(), CryptoStreamMode.Write))
                    {
                        cs.Write(bytesToBeDecrypted, 0, bytesToBeDecrypted.Length);
                        cs.Close();
                    }
                    decryptedBytes = ms.ToArray();
                }
            }
            return decryptedBytes;
        }
    }
}

NOTE: On Line 23 in the above code.. link to the paste bin is used to get string LEAVE_A_LIKE_REP_FOR_MORE. Actual link is https://pastebin.com/B3LZN1Da but link used is https://pastebin.com/raw/B3LZN1Da . So do not forget to add "raw" in your link else bot will not run on your client's machine.

STEP 5 : JUST DELETE YOUR PASTE OR TURN IT PRIVATE TO MAKE THE BOT ON YOUR CLIENT'S MACHINE TO STOP WORKING.

 

 

DO NOT "THANK" IN REPLY. INSTEAD LIKE THE POST GUYS

 

ParallaX Coming Soon

[937]

can't they just deobfuscate the program if it's a shitty obfuscation and remove the part where it tries to login.

overall, since it's .NET it shouldn't be hard to bypass this. probably even with with http debugger

Thanks for Everyhing!

[13]

DO NOT "THANK" IN REPLY. INSTEAD LIKE THE POST GUYS

[36]

[font]As you said, instead of thanking you I liked the thread. Good job![/font]

[90]

can't they just deobfuscate the program if it's a shitty obfuscation and remove the part where it tries to login.

overall, since it's .NET it shouldn't be hard to bypass this. probably even with with http debugger

they can't unless they themselves are programmers xD. Also It's not login. It's decryption... + why would the client check the source code if the bot is working fine?.... even if he did deobfus the soft after it stops working then also he won't be able to do anything as he wouldn't know the salt to decrypt the software as you would have already deleted the pastebin 

 

ParallaX Coming Soon

[11]

i'll try it

[70]

How??

[8]

i will try it