.NET如何在不知道class的情况下破解识别序列化对象文件

sd6733531 2010-11-12 12:52:54
我现在手头里有序列化对象的文件。也有编译后的exe,但是没有源代码和dll库。所以没法反序列化该文件。
我用IL反汇编过该exe文件,反编译后该序列化组成如下。

有没有什么办法能把该exe文件中的该程序集提取出来,或者有什么其他办法能读取识别该序列化文件。
...全文
233 8 打赏 收藏 转发到动态 举报
写回复
用AI写文章
8 条回复
切换为时间正序
请发表友善的回复…
发表回复
sd6733531 2011-02-17
  • 打赏
  • 举报
回复
谢谢,虽然没有办法应付模糊。但是reflactor真的很好很强大
sd6733531 2010-11-15
  • 打赏
  • 举报
回复
[Quote=引用 3 楼 cdglynn 的回复:]
你引用EXE中的类,然后进行序列化看看怎样
[/Quote]
reflactor以后我发现它是用Sqlite存储的。不过可恶的是它设置了密码,我用reflactor查看源码后得到的连接字符串密码不正确。头疼,有办法破解sqlite数据库的密码吗?
sd6733531 2010-11-12
  • 打赏
  • 举报
回复
我用reflactor加载了一下。果然是被加密了

private string ྘(۾.݊ ذ)
{
StringBuilder builder = new StringBuilder();
Label_0158:
switch (ذ)
{
case ۾.݊.݋:
builder.Append(string.Intern(ℝ._℞("dfcmpfjmpeaniehnifongefoobmopedpjdkphdbaodiaedpamagbncnbhcechdlcbccdnpidcaae", 0x44acc210))).Append(string.Intern(ℝ._℞("ieeoaelojbcpgbjpdbaaabhanaoakafbhambeadcbakcopadlphdipodfpfeldnendefaelfoccgncjgicahcdhhnnnhkafijaminpcjopjjpoaknphkbapkfmflnomleodmfpkmjlbnhniniopneogomnnodnepfnlphmcadnjadmabimhbnlobdmfcgmmcpiddklkdilbekliedipeokgfclnfgkegdklgaich", 0x5ad7e3ff))).Append(string.Intern(ℝ._℞("aflijfcjffjjifakgehkmeokpeflibmlfbdmcbkmpabnmainjapngagodanogfepodlpmecakdjamdabcdhbaeobdpeckplckpcdhpjdioaemnhehapefagfhanfandglpkgppbhdpihapphbmgiconiaoejonljgnckhojklnalaohljkolnkfmkkmmmkdn", 0x61818b0d))).Append(string.Intern(ℝ._℞("pijbciacmihcmhociffdffmdcfdepekemebfjeifgepfdeggaengndehkdlhnicifhjidiajbhhjdhojjgfkhhmkkcdlbdklbdbmocimpbpmdbgnodnnmdeoodlohacpcdjpgdaakchahcoaipebjbmbhbdcfbkcnabdobidcbpdhbgeaomeeodfbokfdobg", 0x6d591944))).Append(string.Intern(ℝ._℞("dobjcoijmnpjingkmnnkcnelemllhmcmmljmmmanolhnbmonnlfomimojidpmnkpembacniaampacmgbilnbgmecjhlcaicdaijdnhaeoghecgoenifflimfnidggfkgbibhfiihjhphghgiheniigejggljegckmfjkngalbghlggolpcfmddmmaddncdkn", 0x4fbe9193))).Append(string.Intern(ℝ._℞("doljonckkmjkenalgnhlmmololfmommmamdndmknplbooiiolipoiigpfinpgneaemlaencbnmjbghacbkhcpjocbkfdkgmdfjdejjkenibfkiiflfpfmhggkhngihehahlhbicifhjikhajdehjheojeefkgemk", 0x43df9b8f))).Append(string.Intern(ℝ._℞("bblnabcokajoiaapkpgpeaopdafafamajmcbgmjbdmacamhcnlocklfdhlmdkaeecpkeaacfooifappfgoggepnghkehbllhjkcipjjidjajolhjmlojolfkhimkcldlglklkkbmhkimihpmjjgnhjnnfjeoniloojcpcjjphjaaaghaegoabgfbdgmb", 0x4c4fdac1))).Append(string.Intern(ℝ._℞("kbockcfdabmdjbdejbkecbbfiaifaoofnnfgknmghndhenkhbnbiomiilmpimbhjkaojkbfkdbmkmlclhojlfoamhohmalomlnfnpnmndndoankobkbpcmipamppolgaglnahmeblllbamccjijcniadkihdmiod", 0x2dcd2dd5))).Append(string.Intern(ℝ._℞("mjdfekkfajbgajigoipgggghdgnhageinflikfcjhfjjefakbfhkoeokleflbjmldjdmgjkmeibndiinohpniigoddnoofepmflpofcahcjacfabgfhbkeobhefcibmcjdddhdkdfdbencieodpecdgfhdnfaaegnalggach", 0x8845355))).Append(string.Intern(ℝ._℞("eljgemahnkhhhkohhlfifkminhdjkhkjhhbkehikbhpkoggllgnligemfglmgkcnakjnalaoojhogfoobifpphmpbidakekafhbbjhibngpbkggcldncmfedkfldifceafjebgafffhfkfofdcfghcmgncdhkckhhcbifciiobpiobgjmbnjfbekfblkdbclgajliaam", 0x60fd696f))).Append(string.Intern(ℝ._℞("ngdokhkomhbpahipcgppdggalfnaedebbdlboccclcjcicadfchdccodpbfefgmehgdfkgkfifbghfigcfpgmfghhanhcdeiadlicdcjlpijgcakkchkoboklbflmollnadmlakmjabnbaincbpngagolanoendpcokpknba", 0x1d15e329))).Append(string.Intern(ℝ._℞("jjdkhjkkjjblhiilpfplmfgmjfnmgfendflnafconejokeaphehpeeopbefacjmaaidbajkbjibccdicnfpclfgdnfndgceebfleffcfjejfgeaghbhgidoggdfhedmhmcdindkibdbjgdijppojdagkaankcael", 0x2145a34b))).Append(string.Intern(ℝ._℞("olibokpbjlgcclncfledpkldnjcemjjeehafbhhfogoflgfgigmgfgdhcgkhdlbibkiiblpikkgjdfnjohekmhlkohclhejlchamghhmkgomhgfnidmnjfdohfkoffbpneipofppcfgahfnaacebeclbbcccacjc", 0x802186c)));
if (0 == 0)
{
break;
}
goto Label_0158;

case ۾.݊.݌:
case ۾.݊.ݍ:
case ۾.݊.ݎ:
builder.Append(string.Intern(ℝ._℞("hdbadeiaddpamcgbmdnbkceccalcddcdnbjdlbaeccheiboeapefbbmfladglbkgfabhbohhgooh", 0x451c00f4))).Append(string.Intern(ℝ._℞("cjfmkimmdgdnagknnfbokfiohfpoefgpbfnpoeealelaiecbfejbceacpdhcfiochifdkimdihdehhkechbfmhifhcpfefggdfngheehielhjdcihejileajpahjhdojocfkpdmkdadlbcklcdbmocimgcpmnbgnpbnnbbeonblonacpcbjphaaanahaaboajnebeambcadceakcnmadiphdmpodapfenomekmdf", 0x3ad9c549))).Append(string.Intern(ℝ._℞("eomjnodkjokkmoblknilaopldogmmknmjkengklndkcoakjonjapkjhphjopiofagnmagodbpnkbiibcdlicblpcdlgdmhndhkeelklepjcfmjjfngagoihgmiogkifhcimhdjdihikimibjffijjfpjgfgkifnk", 0x16079ca1))).Append(string.Intern(ℝ._℞("dhmfggdgahkgagbhmdihjdphgdgiddniadejncljkcckhcjkecalbchlobolpgfmnfmmngdnggknpabokdioidpokdgpdanpoceacdlagccbdcjbeppbfbhcdbocbbfdjamdkbdeoakedbbfmnhfaoofnnfgpnmg", 0xd245c28))).Append(string.Intern(ℝ._℞("oncknnjkhnaldnhlhnolnmfmplmmcmdnhlknhmbojliomlpoilgphinpeieafnladmcbdnjbmmacfhhcakocojfdakmdjgdeejkeijbfmiifjipfkfgglhngjhehhhlhpgciaijiehajjhhjceojgefkdemkfedl", 0x485ca28e))).Append(string.Intern(ℝ._℞("lafpgampcpcampjaopabephbgoobgpfciomcloddhokdglbedliealpenkgfopnfmoegmplgfpchojjhjmaihmhijmoicjfjnlmjbmdkflkkclbldiilekplckgmaknmijenjklnnjcockjolgappghpmgopogfa", 0x4e2ff4b7))).Append(string.Intern(ℝ._℞("ndebmdlbgdccedjcgcadadhdpcodbdfefplecpcfpojfmoagjohggoogdofhgdnhobeimclikbcjmbjjcbakachkdnnknnelfnlllmcmpljmkoaniohnkoondlfoonmocodpgnkpdnbaekiafmpadmgbbmnbjleckmlcolcddmjdmiaeajhenioepiff", 0x244f13ed))).Append(string.Intern(ℝ._℞("dfkedgbfjeifcfpfcfgglengbeehjblhgbcidbjiabajnahjkaojhafkeamkffdldekldfbmmeimfpomacgnobnnaceojokoebcpibjpmaaajahaknnalpebjplbhpccpojcaabdephdjpodcmfegmmedmdffmkf", 0x765e4a0e))).Append(string.Intern(ℝ._℞("njgefknebjefbjlfpicghgjgegahbghhofohlffiifmiffdjcfkjpebkmeikcjpkejglhjnlfiemeilmphcnjijnedaopfhonfoopffpicmpdfdahfkalebbieibjbpbkdgcidncgdedocldpdceddjeidafbahfoaofhafg", 0x2d6e4656))).Append(string.Intern(ℝ._℞("pmmnpndoimkocmbpcnipamppijgafjnacjebpilbmiccjijcgiaddihdaiodbmfellmelmdfjlkfbhbgmjigkjpgmjghfgnhajeiejliiicjfijjgfakhhhkfhokdhfllgmlmhdmahkmfhbnodincepniegofenoceepaelpjdcajdjahdabadhbadobocfcbcmcdcdd", 0xbefdc8a))).Append(string.Intern(ℝ._℞("jfmhggdiigkimfbjoeijpepjhegkacnknbelkbllhbcmebjmbbanoahnlaonbffodfmogfdpeekpdebaodiaiepadpfbobnbmbecoblchobdcbjdgbaekahehaoeinefjplfhpcgfpjgnoahophhcpohhpfiammiomdjgmkj", 0xa357c15))).Append(string.Intern(ℝ._℞("hojofoaphohpfnopnkfakkmahkdbekkbbkbcojicljpcijgdfjndcjeepileaocfomjfonaghnhgaioglkfhjkmhlkdiehkipjbjdkijhjpjejgkfgnkgieleillcicmkhjmlianphhneionnefobfmooedpafkp", 0x21c6e999))).Append(string.Intern(ℝ._℞("nenmndenielnbecoeejoodapmchplcopdafaaamanpcbkpjbhpacephcbpoccegdadndaeeejdlecobfnajflaagnahggnngbafhfamhjpcigpjihmajiohjgoojeofkmnmknodlboklgobmpkimdlpmalgnpknn", 0x7d13ccfb)));
break;
}
return builder.ToString();
}

怎么办啊,郁闷
cdglynn 2010-11-12
  • 打赏
  • 举报
回复
[Quote=引用 4 楼 sd6733531 的回复:]
引用 3 楼 cdglynn 的回复:

你引用EXE中的类,然后进行序列化看看怎样

我引用了。但是里面的类型名都是乱码。是不是由于编译的时候使用了中文字符或者日文字符导致的?那我该怎么办?阅读不了
[/Quote]

可能是因为对方为了保护代码对代码进行混淆,你用reflector反编译下看看。如果混淆过我就没办法了。如果能找到是哪个类序列化得到的即使是乱码应该也可以做到,但即使是成功了属性值也很难对应出来。

你先试试看,不行就等高人吧
sd6733531 2010-11-12
  • 打赏
  • 举报
回复
[Quote=引用 3 楼 cdglynn 的回复:]

你引用EXE中的类,然后进行序列化看看怎样
[/Quote]
我引用了。但是里面的类型名都是乱码。是不是由于编译的时候使用了中文字符或者日文字符导致的?那我该怎么办?阅读不了
cdglynn 2010-11-12
  • 打赏
  • 举报
回复
你引用EXE中的类,然后进行序列化看看怎样
sd6733531 2010-11-12
  • 打赏
  • 举报
回复
二级序列化
cdglynn 2010-11-12
  • 打赏
  • 举报
回复
XML 序列化还是 二级制序列化?

110,499

社区成员

发帖
与我相关
我的任务
社区描述
.NET技术 C#
社区管理员
  • C#
  • Web++
  • by_封爱
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告

让您成为最强悍的C#开发者

试试用AI创作助手写篇文章吧