Reverse Dxtory

It’s been a while since reversing of .NET applications began. I still remember the first tutorials on the subject and the first targets for which changing a few bytes with an hex editor was enough to fully remove the restrictions from. So much has changed: developers of both software and protections made the reversing process increasingly complex and time-consuming; however, from the reverse engineering side, capable and willing individuals wrote increasingly powerful tools that allow us to continue focusing on those few bytes to patch. ?

Occasionally, however, Reflector decompiled code allows us to remove only a portion of the limitations targets we are working on exhibit, and we are therefore forced to get our hands dirty with native code to complete our mission. One of these programs is Dxtory, which is currently at version 2.0.110.

Tools & Files

  • Tutorial attachment
  • RedGate Reflector and its Reflexil plugin (at v.1.3 at the time of writing)
  • De4Dot to deobfuscate our .NET executable
  • CFF Explorer
  • Your favorite hex editor (I’ll use the free HxD editor)
  • Mono.Cecil and Public Key Injector (should be attached to this tutorial)
  • Reter Decompiler
  • OllyDbg 1.10 with Multimate Assembler plugin
  • A DDS image viewer (optional, I used IrfanView version 4.25)
  • A small Direct-X app which you can test the program onto. I found a nice and tiny one, FractalDemo.exe, here
  • A brain in working order, as usual 😉

Target

Dxtory is basically a program that lets you take snapshots or video clips from Direct-X applications, primarily games, even at full screen mode. Allegedly, unlike other applications with the same purpose, it doesn’t slow down the gameplay experience and therefore it guarantees better performances and results.

Essay

PDF: English or Italian

Final Notes

First of all I must say thank you to lena151: if it were not for her amazing tutorials I would never entered the world of reverse engineering. You’re great Lena!

A warm greeting to the friends of UIC (quequero, sparpacillon, PnUic, Quake, phobos, tonymhz, ecc.), to [email protected] team and forum guys (Kurapica, whoknows, revert, 0xd4d, romero, yck1509, kao, bball0002, CodeCracker, ecc., the .NET gurus), to ARTeam crew (Nacho_Dj, Shub Nigurrath, Ghandi, Nieylana SunBeam, deroko, …) and to all people I “encounter” everyday browsing tuts4you, eXeTools, Appznet, ecc. boards … eventually I’ll end up forgetting someone 😀

Greetings to JeRRy (SnD) who was the first one who asked me a mini-tut for the previous revision of this target … I’m a bit late, I know, but better late than never, right? 😛 Special thanks to sparpacillon who often wastes quite a bit of his free time chatting with me about reversing; he also accepted to read and make readable this tutorial’s beta version … thanks again mate!. A thank you also to Mr.eXoDia who made me enter the Armadillo Keygenning world: he shared with me what he knew and had discovered.

Thank you also to all the friends at the SnD Requester Board; wihtout a specific order: Baxter, quosego, willie, deepzero, Snake, Vepergen, apuromafo, MasterUploader, qpt, JohnWho, PeterPunk, Silence, DisArm (a real pity he decided to leave the board), … even here I forgot someone for sure, don’t hate me for that. In conclusion, I thank all the persons I can, luckily for me, call friends: thank you all for your continued support and motivation that helps me advance, in small steps unfortunately, at/in our wonderful hobby.

Finally, thanks to all of you who had the guts to reach the last page of this tutorial 😛

Tonyweb