Inyectando codigo en aplicaciones de AMS

Puedes encontrar todo tipo de tutoriales y manuales referentes a AMS
Hola chavales, veo que ultimamente hay interes en reventar programas y yo como buen troll me veo en la obligacion de publicar al respecto.

Os he montao un videotutorial de como realizar un ataque XBI (Cross-Build Injection) o lo que es mas facil, injertar codigo en otras aplicaciones.



Como veis me he servido del programa SubT de Metafunken para hackearlo e insertarle un simple dialogo, que podria ser cualquier cosa.

Como el video esta subiendose paso a compartir con vosotros una bonita letra de una cancion que estoy escuchando:
Un policia se desangra
Alguien le vacio las entrañas
y escupio sobre su placa AAA
QUE SE JODA!

Un picoleto que agoniza
Varios punkis le han hecho trizas
Ha sido una bruta paliza AAA
QUE SE JODA!

...

me interesa la letra jejejeje lo como vas fumao no se ve na XD

Jo Pablo... De una cosa estoy segurisimo:

Como Santa Claus no sobrevives, te carga el payaso por aguafiestas (aguafiestas en mi pais significa o se le dice a alguien que le quita el "chiste o la gracia" a alguna cosa, te lo pongo para que no me vayas a suspender)... :)

Saludos ;)

:lol:

Dejo tambien manual resumen en ingles:

XBI Attack to AMS compiled app
Cross-Build Injection (in source code)

Tools you will need:
  • AMS Password Tool
  • HxD Hex editor or similar
Description, Objetive

Finding the source code of an AMS app is so easy, so let step right in a little deeper. We're going to inject source code into some app.

As you know, all source code for apps resides in file _proj.dat protected into autorun.cdd file that its just a zip. This project file is a binary distribution, so it have {code} and strings. I cannot figure out yet how this is processed but im working on that. At this time, I can tell that the {code} at starts and ending of a string delimitates the string size, so if you want to inject code you should replace some code with the exact number of characters of this string, but XBI is here for help us!

You will need to compile another app with the code portion in you want to inject code, wrte out your code and compile & get source _project.dat, so now youre able to merge this region in the original app and now you have injected source code.

Seteps

1- Use AMS Password Tool to get the source code, if password not working, check if there are characters in password that are not able to being copied by the clipboard, so you must unzip it by a custom app, or try to check if app is packed by the author (use RDG Packer Detector) and unpack it with proper unpacker.

2- Get the portion of code in you want to inject and create a new project, write out some code and compile it, get the _proj.dat too.

3- Merge the regions using this pattern, {previous string}{code xxxxx}{source code}{code xxxx}{next string} for example "On Startup++++++++++++++++Dialog.Message('DEMO','THIS IS A DEMO VERSION')+++++++++++On Shutdown" (+ are any unicode characters)

Just copy that area with your hex editor and replace in the project that you want to patch, this will work properly.

4- Zip back the patched _proj.dat and enjoy!

This method is able to change lua source code and objects data, full control.

Ready to test, CrackMe!

Here is a little app that includes a minimal protection, remove it. If you can you will have a Hacker badge on this forum!

Download: http://puu.sh/4jEiz.rar

Happy Hacking

Hey Pabloko, here we we have it

HIDE: ON
Hidebb Message Hidden Description



:pc:

:) :) :) :) :)

I, Pabloko I of Pyongyang, king of Uganda, in the name of her majesty Isabel II from High England territories, write this words to condecorate Sir Patch king of Blackpool with the higest possible honor in Hacker army.

You won the Golden Beer Insignia, made from preciuos shit of unicorn and Hacendado's Gluten.

Its an honor to let you enter in the Butter Castle of AMSLand. Spray your angry to all enemies of our cause and defeat all those support them.


Imagen

eres el diablo :) :) :) :)

:) :) :) :) :) :) :)

PMSL, Thanks Pabloko you have just made my day, need a good giggle in the morning.

:yeah:

Genial voy a hacer un crack para esto http://amsspecialist.com/viewtopic.php?f=3&t=1869

LOL :lol: :lol: :) :) :) :)

Re:

Thedary escribió:Genial voy a hacer un crack para esto http://amsspecialist.com/viewtopic.php?f=3&t=1869

LOL :lol: :lol: :) :) :) :)
asi me gusta

manda pra mim
thnksssssssssssss

Re:

patch escribió:
01 Oct 2013 20:48
Hey Pabloko, here we we have it

HIDE: ON
Hidebb Message Hidden Description



:pc:
:google: :sorry: :youdontsay-1417757028:
Thank you
Gracias
Gracias