Dumping text from a NSString in memory

The solutions to the crackmes in this blog would not have been possible without finding a solution to a common problem: If I have a NSString pointer in a register (let’s assume $eax), is there a way to find the location in memory to the string characters in a certain encoding ? This was a problem because many times in the crackmes we have a trivial [isEqualToString:] operation going on, and we want to know what strings it is actually comparing. [Read More]

Keygenning Sandwich crackme

I had a very pleasant time reversing this crackme, so I decided to share my experience with it. You can find the crackme this article covers at this link. When launched, it shows as simple interface that let you only specify a serial number: First of all, we type something random in the serial field, to make the crackme display to us the usual error: Now, it is the time to open the executable in a disassembler. [Read More]