Posted August 22, 201015 yr Hello all masters.Here we have an unpackme file that was protected with Hefaz Protector 1.8.0 ( Hefaz is a persian Protector ) , I have enabled all standard option to protect test file with std option ( no more difficulty ), please try to unpack it.Thanks.Best Regards.Note:The main application was protected with VMProtect. Edited October 5, 201014 yr by Gladiator
August 22, 201015 yr Note:The main application was protected with VMProtect.Well, if you're using VMProtect then its not exactly a test of the other 'protector' now is it?HR,Ghandi
August 22, 201015 yr Author Note:The main application was protected with VMProtect. Well, if you're using VMProtect then its not exactly a test of the other 'protector' now is it? HR, Ghandi No there is no test of VMProtector , one of the hefaz exploits is trace of x86 code to find something be useful to unpack , here used code mutation to block it. you would test other way to unpack it.there is no difficulty about VMProtector . Thanks. Best Regards.
August 22, 201015 yr Forum Role: a CrackMe MUST be compiled of your OWN code. If it is a commercial target or of someone else's work you WILL be banned for crack requesting.this also covered about UnPackMe.you want to Publish Hefaz as Comercial Protector , but:You used VMProtect its mean you cant protect yourself from Reverse engineering you used others protector to make it difficult to analyse your protector.so when you dont trust yourself about protect you protector, how you can speak about protecting others target for e.g UnPackMe.-----------------------------------------------------------------------------one of the hefaz exploits is trace of x86 code to find something be useful to unpack here used code mutation to block it>>there is no difficulty about VMProtector***************************************************************************you told VMProtect implemented to block one of HeFaz Vulnerability, but there is no difficulty about Using VMprotect. so why you used it?Regards Edited August 22, 201015 yr by Raham
August 22, 201015 yr Author Forum Role: a CrackMe MUST be compiled of your OWN code. If it is a commercial target or of someone else's work you WILL be banned for crack requesting.this also covered about UnPackMe.you want to Publish Hefaz as Comercial Protector , but:You used VMProtect its mean you cant protect yourself from Reverse engineering you used others protector to make it difficult to analyse your protector.so when you dont trust yourself about protect you protector, how you can speak about protecting others target for e.g UnPackMe.-----------------------------------------------------------------------------one of the hefaz exploits is trace of x86 code to find something be useful to unpack here used code mutation to block it>>there is no difficulty about VMProtector***************************************************************************Regardsabout your note accross roles i can't accept you , becuase in this thread we have so many topics that was unpackme ( Protected with Enigma , WL , TM or ... ) but if you say all the unpackmes should be protect with own shell engine please first delete all this topics !and about trust and ... for Hefaz protector , i sad VMProtector have nothing to fear about it's difficulty and i used it to block code trace and newbie crackers , i think you are professional so try to remove VMProtect ( it's easy to you ) and unpack second shell.you told VMProtect implemented to block one of HeFaz Vulnerability, but there is no difficulty about Using VMprotect. so why you used it?There is so many troubles for Newbi Crackers and no difficulty for professionals like you , so don't worry about it , here we have some thing to learn , please stop your Obsession and share you'r information.I think Treat about roles and VMProtector used is so Futile , please stop off topics ( Raham ) and try to fix unpackme.I hope all the masters excuse me and help to unpack this stuff.Thanks.Best Regards. Edited August 22, 201015 yr by Gladiator
August 22, 201015 yr There is so many troubles for Newbi Crackers and no difficulty for professionals like you , so don't worry about it , here we have some thing to learn , please stop your Obsession and share you'r information.I think Treat about roles and VMProtector used is so Futile , please stop off topics ( Raham ) and try to fix unpackme.I hope all the masters excuse me and help to unpack this stuff.One major difference with the unpackme's posted that are using commercial protectors... They have it in the title of the unpackme and it is a major part of the unpackme. You're trying to tell me you're blocking a vulnerability in 'your' protector code with a commercial protector like VMProtect (which is just cake to reverse now, isn't it...) plus you have the audacity to try to gloss over it with a greyed out line of text (in your first post) or brushing it aside as if it is a simple wrapper...HR,Ghandi
August 22, 201015 yr Author One major difference with the unpackme's posted that are using commercial protectors... They have it in the title of the unpackme and it is a major part of the unpackme. You're trying to tell me you're blocking a vulnerability in 'your' protector code with a commercial protector like VMProtect (which is just cake to reverse now, isn't it...) plus you have the audacity to try to gloss over it with a greyed out line of text (in your first post) or brushing it aside as if it is a simple wrapper... HR, Ghandi I am sorry about it , i had to say it first that i used commerical protector for more security but i have not any Purpose for cheating. VMProtect minimum SDK used to just block newbi level crackers for cover this exploit , in the next version this vulnerability will be fixed. Thanks for time you spend. Best Regards. Edited August 22, 201015 yr by Gladiator
August 22, 201015 yr Hias same as Ghandi noted, the Engima/Vm/Tm/WL unPackMe on this forum is entitled with their name!for example a few topic below you can see Engima UnPackMe 2.05 by LCF-At:it called Enigma UnPackMe and its just ENIGMA, she/he didnt protect ENigma Protected file with VMProtect for covering Enigma dark points!------------------About fixing your vulnerability, as i can remember hefaz 1.0 til 1.8 had been protected with VMProtect >> you didnt covered you Vuln.Actually im not pro as you know. and this is not OffTopic as i & others know.if you want, ok i will not post any thing.Note: your UnPackme dont work on my PC.Good Luck Edited August 22, 201015 yr by Raham
August 22, 201015 yr Author Hias same as Ghandi noted, the Engima/Vm/Tm/WL unPackMe on this forum is entitled with their name!for example a few topic below you can see Engima UnPackMe 2.05 by LCF-At:it called Enigma UnPackMe and its just ENIGMA, she/he didnt protect ENigma Protected file with VMProtect for covering Enigma dark points!This unpackme is not a challenge , this is just a test so i covered my vulnerability with VMP to test it now not a mouth later.About fixing your vulnerability, as i can remember hefaz 1.0 til 1.8 had been protected with VMProtect >> you didnt covered you Vuln.It's not true , how you say this , did you buy it ?????? Edited August 22, 201015 yr by Gladiator
August 22, 201015 yr Hi,here my unpacked file.Test it.The protector need a lot time to start!The protector has a very bad realtime access!VERY SLOW! <-- VERY BAD!greetzUnpackMe_Hefaz_1.8.0_Unpacked.rar
August 22, 201015 yr Author Thanks Dear LCF-AT but your unpacked file did not work and did not unpacked completely.
August 22, 201015 yr Hi, I have not fixed all int3 commands.Just so many til it starts and works correctly on my system.Maybe I fix the rest later then it should also work for you. Anyway,all in all its a bad protection and the author does not win a flowerpot for this! greetz
August 22, 201015 yr Author I have not fixed all int3 commands.Just so many til it starts and works correctly on my systemThanks again Dear LCF-AT but Without fixing int3 sections unpacked file make crash on all the systems.hefaz is growing and i promise i will fix problems like speed and eth.Thanks for spending your time on my unpackme , i will wait for full unpacked application.
August 23, 201015 yr Author Eset detects it as a virus , you should fix this problem first In the new version of Eset this problem has fixed , just old version also detect it as riskware. you can get newer version from Eset website , update don't effects.
Create an account or sign in to comment