darkshark Posted November 16, 2010 Posted November 16, 2010 (edited) hello guys, I can understand if you do not want to help me but ...I have a program that it uses hardware ID to generate a license, similar to armadillo...however, a larger it is based on the network card for hardware-fingerprint ...I know this because when I change the MAC address, it also changes the hardware-fingerprint ... only it is not only that, but when I try to log in via wifi or cable, hardware id changed and I can not login ....when I change the MAC address of a network card, the hardware-fingerprint changes, but even if I put the two MAC addresses match, the hardware id is never the same ...you will be able to understand?I was wondering how it obtained the hardware-fingerprint in order to use it with wi-fi and also on cable!I tried to use OllyDbg to get the hardware id, but he is well compacted, and my assembly knowledge is not enough to unpack this program!if someone can give me a hint I would greatly appreciate it!thanks!edit:here's the program!/>http://www.mediafire.com/?d8jno93w3d6imds Edited November 16, 2010 by darkshark
EvOlUtIoN Posted November 16, 2010 Posted November 16, 2010 well i don't know why the hardware fingeprint seems like armadillo one, but the main exe has undoubtely a vmprotect wrapper. We will not crack it for you of course. Try to make something with tutorials and scriptr from lcf-at and post your results.
darkshark Posted November 17, 2010 Author Posted November 17, 2010 ok, thank you for answering!I read the tutorials and try to break it!is so good that I learn more about assembly, and then I will not need much more help!hehethanks!
darkshark Posted January 3, 2011 Author Posted January 3, 2011 i trying open with ollydbg and i giving this error:Module 'NeoBot' has entry point outside the code (as specified in the PE header). Maybe this file is self-extracting or self-modifying. Please keep it in mind when setting breakpoints!if i dont open the file, how to i unpack it to get a breakpoint?sorry for my 'noob' question!
Nacho_dj Posted January 3, 2011 Posted January 3, 2011 That's not a problem at all, it's just a warning about the target you are debugging. It informs you that it is probably packed since its OEP is not at the normal section, that is, code section. Push OK and keep debugging it normally...Best regardsNacho_dj
Nacho_dj Posted January 3, 2011 Posted January 3, 2011 (edited) Ok, but that is not Olly's fault... Probably you are facing a protection that detects your debugger and closes itself. VMprotect does exactly that.There exist tricks for hiding your debugger against the protection. Use search engine in this board to get more specifical details on the matter...Btw, try this workaround: launch the target, and when running, attach with your debugger. This doesn't work for latest VMProtect version, though, but yes for previous versions.RegardsNacho_dj Edited January 3, 2011 by Nacho_dj
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now