mm10121991 Posted September 27, 2012 Posted September 27, 2012 (edited) hellothis is a new winlicense 2.1.3 unpackme with HWID lockbut not like other because of ring 0 licensing managementgood luck on itWLK.rar Edited September 27, 2012 by mm10121991
LCF-AT Posted September 27, 2012 Posted September 27, 2012 Hi,here my unpacked and a Inline file.If the unpacked file does not work on your system maybe then run the other InLine file.Just test and tell whether its working for you.PS: The InLine file also need the WLK.dat in the same folder to run.greetzWLkeygenme HWID RISC Unpacked and InLinePatched x2.rar 5
mm10121991 Posted September 27, 2012 Author Posted September 27, 2012 wow nice work !!how did you that ??i thought all licensing management is moved to ring0i didn't thought that it will be solved at least not so fast like this since ring0 protections are always quite hardnice work again LCF-AT.
quosego Posted September 30, 2012 Posted September 30, 2012 (edited) It's easy. There aren't any antidumps. And my old methods work fine.005B7734 509591BE ¾‘•P should be 333370D5 is_reg dword_100416737 098B42B9 ¹B‹. Is_reg dword_2Set them when the VM checks for correct licensing. @006E0134 ^\E9 9786FFFF JMP 006D87D0It's not moved to ring0.. It's still where it used to be..My VM interpreter output:CMP ECX,EDX || EAX; 00000106, ||| ECX; 509591BE, ||| EDX; 333370D5, ||| EBX; FF926301, // As you can see the correct value is 333370D5CMP ECX,EDX || EAX; 00000106, ||| ECX; 098B42B9, ||| EDX; 2A3B16EF, ||| EBX; FF926101, // Checks which error occured. (HWID in this case) if it passes this'll be skipped.CMP ECX,EDX || EAX; 00000106, ||| ECX; 098B42B9, ||| EDX; 41B0E024, ||| EBX; FF925E01,CMP ECX,EDX || EAX; 00000106, ||| ECX; 098B42B9, ||| EDX; 4B89D694, ||| EBX; FF925C01,Attached is a proper inline not using a loader. And only a 3 dword patch which is at the ep so people can investigate it. It does require the license. Also removed the EP obfuscation for clarity. Also it doesn't crash if the license is removed.regards,q.inline.rar Edited September 30, 2012 by quosego 2
Sean Park - Lovejoy Posted February 3 Posted February 3 (edited) On 9/30/2012 at 11:45 PM, quosego said: 005B7734 509591BE ¾‘•P should be 333370D5 is_reg dword_1 00416737 098B42B9 ¹B‹. Is_reg dword_2 Set them when the VM checks for correct licensing. @ 006E0134 ^\E9 9786FFFF JMP 006D87D0 Hello, everyone. Does anyone know how to find is_reg dword_1 and is_reg dword_2 addresses? Many thanks in advance. Regards. sean. Edited February 3 by windowbase editing some words. 2
Sean Park - Lovejoy Posted February 10 Posted February 10 On 2/4/2024 at 6:51 AM, windowbase said: Hello, everyone. Does anyone know how to find is_reg dword_1 and is_reg dword_2 addresses? Many thanks in advance. Regards. sean. View this video that shows you how to bypass hardware id lock of this application. Video_2024-02-05_223734.mp4 Regards. sean. 1
kuazi GA Posted September 10 Posted September 10 (edited) On 2024/2/11 at AM4点03分, The Binary Expert said: 观看此视频,了解如何绕过此应用程序的硬件 ID 锁。 Video_2024-02-05_223734.mp4 33.73 MB · 0 次下载 问候。 肖恩。 Actually, there's also a quick bypass: just modify a single byte from 00 to 01, no need to check Edited September 10 by kuazi GA 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now