Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Unpackme] WinLicense v2.2 x64

Aguila
Aguila
in UnPackMe

Featured Replies

Posted

Are you tough enough to break this?


 


WinLicense with lowest possible protection options.


 


Standard Virtual Machine: TIGER64 (Red)


UnpackmeWLx64.rar

Doesn't seem like a tough challenge, but I didn't do anything with a VM...

Greetings

UnpackmeWLx64_dump_size_SCY.rar

    •
    • Like 3
    • Author

    ok nice, thanks. Maybe I disabled too much options.


     


    Here is another unpackme with all standard settings. TIGER64 (Red)


    WLUnpackmeStandard.rar

    Restoring the imports was possible, because there were only two (and I unpacked the other file). I couldn't do it when there were more virtualized imports...

    Bypassing the debug detections was easy :) I just used TitanHide (+ 'dbh' command, which does basic PEB hiding).

    Greetings,

    Mr. eXoDia

    EDIT: attached file

    WLUnpackmeStandard_dump_new_size_SCY.rar

    Edited by Mr. eXoDia

    • Like 2
    • Author

    Very nice! I didn't expect that.


     


    And here is some max protection sample. Ultra anti-debug, will your TitanHide work? :showoff:


     


    TIGER64 (Black)


    WLUnpackmeMax.rar

    Edited by Aguila

    After some plugin writing...

    WLUnpackmeMax_dump_size_SCY.rar

    •
    • Like 4

    Hi Aguila :


    thanks for unpack test file ,but I think it is not a big deal :sorry:   For the first unpack me.


    2 steps to unpack it just :sweat:


    here a tut on how to unpack by IDA 6.1


    https://drive.google.com/file/d/0B402C-bcZm3lNG01Q29VMXpWSzA/edit?usp=sharing


     


    For me I solve the first one ,other file which need to work with hide debugger on x64 , I think I need more practice :smartass: .


     


    I think Mr. eXoDia is rocker in x64 now :yes:


    Edited by ahmadmansoor

    • Like 4
    • Thanks 1

    here is attached 


     


    UnpackmeWLx64ByIda.rar


     


    Ps: this is ahmadmansoor unpacking tut


    Edited by Dreamer

    • Like 1
    • Author

    Thanks for the tutorial ahmadmansoor.


     


    Most people will not be able to do this, because they don't have OllyDbg and Olly Script ;-)


    Hey,

    I'll also make a small tutorial for the stronger protections (especially restoring the imports)

    Greetings

    •
    • Like 7
    • 3 weeks later...

    Sorry, I can not check this tutorial.
    What plugin for IDA should be used?
    image.png

    @ChVL:try TitanHide (see my signature), then do a simple PEB patch and you're good. You can also try IDAStealth


     


    Greetings


    Mr. eXoDia,

    Thank you very much! I will try...

    I looked IDASealth, but it only for x32.

    • 10 months later...

    If I keep resurrecting old threads perhaps I'll become a necromancer even better than Sauron :P


    WLx64 2.2 MUPed.7z

    •
    • Like 3

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.