Jump to content
Tuts 4 You

WinLicense v3.1.3.0 x86 (All Protection Options)

boot

By boot
in UnPackMe

 Share
Go to solution Solved by TRISTAN Pro,

Recommended Posts

X0rby

X0rby

Posted
Posted (edited)

Correct password a123-b567-2023!

OEP RVA :  55A4

MEP RVA  : 59CC

Module

IAT FIXED COMPLETELY

I suggest using a no-console application as an unpackme. 

DD.PNG.527ff9dff68d5ba6fe8085bf9fbf69df.PNG0ure.PNG.bdb152d11358e00f182d269dc4f36f56.PNG

Edit 2 : Added the FILE.

Keep Crying.exe

Edited by X0rby
added module entry point for the HATER, to make him keep crying
  • Like 2
  • Thanks 1
  • Replies 88
  • Created
  • Last Reply

Top Posters In This Topic

  • Sean the hard worker

    35

  • TRISTAN Pro

    10

  • boot

    10

  • X0rby

    8

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

TRISTAN Pro
TRISTAN Pro

Tutorial for winlicence(This target): This tutorial work only for themida latest version,learn from @quosego and @LCF-AT . Load the target in ollydbg(I have made tutorial Here  for configura

kao
kao

@TRISTAN Pro: The point of the forums is to enable other people to learn about the protections and unpacking. When you post just an unpacked file, nobody learns anything. Would you please be so k

boot
boot

View File WinLicense v3.1.3.0 x86 (All Protection Options) UnpackMe - WinLicense 3.1.3.0 x86 Full Protect HWID Lock + Entry Point Virtualization + Etc... HWI

Posted Images

Teddy Rogers

Teddy Rogers

Posted
Posted

For those of you having a rant with each other, please take it up via PM.

Posts removed, please stay on topic.

Thank you...

Ted.

  • Thanks 2
TRISTAN Pro

TRISTAN Pro

Posted
Posted
7 hours ago, Teddy Rogers said:

For those of you having a rant with each other, please take it up via PM.

Posts removed, please stay on topic.

Thank you...

Ted.

Ok thank yuo admin.👍

Bidasci

Bidasci

Posted
Posted
On 4/26/2023 at 1:13 AM, X0rby said:

Correct password a123-b567-2023!

OEP RVA :  55A4

MEP RVA  : 59CC

Module

IAT FIXED COMPLETELY

I suggest using a no-console application as an unpackme. 

DD.PNG.527ff9dff68d5ba6fe8085bf9fbf69df.PNG0ure.PNG.bdb152d11358e00f182d269dc4f36f56.PNG

Edit 2 : Added the FILE.

Keep Crying.exe 219 kB · 3 downloads

Can you please create a video guide on how you were able to unpack this using x64dbg? Thank you!

  • 3 weeks later...
badc0der

badc0der

Posted
Posted
On 4/26/2023 at 10:13 AM, X0rby said:

Correct password a123-b567-2023!

OEP RVA :  55A4

MEP RVA  : 59CC

Module

IAT FIXED COMPLETELY

I suggest using a no-console application as an unpackme. 

DD.PNG.527ff9dff68d5ba6fe8085bf9fbf69df.PNG0ure.PNG.bdb152d11358e00f182d269dc4f36f56.PNG

Edit 2 : Added the FILE.

Keep Crying.exe 219 kB · 11 downloads

How did u bypass themida anti debugger for x32dbg? i can't find a solution for x32dbg, i use OD wit StrongOD and Scylla. Can u share some info how to unpack this version? woud be really nice. Thanks.

  • 3 weeks later...
TRISTAN Pro

TRISTAN Pro

Posted
Posted

@boot Can yuo upload the real target please?without protection for learning something if yuo can thanks in advanced.

And source code for creating loader for TMD or VMP?

  • Like 1
Sean the hard worker

Sean the hard worker

Posted
Posted (edited)

isn't it possible to just bypass hwid ?

your solution is whole unpack .

i just wanted to bypass hw license checking.

anyway good job.

how did you solve this? can you describe details for us ?

sean.

 

Edited by windowbase
Sean the hard worker

Sean the hard worker

Posted
Posted

When i try to do Tristan pro's way, I get the debugger found message.

though I set up plugin as like this.

 

boot

boot

Posted
  • Author
Posted
40 minutes ago, windowbase said:

When i try to do Tristan pro's way, I get the debugger found message.

though I set up plugin as like this.

For x64Dbg, Just try to remove ScyllaHide plugin and set SharpOD 0.6d  plugin likes this...

2023-06-16_173238.jpg.306c4cf01807c70a2ff11cd8b9c1ece2.jpg

  • Thanks 1
Sean the hard worker

Sean the hard worker

Posted
Posted (edited)

okay, many thanks. and so many stopping at the compare commads, do I have to manipulate values manually?

Tristan Pro said to automate the process, inlining. how do I inline codes in the block?

sean.

Edited by windowbase
boot

boot

Posted
  • Author
Posted (edited)

You should find CMP_ADDRESS and modify it... This is similar to how x86 is handled, so you'll need to try it yourself.

EDIT:

You need to download and refer to Tristan Pro's tutorial, x64 is similar to x86, and you need to add the "Multiline Ultimate Assembler" plugin to x64dbg...

Your target does not HWID_Lock my computer, it can run directly, and unpack is possible, so I do unpack...

I remember there was a download link on this topic. Please contact the uploader for a backup of the tutorial...

Edited by boot
Add...
  • Like 1
Sean the hard worker

Sean the hard worker

Posted
Posted

like this? mov edx,edi ?

sean.

11 minutes ago, boot said:

You need to download and refer to Tristan Pro's tutorial, x64 is similar to x86, and you need to add the "Multiline Ultimate Assembler" plugin to x64dbg...

can you link Tristan Pro's tut address?

Sean the hard worker

Sean the hard worker

Posted
Posted

I just wanna bypass other target's hwid lock. can you link the address ? any Tristan Pro's video tut or document tut are there ?

sean.

X0rby

X0rby

Posted
Posted

My 3rd challenge in this thread...😏

Unpacked.

Original Size restored. 107kb

Better_Size.exe

  • Like 1
Sean the hard worker

Sean the hard worker

Posted
Posted
1 minute ago, X0rby said:

My 3rd challenge in this thread...😏

Unpacked.

Original Size restored. 107kb

 

Good job. @X0rby.

  • Thanks 1
boot

boot

Posted
  • Author
Posted
4 minutes ago, windowbase said:

I just wanna bypass other target's hwid lock. can you link the address ? any Tristan Pro's video tut or document tut are there ?

sean.

The tutorial link has been removed, you need to re-contact the uploader to get the backup of the tutorial...

Sean the hard worker

Sean the hard worker

Posted
Posted
25 minutes ago, boot said:

I remember there was a download link on this topic. Please contact the uploader for a backup of the tutorial...

okay.thanks.

X0rby

X0rby

Posted
Posted (edited)

Sean, go PM I'll help you with somethings..

Edited by X0rby
Sean the hard worker

Sean the hard worker

Posted
Posted

I upload this locked to others version but i wonder why i can't run this in my machine either.

Winlicense test.zip

sean.

TRISTAN Pro

TRISTAN Pro

Posted
Posted
2 hours ago, boot said:

The tutorial link has been removed, you need to re-contact the uploader to get the backup of the tutorial...

As I said my laptop was broken,so I don't have any script and all my data was disappear so I don't have even one.

So may be someone send it to me and I will attach it or check my tutorial in text Here just ask to someone upload asm.txt and yuo will get it.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...