freddy Posted January 16 Posted January 16 On 11/29/2023 at 9:15 AM, boot said: The package for v3.85 has been leaked, unfortunately still lacking passwords. Is this still doable as you said before with RSA-N pulling from RtlAllocateHeap? Seems like whenever i put breakpoint on CriticalError im instantly getting kicked out. 1
Gugabf Posted January 29 Posted January 29 On 6/26/2023 at 11:36 AM, 2lht_love said: 😄 Bypass_HWID_VMP.mp4 5.14 MB · 0 downloads Solution published? 1
New Year - New Mind Posted Tuesday at 11:13 AM Posted Tuesday at 11:13 AM Hello, everyone. Try to do this bypass and runme challenge. If you do it successfully, post the screenshot please. VMProtect MY PC HWID LOCKED hashgen.vmp.zip Regards. sean. 1
boot Posted Tuesday at 01:50 PM Author Posted Tuesday at 01:50 PM 2 hours ago, New Year - New Mind said: Hello, everyone. Try to do this bypass and runme challenge. If you do it successfully, post the screenshot please. VMProtect MY PC HWID LOCKED hashgen.vmp.zip 7.21 MB · 0 downloads Regards. sean. Spoiler 1
New Year - New Mind Posted Tuesday at 01:52 PM Posted Tuesday at 01:52 PM (edited) 2 minutes ago, boot said: Hide contents @boot Fantastic!!! How did you do it? Can you reveal your method? Regards. sean. Edited Tuesday at 01:52 PM by New Year - New Mind
boot Posted Tuesday at 01:57 PM Author Posted Tuesday at 01:57 PM Just now, New Year - New Mind said: method? This method has some limitations... Spoiler 1
New Year - New Mind Posted Tuesday at 02:18 PM Posted Tuesday at 02:18 PM 18 minutes ago, boot said: This method has some limitations... Hide contents @boot Does your method work also to this? Your picture above is different from mine even though the RVA is same as yours. hashgen.vmp.hwid.lock.zip Regards. sean.
StarrySky Posted Tuesday at 03:29 PM Posted Tuesday at 03:29 PM There are still many ways to bypass it 1
Gugabf Posted Tuesday at 11:19 PM Posted Tuesday at 11:19 PM @New Year - New Mind Could you post the steps to bypass hwid in this case? I have a target with VMP HWID locked to one of my computer and i wanna try to bypass it. I can debug it with x64dbg on the hardware that is locked to. 1
New Year - New Mind Posted Wednesday at 01:57 AM Posted Wednesday at 01:57 AM 11 hours ago, New Year - New Mind said: @boot Does your method work also to this? Your picture above is different from mine even though the RVA is same as yours. hashgen.vmp.hwid.lock.zip 7.62 MB · 10 downloads Regards. sean. Regards. sean.
New Year - New Mind Posted yesterday at 03:48 AM Posted yesterday at 03:48 AM On 2/19/2025 at 12:29 AM, StarrySky said: There are still many ways to bypass it @StarrySky How to do it? Regards. sean.
New Year - New Mind Posted yesterday at 04:43 AM Posted yesterday at 04:43 AM (edited) On 2/19/2025 at 12:29 AM, StarrySky said: There are still many ways to bypass it @StarrySky Can you make this serial locked one run? I have zipped a wrong serial.txt and protected executable to make a challenge. hashgen.vmp.serial.locked.zip If you edit the first character of the serial.txt file, this executable will run. or you have to find the test and conditinal jump instructions which are virtualized after VMProtectSetSerialNumber function. this function returns 2 which means that the serial is invalid, when it returns 0, this executable will run. And I have a question about how to use a vmprotect feature. I protected a procedure called "OnBnClicked..." with the options above. and when I clicked the button when it runs, its shows this message and is terminated. how to use this option properly? Regards. sean. Edited yesterday at 06:18 AM by New Year - New Mind
HostageOfCode Posted yesterday at 06:40 AM Posted yesterday at 06:40 AM (edited) 1 hour ago, New Year - New Mind said: @StarrySky Can you make this serial locked one run? I have zipped a wrong serial.txt and protected executable to make a challenge. hashgen.vmp.serial.locked.zip 7.63 MB · 0 downloads If you edit the first character of the serial.txt file, this executable will run. or you have to find the test and conditinal jump instructions which are virtualized after VMProtectSetSerialNumber function. this function returns 2 which means that the serial is invalid, when it returns 0, this executable will run. And I have a question about how to use a vmprotect feature. I protected a procedure called "OnBnClicked..." with the options above. and when I clicked the button when it runs, its shows this message and is terminated. how to use this option properly? Regards. sean. https://forum.tuts4you.com/topic/44928-vmprotect-web-license-manager-v214 Edited yesterday at 06:41 AM by HostageOfCode 1
New Year - New Mind Posted yesterday at 08:26 AM Posted yesterday at 08:26 AM (edited) 2 hours ago, HostageOfCode said: https://forum.tuts4you.com/topic/44928-vmprotect-web-license-manager-v214 @HostageOfCode Is this option implemented with the vmp license manager that you linked? Regards. sean. Edited yesterday at 08:51 AM by New Year - New Mind
StarrySky Posted yesterday at 11:57 AM Posted yesterday at 11:57 AM 7 hours ago, New Year - New Mind said: @星空 您能让这个序列锁定一次运行吗?我已经压缩了错误的 serial.txt 和受保护的可执行文件来进行挑战。 hashgen.vmp.serial.locked.zip 7.63 MB · 5 次下载 如果你编辑了serial.txt文件的第一个字符,这个可执行文件就会运行。或者你必须找到在VMProtectSetSerialNumber函数之后虚拟化的测试和条件跳转指令。这个函数返回2,这意味着序列无效,当它返回0时,这个可执行文件就会运行。 我有一个关于如何使用 vmprotect 功能的问题。 我使用上述选项保护了一个名为“OnBnClicked...”的过程。当我单击运行时的按钮时,它会显示此消息并终止。如何正确使用此选项? 问候。 肖恩。 Regarding your question, I have conducted a detailed analysis and recorded it for your reference Or conduct your own research to bypass it 1
New Year - New Mind Posted yesterday at 12:24 PM Posted yesterday at 12:24 PM @StarrySky Can you please post a video if you successfully make it run? Regards. sean.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now