Jump to content
View in the app

A better way to browse. Learn more.

Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Featured Replies

Posted

WinLicense v3.1.3.0 x64 (Bypass Without Unpacking)

License User Details

User Name=2days Tuts4you
Company=The Terminator
Hardware ID=6FF7-E7EF-5988-20FE-144E-865D-2D30-A73B
Custom Data=<custom_start>Skynet, a global network of artificial intelligence machines.<custom_end>

License Restrictions

Days Expiration=365
Date Expiration=2029/12/12
Executions=999
Runtime execution=999
Global Time=999
Install Before Date=2029/01/01

Miscellaneous

Unicode License=yes

Generated License (FILE KEY)

License Format=Binary

License Data= <license_start>
ghO1ud4wf14YNU87wUptZ1JTofTFErVAD+IwWKEjB/fxOtba9Vt0uasw45jdF3Yr9eGcJ/6h6lfad3d/MMYzxXYP7OZVGfHctljzMWS4H13UVl3DWBgWzCeozgy9k1UlULrL3/oKL/VdiS/BOJC98IgsF5+XT80xyGxos+Hcs4YdRarI9t0tj/+asJhpgN2KAXvH6lfp8qp0uvwZQUcnw/u+SpQjssOF5aAP9Bwweuw+6nfGxrZGcy8aNK3Kqo7rI5rLPk9Mzo1U0WkS1/I8lpQS1Mtticm1Am/eZCiCHJDMXDEfgTEuLGhQ9AItQtLQ2Fn8egx786AbJM09OEdiz5aGhz3kZfJZz8djMG3g8222gCmmDty8G4pBttMefKkVjKHoI2UXboNHpoOpxi53F6jldAhh3t+JoaOwa3Ng51uTfoNc2kLlCCP+jrjchZUNN9MY8y3kQ4K0Hd6eNkPAXwqbl2kakLZOlsmkkkVi9Pg620SzOt6YHh9iV1rS+TZ0jzWMvC9IakEgJionxYShgLg1Qkv6o4qIzP2ri9lMpM5eJK9Zo+Yl6K9HLnJ/gOE97Op7iAlywjsol5sunCIROe4pLHZo0PDNFJNZ4yy1VEgHp2+Qy/0nP55Fc8845MkE4hrjpg7SOFphFILgTuGVPG97nhRDTi05+f50WE2rl5PpuXnmeBblgD7S87p2tHUO7o2t8kvI/z7Xd9xNfw4HYJcbztKPxAkamUdIl0jmnhdIRGJMlYZm7rBgLd6dYhEu6Lo8P5vi7tydId4QsuwC7tv6+F8CQ1n6HpXSoPowKuMI/L2Zg1Ry3jlS2KUvH4spGy3URvJ8e2rFaDZpmQ==
<license_end>

File Information
Platform:               Windows
Bits:                   64-bit
Type:                   Executable (Standard)
Version:                1.0.0.2
Modified:               8/1/2023 12:09:04 PM

Protection Macros
Virtual Machine:        10
Mutate:                 0
String Encrypt:         6
CheckProtection:        2
CheckCodeIntegrity:     0
CheckVirtualPC:         1
CheckDebugger:          1
Unprotected:            0
CheckRegistration:      0
Registered:             0
Unregistered:           0

WinLicense x64 (version 3.1.3.0)

Unit_bypassme.pas

File Information

Submitter 2days

Submitted 08/02/2023

Category CrackMe

View File

WinLicense v3.1.3.0 x64 (Bypass Without Unpacking)

Solved by boot

Go to solution
1 hour ago, 2days said:

(Bypass Without Unpacking)

T2.jpg.41c5b8aeeb6b48065b49634595e6ee58.jpg

  • Solution

EDIT SLN

You need to

Hook MessageBoxW && Hook MessageBoxExW to mask the dialog box twice.

And you also need to patch the register once, the specific method/step can be referred to here.

The steps are similar to those of x86, you need to suspend the program and step over retn, then set breakpoints at all cmp addresses and select the correct one.

I used Inline Assembly x64 for the Loader64, you can use other tools for bypass, such as Baymax x64... It's a friendly tool for users...

 

Loader64_ByPassMe_x_protected.rar

Edited by boot
add...

2023.08.03-16.45.30.png

Few Questions in my mind regarding the @solutions getting posted and even getting approved.

  •  How did you patch It?
  • How did you unpack or crack It?
  • What kind of debugging settings used by You?
  • Have you used already available public tools or coded something private? (If you made something privately then how does It work?)
  • How did you trace and reach to specific point for patching? (Anti debug bypass or CRC check for patch)
  • What was the logic behind that?

Do you guys know what a good @solution is?
See this

Quote

 

 

 

 

What is the logic of all these videos posted in threads (mostly related to Themida) ?
are these Useful? No absolutely not. 

you all are just acting like an attention seeker by showing off that you can unpack or patch by making a 13-15 sec video with no info
in such videos, there is a loader and you launch and it works. BOOM !

If all the videos are like this then better not to post and increase burden on the site because in my point of view these kind of video proofs are pointless and senseless.
We are here to read and increase the knowledge.
If you don't wanna share, simply keep it up to you. No need to show off and even If you do, I have no problem with you when you show-off
but It should not be marked as a Solution.

P.S. - I am not asking you to share the source code or a complete private stuff but at least you can share steps in a descriptive manner.

Edited by BlackHat

search for CMP x,x

What is the correct value?

Give some infos please. about the loader.

sean.

easy.

 thank boot

2023-08-05_145553.png.981c01acdfbfd51e5c78d32b20b6a82b.png

On 8/5/2023 at 2:58 PM, bon said:

easy.

 thank boot

2023-08-05_145553.png.981c01acdfbfd51e5c78d32b20b6a82b.png

BOOM..!

 

 

  • 5 months later...

How should I configure anti debug setting? I have a problem to debug this.

Regards.

sean.

Quote

@boot

The steps are similar to those of x86, you need to suspend the program and step over retn, then set breakpoints at all cmp addresses and select the correct one.

I have some trouble with debugging x64 target. at first  antidebug issue. I can't bypass it with x64dbg using the scyllahide and sharpOD x64 plugins. My settings are below.

screenshot_15.png.ea846c7c29ef8609f5cce78e9690c1ff.png

 

screenshot_16.png.e4a69e524f704f2610b3fbbe5f46967e.png

 

And I don't know how to find the cmp commands in x64 envirnment. 'cause we can't use the ollydbg for x64 apps. so we can't use the finding sequence of commands feature. How should I find the cmp commands with x64dbg?

Waiting for help.

Regards.

sean.

Edited by windowbase
editing some words.

On 1/19/2024 at 6:08 AM, windowbase said:

And I don't know how to find the cmp commands in x64 envirnment. 'cause we can't use the ollydbg for x64 apps. so we can't use the finding sequence of commands feature. How should I find the cmp commands with x64dbg?

Waiting for help.

Regards.

sean.

@boot specifically in this target, how should I find all matches of "cmp x,x" in the ".winlice" section?

I used "cmp dword ptr ds: [rdi],r13d" but nothing matches.

Regards.

sean.

 

On 8/3/2023 at 10:12 AM, boot said:

EDIT SLN

You need to

Hook MessageBoxW && Hook MessageBoxExW to mask the dialog box twice.

And you also need to patch the register once, the specific method/step can be referred to here.

The steps are similar to those of x86, you need to suspend the program and step over retn, then set breakpoints at all cmp addresses and select the correct one.

I used Inline Assembly x64 for the Loader64, you can use other tools for bypass, such as Baymax x64... It's a friendly tool for users...

 

Loader64_ByPassMe_x_protected.rar 1.99 MB · 130 downloads

 

@boot Not with loader, Not with dll hijacking. I just want to know how to bypass this specific target using with x64dbg. because that I can't understand well what you explained in the summary above.

Many thanks in advance.

Regards.

sean.

Edited by windowbase
Editting words.

On 8/4/2023 at 5:32 PM, Barestra said:

search for CMP x,x

What is the correct value?

Search for the every CMP instructions. using the trace feature with a condition (streq(dis.mnemonic(cip), "cmp") of the debugger like x64dbg will do the job for you. set breakpoints all of them and find a correct one.

Regards.

sean.

Edited by windowbase
adding words.

On 1/29/2024 at 1:57 PM, windowbase said:

@boot Not with loader, Not with dll hijacking. I just want to know how to bypass this specific target using with x64dbg. because that I can't understand well what you explained in the summary above.

Many thanks in advance.

Regards.

sean.

When I try to bypass this target with x64dbg, The process suspends after all the messageboxes. Not Showing TMainForm. Can anyone let me know why this happens? View these images below.

1116.png.b0f9d1fcf3a259df686f1a0d6d756c33.png

 

then ...

 

1117.png.40d0c23f44941dd086c81cc0934893b8.png

Regards.

sean.

Edited by windowbase
editing some words.

On 1/30/2024 at 10:37 PM, windowbase said:

When I try to bypass this target with x64dbg, The process suspends after all the messageboxes. Not Showing TMainForm. Can anyone let me know why this happens? View these images below.

1116.png.b0f9d1fcf3a259df686f1a0d6d756c33.png

 

then ...

 

1117.png.40d0c23f44941dd086c81cc0934893b8.png

Regards.

sean.

This target also needs the "dll","drv" hooking, hijacking or a loader application. we cannot bypass it just with the debuggers like x64dbg. Correct me if I am wrong.

Regards.

sean.

Create an account or sign in to comment

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.