Quote:
|
Originally Posted by toro
after some study on data transfer between hardlock protected program and driver i found that all of data transfer is performed via deviceiocontrol.
there are 2 level of encryption on hl_api packet. i gess first level enc is function specefic. second level is done. have anyone any idea about first level encryption algo?
toro.
|
First of all you need last two versions of hardlock.sys because they contain different packet crypt code. And both do it inside virtual machine. Code of VM and p-code obfuscated.
Good luck.