|
Seems, that you need to patch (inline) and/or emulate Execryptor API, which is used to check registration, if program author have no more checks by its own code? Sometimes it is not just "mov eax, 1/retn" to bypass. What will you do, if some useful code is ciphered? It is impossible to reconstruct it without having a key, and even bypassing validation check will execute ciphered code and end with an unhandled exception.
Sure, all these tones of checks, loops, cipherings, virtual machines are intended to impede your work to find this magic code! But how you will be sure, that any program will get registered patching somewhere jne/je to jmp (or setting some variable to 0 or 1)?
|