#1
|
|||
|
|||
WinLicense HWID Information
Hi All,
I am not new to reverse engineering but I haven't dealt with WinLicense before. I want to know if HWID check is simply a comparison check of HWID stored in license with current HWID or is correct HWID required to further decrypt the protected code? It would be great if any of the experienced members can shed some light on this. Last edited by c9er; 08-07-2018 at 14:06. Reason: Typo |
#2
|
|||
|
|||
Dear Friend, You did not mention your version which is quite important to this particular packing tool. Also try the nice search feature of the forum using keywords such as winlicense, hwid or hw-id and you find things such as:
Quote:
GIV's tutorial: Quote:
Quote:
|
#3
|
||||
|
||||
1. correct HWID is not required to further decrypt the protected code
2. HWID check is not simply a compassion check. It is checked DWORD by DWORD. So I assume it has x8 checks. |
The Following User Says Thank You to ZeNiX For This Useful Post: | ||
tonyweb (08-11-2018) |
#4
|
|||
|
|||
@chants
I have already gone through those tutorials. I was able to successfully use the LCF-AT script (1.4) on bundled crackmes. My current target is using " Themida/Winlicense(2.X)[-]" as per DiE version 2.0. I have a valid license file which was generated for different HWID. LCF-AT script is able to break at the correct nag message but then it fails to find any HWID compare checks. Subsequently the program closes itself after failed HWID check. I have set a script breakpoint at FOUND_RIGHT_MESSAGE (Line 10726) and script beaks there. After that I can see that it tries to find the HWID compare check. After that it jumps to NO_MORE_CMPS (Line 10830) and executes the command "esto" and the program terminates with exit code 2. Any ideas about why it's failing to find the correct check? I can share the program and regkey.dat file privately if somebody wants to take a look himself. It is not a commercial program and contains only a single executable file. Any pointers in the right direction will be appreciated. |
Tags |
hwid, winlicense |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
winlicense 2.1.x hwid bypass ? | Mahmoudnia | General Discussion | 10 | 01-26-2018 09:24 |