Exetools  

Go Back   Exetools > General > Source Code

Notices

Reply
 
Thread Tools Display Modes
  #31  
Old 12-11-2023, 07:06
Pansemuckl Pansemuckl is offline
Friend
 
Join Date: Nov 2005
Posts: 40
Rept. Given: 6
Rept. Rcvd 4 Times in 2 Posts
Thanks Given: 18
Thanks Rcvd at 44 Times in 15 Posts
Pansemuckl Reputation: 4
TQN? Could anyone provide a working source for VMPROTECT (compiling out of the box GUI)?
Reply With Quote
  #32  
Old 12-11-2023, 07:31
Jaspreet Singh Jaspreet Singh is offline
Banned User
 
Join Date: Oct 2023
Posts: 21
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 11
Thanks Rcvd at 45 Times in 14 Posts
Jaspreet Singh Reputation: 4
Talking

Quote:
Originally Posted by Pansemuckl View Post
TQN? Could anyone provide a working source for VMPROTECT (compiling out of the box GUI)?
The source provided by TQN already compiles out of box. It has the modified files. You would need to install the Qt and dependencies ofc.
Reply With Quote
The Following 2 Users Say Thank You to Jaspreet Singh For This Useful Post:
niculaita (12-22-2023), TQN (12-11-2023)
  #33  
Old 12-12-2023, 02:02
Stingered Stingered is offline
Banned User
 
Join Date: Dec 2017
Posts: 257
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 296
Thanks Rcvd at 181 Times in 90 Posts
Stingered Reputation: 3
Quote:
Originally Posted by Pansemuckl View Post
Debug version provided, NOT the original (packed) one, posted here
https://forum.exetools.com/showpost.php?p=129549&postcount=21

Error message given:
https://picr.eu/images/2023/12/10/VHekF.png
I have the exact same error. My VM is Win7, so I wonder if it's an OS problem?
Reply With Quote
  #34  
Old 12-12-2023, 02:48
sendersu sendersu is online now
VIP
 
Join Date: Oct 2010
Posts: 1,174
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 277
Thanks Rcvd at 568 Times in 316 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
qwindows.dll present?
Reply With Quote
  #35  
Old 12-12-2023, 05:09
kernel kernel is offline
Friend
 
Join Date: Oct 2023
Posts: 25
Rept. Given: 0
Rept. Rcvd 3 Times in 3 Posts
Thanks Given: 10
Thanks Rcvd at 18 Times in 10 Posts
kernel Reputation: 3
Lightbulb

Quote:
Originally Posted by Stingered View Post
I have the exact same error. My VM is Win7, so I wonder if it's an OS problem?
Just install VS 2022 and it will run. It is Debug version built with VS 2022.
A little test made with it. Just vmprotected notepad.exe - 68kb with only EP virtualized and the output file size is 5626kb. For compare the same output with 3.09 is 2222kb. With 3.4 is 5249kb. With 3.5.1 is 6828kb and with 3.6 is 6136kb.
So conclusion this are Vmprotect 3.5 sources most likely.
Reply With Quote
The Following 2 Users Say Thank You to kernel For This Useful Post:
niculaita (12-13-2023), tonyweb (12-13-2023)
  #36  
Old 12-12-2023, 07:26
Jaspreet Singh Jaspreet Singh is offline
Banned User
 
Join Date: Oct 2023
Posts: 21
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 11
Thanks Rcvd at 45 Times in 14 Posts
Jaspreet Singh Reputation: 4
Quote:
Originally Posted by Stingered View Post
I have the exact same error. My VM is Win7, so I wonder if it's an OS problem?
I've already answered this yesterday.
Adding more details, this debug version requires debug version of the MSVCRT.
Easiest way to do this is to run this on a machine with VS 2022 installed. Or you can install the debug version of the MSVCRT.
Both ways work.

Third way: If you googled it, it's coming as the first hit for me.
Reply With Quote
The Following User Says Thank You to Jaspreet Singh For This Useful Post:
niculaita (12-13-2023)
  #37  
Old 12-22-2023, 03:08
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 273
Rept. Given: 89
Rept. Rcvd 86 Times in 39 Posts
Thanks Given: 167
Thanks Rcvd at 340 Times in 118 Posts
Fyyre Reputation: 86
Did someone say Citrix? You can hear VMP screaming from here.
__________________
Best Wishes,

Fyyre

--

https://github.com/Fyyre
Reply With Quote
  #38  
Old 01-20-2024, 16:53
0xc3 0xc3 is offline
Friend
 
Join Date: Sep 2023
Posts: 21
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 6
Thanks Rcvd at 22 Times in 5 Posts
0xc3 Reputation: 0
I manually compiled one, and there is indeed a lot of content that needs to be configured
Reply With Quote
  #39  
Old 10-20-2024, 17:53
CodeCracker CodeCracker is offline
VIP
 
Join Date: Jun 2011
Posts: 543
Rept. Given: 32
Rept. Rcvd 497 Times in 180 Posts
Thanks Given: 26
Thanks Rcvd at 2,456 Times in 430 Posts
CodeCracker Reputation: 400-499 CodeCracker Reputation: 400-499 CodeCracker Reputation: 400-499 CodeCracker Reputation: 400-499 CodeCracker Reputation: 400-499
VMRotect 3.5.1 disable renaming

VMRotect 3.5.1 disable renaming:
\core\dotnetfile.cc
void NETArchitecture::RenameSymbols()
{
..
if (full_name == "System.Reflection.ObfuscateAssemblyAttribute") {
...

}

00B7C3D1 . 897F 04 MOV DWORD PTR DS:[EDI+0x4],EDI
00B7C3D4 . 893F MOV DWORD PTR DS:[EDI],EDI
00B7C3D6 . 897F 08 MOV DWORD PTR DS:[EDI+0x8],EDI
00B7C3D9 . C743 04 00000000 MOV DWORD PTR DS:[EBX+0x4],0x0
00B7C3E0 . 8B5D C4 MOV EBX,DWORD PTR SS:[EBP-0x3C]
00B7C3E3 . F703 00000400 TEST DWORD PTR DS:[EBX],0x40000
00B7C3E9 . 74 07 JE SHORT 00B7C3F2 ; VMProtec.00B7C3F2
00B7C3EB . 8BCE MOV ECX,ESI
00B7C3ED . E8 8EB70000 CALL 00B87B80 ; VMProtec.00B87B80
00B7C3F2 > FFB3 D8000000 PUSH DWORD PTR DS:[EBX+0xD8]
00B7C3F8 . 8B8E 94000000 MOV ECX,DWORD PTR DS:[ESI+0x94]



rename of symbols from assembly:
00BA7B80 $ 55 PUSH EBP
to be changed to ret to not rename
00B87B80 $ 55 PUSH EBP


for (i = 0; i < rename_token_list.size(); i++) {
RenameToken(rename_token_list[i]);
}
reference_list.UpdateNames();

void NETArchitecture::RenameToken(ILToken *token)
{
...
id |= 0xA0000000;
new_name = string_format("%.8X", id);

}


00D0A790 $ 55 PUSH EBP // RenameToken
Local calls from 00BAA600, 00BAF6BB, 00BCD754, 00BCDAC8, 00BDE233
The 00BAF6BB

00BAF1B4 . /74 5D JE SHORT 00BAF213 ; VMProtec.00BAF213

00BAF6AE . 85FF TEST EDI,EDI
00BAF6B0 . 74 19 JE SHORT 00BAF6CB ; to jump
00BAF6B2 > FF34B2 PUSH DWORD PTR DS:[EDX+ESI*4]
00BAF6B5 . 8B8D 4CFEFFFF MOV ECX,DWORD PTR SS:[EBP-0x1B4]
00BAF6BB . E8 D0B0FFFF CALL 00BAA790 ; VMProtec.00BAA790
00BAF6C0 . 8B95 38FEFFFF MOV EDX,DWORD PTR SS:[EBP-0x1C8]
00BAF6C6 . 46 INC ESI
00BAF6C7 . 3BF7 CMP ESI,EDI
00BAF6C9 .^ 72 E7 JB SHORT 00BAF6B2 ; VMProtec.00BAF6B2




if (!HWID.IsCorrect(value))
{
ShowMessage("This application cannot be executed on this computer.");
return false;
}






loader_string_list[FACE_UNREGISTERED_VERSION] = AddCommand(EncryptString(
#ifdef DEMO
true
#else
(ctx.options.flags & cpUnregisteredVersion)
#endif
? os::FromUTF8(VMProtectDecryptStringA("This application is protected with unregistered version of VMProtect.")).c_str() : os::unicode_string().c_str(), string_key));
VMProtectEnd();



#ifndef DEMO
if (VMProtectGetSerialNumberState() == SERIAL_STATE_SUCCESS) {
options.flags |= cpEncryptBytecode;
if ((options.flags & cpMemoryProtection) == 0)
options.flags |= cpLoaderCRC;
} else
options.flags |= cpUnregisteredVersion;
#endif

int VMP_API VMProtectGetSerialNumberState()
{
#ifdef WIN_DRIVER
return SERIAL_STATE_FLAG_INVALID;
#else
if (!g_serial_is_correct)
return SERIAL_STATE_FLAG_INVALID;
if (g_serial_is_blacklisted)
return SERIAL_STATE_FLAG_BLACKLISTED;

int res = 0;

char buf[256];
if (GetIniValue("TimeLimit", buf, sizeof(buf))) {
int running_time = atoi(buf);
if (running_time >= 0 && running_time <= 255) {
uint32_t dw = GetTickCount();
int d = (dw - g_time_of_start) / 1000 / 60; // minutes
if (running_time <= d)
res |= SERIAL_STATE_FLAG_RUNNING_TIME_OVER;
}
}

if (GetIniValue("ExpDate", buf, sizeof(buf))) {
int y, m, d;
if (sscanf_s(buf, "%04d%02d%02d", &y, &m, &d) == 3) {
uint32_t ini_date = (y << 16) + (static_cast(m) << 8) + static_cast(d);
uint32_t cur_date;
#ifdef VMP_GNU
time_t rawtime;
time(&rawtime);
struct tm local_tm;
tm *timeinfo = localtime_r(&rawtime, &local_tm);
cur_date = ((timeinfo->tm_year + 1900) << 16) + (static_cast(timeinfo->tm_mon + 1) << 8) + static_cast(timeinfo->tm_mday);
#else
SYSTEMTIME st;
GetLocalTime(&st);
cur_date = (st.wYear << 16) + (static_cast(st.wMonth) << 8) + static_cast(st.wDay);
#endif
if (cur_date > ini_date)
res |= SERIAL_STATE_FLAG_DATE_EXPIRED;
}
}

if (GetIniValue("MaxBuildDate", buf, sizeof(buf))) {
int y, m, d;
if (sscanf_s(buf, "%04d%02d%02d", &y, &m, &d) == 3) {
uint32_t ini_date = (y << 16) + (static_cast(m) << 8) + static_cast(d);
uint32_t cur_date;
#ifdef VMP_GNU
time_t rawtime;
time(&rawtime);
struct tm local_tm;
tm *timeinfo = localtime_r(&rawtime, &local_tm);
cur_date = ((timeinfo->tm_year + 1900) << 16) + (static_cast(timeinfo->tm_mon + 1) << 8) + static_cast(timeinfo->tm_mday);
#else
SYSTEMTIME st;
GetLocalTime(&st);
cur_date = (st.wYear << 16) + (static_cast(st.wMonth) << 8) + static_cast(st.wDay);
#endif
if (cur_date > ini_date)
res |= SERIAL_STATE_FLAG_MAX_BUILD_EXPIRED;
}
}

if (GetIniValue("KeyHWID", buf, sizeof(buf))) {
char buf2[256];
GetIniValue("MyHWID", buf2, sizeof(buf2));
if (strcmp(buf, buf2) != 0)
res |= SERIAL_STATE_FLAG_BAD_HWID;
}

return res;
#endif
}

0045A2B2 . F7D0 NOT EAX
0045A2B4 . 2385 C0FEFFFF AND EAX,DWORD PTR SS:[EBP-0x140]
0045A2BA . 8985 C0FEFFFF MOV DWORD PTR SS:[EBP-0x140],EAX
0045A2C0 . A9 00040000 TEST EAX,0x400
0045A2C5 . 75 0B JNZ SHORT 0045A2D2 ; VMProtec.0045A2D2
0045A2C7 . 25 FFFFFDFF AND EAX,0xFFFDFFFF
0045A2CC . 8985 C0FEFFFF MOV DWORD PTR SS:[EBP-0x140],EAX
0045A2D2 > FF15 08B26500 CALL DWORD PTR DS:[0x65B208] ; VMProt_1.VMProtectGetSerialNumberState
0045A2D8 . 85C0 TEST EAX,EAX
0045A2DA . 8B85 C0FEFFFF MOV EAX,DWORD PTR SS:[EBP-0x140]
0045A2E0 . 75 19 JNZ SHORT 0045A2FB ; VMProtec.0045A2FB

VMProt_1.VMProtectGetSerialNumberState
is from VMProtectSDK32.dll

I realize all you have to do is place VMProtectLicense.ini in same directory.
Attached Files
File Type: rar VMRotect_3.5.1_Ultimate_disableRenaming.rar (3.44 MB, 19 views)
Reply With Quote
The Following User Says Thank You to CodeCracker For This Useful Post:
Apuromafo (10-22-2024)
  #40  
Old 10-20-2024, 18:55
sendersu sendersu is online now
VIP
 
Join Date: Oct 2010
Posts: 1,174
Rept. Given: 334
Rept. Rcvd 233 Times in 123 Posts
Thanks Given: 277
Thanks Rcvd at 568 Times in 316 Posts
sendersu Reputation: 200-299 sendersu Reputation: 200-299 sendersu Reputation: 200-299
@CodeCracker
why do you need to patch smth on binary level if you have got full VMP sources?
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On



All times are GMT +8. The time now is 05:54.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )