Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 01-06-2010, 19:08
ZeNiX's Avatar
ZeNiX ZeNiX is offline
Administrator
 
Join Date: Feb 2009
Posts: 721
Rept. Given: 174
Rept. Rcvd 767 Times in 256 Posts
Thanks Given: 201
Thanks Rcvd at 739 Times in 227 Posts
ZeNiX Reputation: 700-899 ZeNiX Reputation: 700-899 ZeNiX Reputation: 700-899 ZeNiX Reputation: 700-899 ZeNiX Reputation: 700-899 ZeNiX Reputation: 700-899 ZeNiX Reputation: 700-899
Checksum of WinLicnese 2.1.0.10

I tried to inline patch the main program of WinLicense 2.1.0.10 today.
However, I found that old tricks are not working now.

I tried the following two methods, but all in vain.

1. CheckSumMappedFile method

2. FreeLibrary method

Anyone knows how to defeat the checksum on WinLicense 2.1.0.10?

I think they have changed it after quesego's tutorial is released.
Reply With Quote
  #2  
Old 01-11-2010, 22:32
quosego quosego is offline
Family
 
Join Date: Feb 2009
Posts: 104
Rept. Given: 8
Rept. Rcvd 39 Times in 13 Posts
Thanks Given: 0
Thanks Rcvd at 1 Time in 1 Post
quosego Reputation: 39
Trace the VM compares. I doubt they changed it that much.
Break on checksummappedfile, then bp in the VM (CISC)
cmp ecx,eax
pushfd

In RISC it'll be slightly different, can't remember something like cmp eax, ebx or so.

The correct checksum will be the one that differs from the original.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
checksum question/help chad1111 General Discussion 0 01-27-2004 16:56
HEX and checksum email2 General Discussion 3 01-05-2004 18:47
CRC CheckSum Problem ( maybe ) How2Crack General Discussion 6 06-30-2002 23:42


All times are GMT +8. The time now is 06:22.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX
( 1998 - 2021 )