#1
|
||||
|
||||
winlicense 2.1.x hwid bypass ?
Hi
how to bypass hwid of 2.1.x winlicense protected targets ? i have valid license for other pc |
#2
|
||||
|
||||
#3
|
||||
|
||||
Hi giv
my tagert don't run in win xp , how to use lcf-at script in other windows os ? this is my target : Code:
http://www.mediafire.com/file/i966h3230ml1n97/Xentry.rar may you help me ? thanks Last edited by Mahmoudnia; 01-23-2018 at 18:12. |
#4
|
||||
|
||||
friend giv , may you help me ?
|
#5
|
|||
|
|||
Bypass the WinLicense 2.4.6.0 HWiD Check
Xentry.exe(VeDoc calculator) is protected by WinLicense 2.4.6.0.
It can not run in Windows XP because it imports APIs from dwmapi.dll. I played in Windows 7 with your valid license file regkey.dat:
It's so simple, so easy to bypass the HWiD Check! Sad for Oreans. For more technical details, please refer to my post years ago at tuts4you Themida 2.2.6.0, in which attached a WinLicense 2.2.6.0 example. |
The Following User Gave Reputation+1 to MistHill For This Useful Post: | ||
Mahmoudnia (01-23-2018) |
The Following 6 Users Say Thank You to MistHill For This Useful Post: | ||
Mahmoudnia (01-23-2018), Newbie_Cracker (01-30-2018), niculaita (01-24-2018), NoneForce (01-24-2018), ontryit (01-24-2018), tonyweb (02-04-2018) |
#6
|
||||
|
||||
Hi MistHill
Thanks a lot off may you tell me how to find "modify DWORD [0130A21D]=7CBDC03A" ? thanks again |
#7
|
|||
|
|||
Quote:
I will also have a look |
#8
|
|||
|
|||
@TechLord
Mahmoudnia's link still works. @Mahmoudnia It's a long story. Read my post at tuts4you for some hint. In short, address 0130A21D is the Is_Registered_DWORD1. 1. It was initialized to FALSE (value 0x5B4E0215) at first. 2. Set to TRUE(value 0x7CBDC03A) if License File: RSA decryption and signature verification, decryptions for each fields and checksums all Okay. Else FALSE again, no go further. 3. Set to FALSE if HWiD not matches, error message, exit. 4. Decrypting each setions of the application, resolving imports, relocating, and so on. What we do is find out the Is_Registered_DWORD1 address and TRUE/FALSE values, and patch it to TRUE at some place before the check. Easy or difficult, depending on how much understanding for the Oreans' VM architecture. |
#9
|
|||
|
|||
Thank you for the reply but ...
I am getting this error message : Quote:
|
#10
|
|||
|
|||
Quote:
Xentry.rar - OpenDrive |
#11
|
|||
|
|||
Quote:
No.. I don't think it's the ISP... I think that the file from Mahmoudnia's link is deleted... I am able to download other files from Mediafire without issues. In any case thanks a lot once again for the upload Cheers |
Thread Tools | |
Display Modes | |
|
|