- UID
- 57017
注册时间2008-11-1
阅读权限8
最后登录1970-1-1
初入江湖
该用户从未签到
|
This tut is to Unlock Hardware dependent lock on newer versions
that don't have shoooo's bug (Thanks shoooo for that great tut!)
Target : WLCrackMe1990 PK.exe with a license
Packer : WL 1.9.9.0 (Tested with 2.0.4.0)
Plugins Needed : Phant0m
Load the program, and press F9 until the User and company MessageBox Appears
Now search on memory, all block of 0x2000 of size, finding
the license decruypted
。
Now, put HWBP on access on 0x1A and on 0x25 and reload program
Press F9 many times until reach the decrypt of the bytes
from 0x00 to 0x22 of the license file
Once you are in there, press F9 until you reach this opcode on
VM
0059CFD2 8803 MOV BYTE PTR DS:[EBX],AL
(this can change on others, specilly the registers )
Now press F9 two times
Again press F9 4 times
Follow in dump EDI, and change the BYTE from 0x01 to 0x00
If we are in the correct path, te next time we press F9, EAX register
will hold the value 0x1A of our License File
Got it, now on WL section we search all modified data
that contains 0x01
0x5534F3
Nice, only one value, on others there is more than one
Now change it to zero, and press F9, if a MessageBox
saying tat this sofware only accpets Hardware Licenses
you are on the rigth path!!
Nice!, now put a HWBP o access on the 0x5534F3, delete the
others, and restart the program
Press F9 until you reach a PUSH instruction
Now follow in dump the BYTE with the HWBP and change it to zero
And now press F9 until it launch!
Got the message, we are on right path!
Now its unlocked!
Hope you like this, is my first tut
Tut Made by Deathway!
视频下载地址:http://www.rayfile.com/files/5d6 ... -89fd-0019d11a795f/
以上东西并非我原创,只是转发一下。
文字教程是一个老外发的,下面的那个视频是一个国人做的 讲的很清楚。。
这个patch的方法,只能在OD里,关掉后 打开程序 依然不能过注册,不知道谁有什么好方法吗 |
评分
-
查看全部评分
|
[复制链接]
IP卡
发表于 2009-3-5 20:09:55
提升卡
置顶卡
变色卡
千斤顶
显身卡
发表于 2009-3-6 21:00:45
楼主
发表于 2010-1-2 21:58:16
发表于 2010-11-23 02:35:08