-
-
infern0正在尝试unpack haspenvelope without dongle!
-
2004-6-18 17:24
-
Infern0, the author of HaspEmulPro2.33 Keygen, is working on unpacking haspenvelope without dongle. c00l.....!!!!
Lots of crack think that is a mission impossible.
TOTEU said in RCE forum:
1. code around HASP entry is now something like this:
cmp eax, 09
push edi
jnz smth
2. iceext 0.53 will manage the sice checks...
3. the flow of (crazy options set, prolly the hardest) envelope is like this:
FN 01/02(1st_seed)/3C(len 0x08)/02/02(2nd_seed)/
/many 3D (len 0x0E) (some of them random -that means no right answer needed)
(some of them are needed and stored in a 2 indexed tables with IN data and OUT data
- space between arrays is 0x800 in my case -this reminds me of the spro envelope
and their random sproqueries indexed as well...) (a cmp eax, edx in a loop
will compare byte by byte the answers stored in the 2nd indexed table)
/then follows 3D with a few blocks needed for restoring the encrypted PE
in my case blocks were with len: 6*0xFFE + 0x4c3 for decrypting/then again 3D with a block
with len 0x5EE/
4. background hasp checks: 01/02/twice fixed 3C blocks
[培训]《安卓高级研修班(网课)》月薪三万计划,掌 握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
