الفريق العربي للهندسة العكسية

نسخة كاملة : VMProtect Linux HWID bypass help [Request]
أنت حالياً تتصفح نسخة خفيفة من المنتدى . مشاهدة نسخة كاملة مع جميع الأشكال الجمالية .
Hi mates,

I have an ELF binary that is locked or bound to a specific device by HWID using VMProtect. On the other hand, the binary cannot run on other PC/system. Please help me bypass it. I don't need to unpack it, just want to remove the hardware lock.

Below is the attachment for the ELF binary
https://mega.nz/file/9AIxxAyC#YFEOalPT5O...bbyZKMg3Dg

My solution
I tried to find the HWID in the binary, and simulate it on my PC to bypass the lock.

What did I do?
The above sample ELF will try to load uuid.so to reckon the HWID of the machine. From this point, I tried to follow that syscall to find out what is HWID of my PC, and what is the existing HWID in the ELF used to compare with. But, no luck. The flow wrapped by VMProtect binary is too complicate for me. Any help that figures it out would be great.

help  Thanks for reading
link encrypted
Sorry! The provider Mega locks the attachment somehow. I upload it to mediafire instead.
https://www.mediafire.com/file/d36rwfuhb...23.7z/file

Pass to unzip: 123
[font][font].One glue is that the attached ELF binary will call uuid.so. From there, we are very close to the point of HWID check.[/font][/font]