24-06-2022, 07:59 PM
Hi mates,
I have an ELF binary that is locked or bound to a specific device by HWID using VMProtect. On the other hand, the binary cannot run on other PC/system. Please help me bypass it. I don't need to unpack it, just want to remove the hardware lock.
Below is the attachment for the ELF binary
https://mega.nz/file/9AIxxAyC#YFEOalPT5O...bbyZKMg3Dg
My solution
I tried to find the HWID in the binary, and simulate it on my PC to bypass the lock.
What did I do?
The above sample ELF will try to load uuid.so to reckon the HWID of the machine. From this point, I tried to follow that syscall to find out what is HWID of my PC, and what is the existing HWID in the ELF used to compare with. But, no luck. The flow wrapped by VMProtect binary is too complicate for me. Any help that figures it out would be great.
Thanks for reading
I have an ELF binary that is locked or bound to a specific device by HWID using VMProtect. On the other hand, the binary cannot run on other PC/system. Please help me bypass it. I don't need to unpack it, just want to remove the hardware lock.
Below is the attachment for the ELF binary
https://mega.nz/file/9AIxxAyC#YFEOalPT5O...bbyZKMg3Dg
My solution
I tried to find the HWID in the binary, and simulate it on my PC to bypass the lock.
What did I do?
The above sample ELF will try to load uuid.so to reckon the HWID of the machine. From this point, I tried to follow that syscall to find out what is HWID of my PC, and what is the existing HWID in the ELF used to compare with. But, no luck. The flow wrapped by VMProtect binary is too complicate for me. Any help that figures it out would be great.
Thanks for reading
