Hey epvperz
Some one can bypass this .dll?
[Only registered and activated users can see links. Click Here To Register...]
Thank
Some one can bypass this .dll?
[Only registered and activated users can see links. Click Here To Register...]
Thank
HWID Limit
02/28/2016 01:58
Holosco*#1
02/29/2016 07:25
KingDollar#2
[Only registered and activated users can see links. Click Here To Register...]
Check your downloadlink please
Check your downloadlink please
03/01/2016 02:32
Holosco*#3
Okay, done. [Only registered and activated users can see links. Click Here To Register...]Quote:
[Only registered and activated users can see links. Click Here To Register...]
Check your downloadlink please
[Only registered and activated users can see links. Click Here To Register...]
03/03/2016 23:11
florian0#4
Okay, done. [Only registered and activated users can see links. Click Here To Register...]
Virustotal: [Only registered and activated users can see links. Click Here To Register...]
MD5: D46200ECE94A384D22D5B139C5BA9F71
SHA-1: 8D7786D9B179A37A62A8A78B1D7128FF1BC5499B
HowTo:
----
Simply cracking the whole mechanism wasn't that hard; took me only about 20 minutes.
My first attempt is basically this:
Whew ... bypassed in three lines of code (well, i can reduce it to one, if you want to xD). The example above actually works. Sadly prooving: this protection sucks.
Even sadder: I've released this Patch on a different forum for a different server and it works on this one aswell ... no need to change ... why ... -.-
(The Dll contains the String "--Electus--", i wonder where else this Dll will work ... if you know what i mean ;))
But i wanted to get rid of the AntiVM-Checks, too. Which was quite challenging, but not impossible. I decided that recreating is easier than manual unpacking Themida, so there it is.
(PM for Source, or reverse engineer it, its not that hard without Themida fooling around.)
Regards,
florian0
Virustotal: [Only registered and activated users can see links. Click Here To Register...]
MD5: D46200ECE94A384D22D5B139C5BA9F71
SHA-1: 8D7786D9B179A37A62A8A78B1D7128FF1BC5499B
HowTo:
- Rename PlanetSRO.dll to PlanetSRO.dll.bak
- Paste downloaded Dll into Silkroad folder
- Rename downloaded Dll to PlanetSRO.dll
----
Simply cracking the whole mechanism wasn't that hard; took me only about 20 minutes.
My first attempt is basically this:
Code:
int* VolumeID;
HMODULE module = LoadLibrary("PlanetSRO.dll");
VolumeID = (int*)((int)module + OFFSET);
*VolumeID = rand();
Even sadder: I've released this Patch on a different forum for a different server and it works on this one aswell ... no need to change ... why ... -.-
(The Dll contains the String "--Electus--", i wonder where else this Dll will work ... if you know what i mean ;))
But i wanted to get rid of the AntiVM-Checks, too. Which was quite challenging, but not impossible. I decided that recreating is easier than manual unpacking Themida, so there it is.
(PM for Source, or reverse engineer it, its not that hard without Themida fooling around.)
Regards,
florian0
03/05/2016 17:18
LastThief*#5
@[Only registered and activated users can see links. Click Here To Register...]Quote:
Virustotal: [Only registered and activated users can see links. Click Here To Register...]
MD5: D46200ECE94A384D22D5B139C5BA9F71
SHA-1: 8D7786D9B179A37A62A8A78B1D7128FF1BC5499B
HowTo:
- Rename PlanetSRO.dll to PlanetSRO.dll.bak
- Paste downloaded Dll into Silkroad folder
- Rename downloaded Dll to PlanetSRO.dll
----
Simply cracking the whole mechanism wasn't that hard; took me only about 20 minutes.
My first attempt is basically this:
Whew ... bypassed in three lines of code (well, i can reduce it to one, if you want to xD). The example above actually works. Sadly prooving: this protection sucks.Code:int* VolumeID; HMODULE module = LoadLibrary("PlanetSRO.dll"); VolumeID = (int*)((int)module + OFFSET); *VolumeID = rand();
Even sadder: I've released this Patch on a different forum for a different server and it works on this one aswell ... no need to change ... why ... -.-
(The Dll contains the String "--Electus--", i wonder where else this Dll will work ... if you know what i mean ;))
But i wanted to get rid of the AntiVM-Checks, too. Which was quite challenging, but not impossible. I decided that recreating is easier than manual unpacking Themida, so there it is.
(PM for Source, or reverse engineer it, its not that hard without Themida fooling around.)
Regards,
florian0
My salutes for bypassing :D I'd like to take look at the src though :p
03/15/2016 01:34
alfhem online#6
hahahaQuote:
My salutes for bypassing I'd like to take look at the src though
03/17/2016 14:17
HypnosĄ#7
that's deepQuote:
Virustotal: [Only registered and activated users can see links. Click Here To Register...]
MD5: D46200ECE94A384D22D5B139C5BA9F71
SHA-1: 8D7786D9B179A37A62A8A78B1D7128FF1BC5499B
HowTo:
- Rename PlanetSRO.dll to PlanetSRO.dll.bak
- Paste downloaded Dll into Silkroad folder
- Rename downloaded Dll to PlanetSRO.dll
----
Simply cracking the whole mechanism wasn't that hard; took me only about 20 minutes.
My first attempt is basically this:
Whew ... bypassed in three lines of code (well, i can reduce it to one, if you want to xD). The example above actually works. Sadly prooving: this protection sucks.Code:int* VolumeID; HMODULE module = LoadLibrary("PlanetSRO.dll"); VolumeID = (int*)((int)module + OFFSET); *VolumeID = rand();
Even sadder: I've released this Patch on a different forum for a different server and it works on this one aswell ... no need to change ... why ... -.-
(The Dll contains the String "--Electus--", i wonder where else this Dll will work ... if you know what i mean ;))
But i wanted to get rid of the AntiVM-Checks, too. Which was quite challenging, but not impossible. I decided that recreating is easier than manual unpacking Themida, so there it is.
(PM for Source, or reverse engineer it, its not that hard without Themida fooling around.)
Regards,
florian0