Results 1 to 8 of 8
  1. #1
    Askleptius
    Askleptius is offline
    New member
    Join Date
    2011 Dec
    Posts
    4
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0

    VMware & winlicense

    Суть вопроса такова : невозможность запуска из виртуалки клиента, стоит протектор ВЛ. С прошлой версией было проще, обходился ток коректировкой файла конфига, теперь не работает. Пробовал чистить от ключей протектора систему, блокировать доступ, всьо равно палит. Кто понимает или уже вилечил стукните в личку или здесь в теме. Буду благодарен.

  2. The Following User Says Thank You to Askleptius For This Useful Post:


  3. #2
    Grooguz
    Grooguz is offline
    BanHammer Holder
    Grooguz's Avatar
    Join Date
    2010 May
    Posts
    678
    Thanks Thanks Given 
    152
    Thanks Thanks Received 
    537
    Thanked in
    167 Posts
    Rep Power
    14
    Sorry, can you make English translation. As I understand, you have problems with running Requiem under VM?

  4. #3
    Askleptius
    Askleptius is offline
    New member
    Join Date
    2011 Dec
    Posts
    4
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0
    Quote Originally Posted by groom View Post
    Sorry, can you make English translation. As I understand, you have problems with running Requiem under VM?
    Yes, there is such problem! More a long ago decided it, it keeps indoors now!

  5. #4
    Grooguz
    Grooguz is offline
    BanHammer Holder
    Grooguz's Avatar
    Join Date
    2010 May
    Posts
    678
    Thanks Thanks Given 
    152
    Thanks Thanks Received 
    537
    Thanked in
    167 Posts
    Rep Power
    14
    if something packed with winlicense/Themida/VMprotect (with enabled protection against VMware), you should first remove protector... I do not know other ways to run such files under VMware

  6. #5
    Askleptius
    Askleptius is offline
    New member
    Join Date
    2011 Dec
    Posts
    4
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0
    Quote Originally Posted by groom View Post
    if something packed with winlicense/Themida/VMprotect (with enabled protection against VMware), you should first remove protector... I do not know other ways to run such files under VMware
    I understand, but think that it is simpler to hide status and change hardware id , an effective method is not only, at least for me.

  7. #6
    Grooguz
    Grooguz is offline
    BanHammer Holder
    Grooguz's Avatar
    Join Date
    2010 May
    Posts
    678
    Thanks Thanks Given 
    152
    Thanks Thanks Received 
    537
    Thanked in
    167 Posts
    Rep Power
    14
    I didn't clearly got your question.. Anyways, following piece of asm shows how to detect VM
    Code:
    XOR     EAX, EAX
    
        PUSH    OFFSET @@Handler
        PUSH    DWORD PTR FS:[EAX]
        MOV     DWORD PTR FS:[EAX], ESP
        MOV     EAX, 564D5868h
        MOV     EBX, 3c6cf712h
        MOV     ECX, 0Ah
        MOV     DX, 5658h
        IN      EAX, DX
        MOV     EAX, True
        JMP     @@NotHandle
    @@Handler:
        MOV     EAX, [ESP+$C]
        MOV     TContext(EAX).EIP, OFFSET @@Handled
        XOR     EAX, EAX
        RET
    @@Handled:
        XOR     EAX, EAX
    @@NotHandle:
        XOR     EBX, EBX
        POP     DWORD PTR FS:[EBX]
        ADD     ESP, 4
    Maybe this method is used in protectors like Themida.
    Probably Dwar can give you a more useful answer....

  8. #7
    Askleptius
    Askleptius is offline
    New member
    Join Date
    2011 Dec
    Posts
    4
    Thanks Thanks Given 
    0
    Thanks Thanks Received 
    2
    Thanked in
    2 Posts
    Rep Power
    0
    Quote Originally Posted by groom View Post
    I didn't clearly got your question.. Anyways, following piece of asm shows how to detect VM
    Maybe this method is used in protectors like Themida.
    Probably Dwar can give you a more useful answer....
    Will expect his help, hope he often peeps in new themes.

    ---------- Post added 2011-12-04 at 09:33 PM ---------- Previous post was 2011-12-01 at 02:10 PM ----------

    Решение найдено! спасибо Grooguz за то что откликнулся!

  9. The Following User Says Thank You to Askleptius For This Useful Post:


  10. #8
    KollyaN
    KollyaN is offline
    Guest
    Join Date
    2012 Mar
    Posts
    1
    Thanks Thanks Given 
    2
    Thanks Thanks Received 
    0
    Thanked in
    0 Posts
    Rep Power
    0
    Quote Originally Posted by Askleptius View Post
    Will expect his help, hope he often peeps in new themes.

    ---------- Post added 2011-12-04 at 09:33 PM ---------- Previous post was 2011-12-01 at 02:10 PM ----------

    Решение найдено! спасибо Grooguz за то что откликнулся!
    Приятного времени суток. А могли бы вы разъяснить решение данного вопроса? Заранее благодарен.
    Have a nice time of day. And could you explain the solution to this problem? Thanks in advance.
    Last edited by KollyaN; 2012-03-18 at 03:50 PM.

Similar Threads

  1. Replies: 4
    Last Post: 2011-09-30, 05:37 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •