sergpsu
commented
2 years ago Hi. You can't get compilationDate, it's compiled into each dll separately like other _protected fields.
Open Ell3Tre opened 2 years ago
sergpsu
commented
2 years ago Hi. You can't get compilationDate, it's compiled into each dll separately like other _protected fields.
Ell3Tre
commented
2 years ago so there is no way to decrypt the request?
Ell3Tre
commented
2 years ago however if you would like to help me crack the plugin, please add me to discord Ell3Tre#5699 @sergpsu
sergpsu
commented
2 years ago compilationDate is only used to generate xor key for hiding _protected struct in memory. To decrypt license you need _protected.licenseKey. Hint: compilationDate is unix timestamp, so can be bruteforced
Ell3Tre
commented
2 years ago what I would like to do is decrypt the response of the site mqllock.com//lic.php?lic=&rev=1&rslt=&acc_no=&cid2= to do this I need both the compilationDate and the license key, if I want I can guess the compilationDate but how I can get the license key
sergpsu
commented
2 years ago License key is precompiled into DLL and DLL is protected with VMProtect. You can try scanning memory for _protected structure after DLL is loaded
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail Вірусів немає. www.avast.com https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
On Mon, Feb 7, 2022 at 5:25 PM Ell3Tre @.***> wrote:
what I would like to do is decrypt the response of the site mqllock.com//lic.php?lic=&rev=1&rslt=&acc_no=&cid2= to do this I need both the compilationDate and the license key, if I want I can guess the compilationDate but how I can get the license key
— Reply to this email directly, view it on GitHub https://github.com/sergpsu/mqllock/issues/1#issuecomment-1031590958, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACTOXTAW5OPYUGUPYVPKGGLUZ7QAJANCNFSM5NVN2AEQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
You are receiving this because you were mentioned.Message ID: @.***>
hi, i'm trying to crack a metatrader plugin, i got stuck on the verge of decrypting the request (% s / lic.php? lic =% s & rev =% d & rslt =% s & acc_no =% s), i managed to get a request from a person who bought the plugin, with http debugger I also tried to give the program the correct request as an answer but still it doesn't seem to work. At this point I was trying to decrypt the request and then modify it for use. I'm stuck on getPointerKey (), how do I find the _protected.compilationDate to be able to decrypt?