(adsbygoogle = window.adsbygoogle || []).push({});
Hey there, I have a game hack tool that people are selling accounts annd keys for.
below I have provided screenshots of when I open the exe and the screens it present me with.
Here is what PiD provides me;
*File Compression State : 0 (Not Compressed)
File Type : 32-Bit Exe (Subsystem : Win CUI / 3), Size : 2886148 (02C0A04h) Byte(s) | Machine: 0x14C (I386)
Compilation TimeStamp : 0x5AD0B076 -> Fri 13th Apr 2018 13:28:22 (GMT)
[TimeStamp] 0x5AD0B076 -> Fri 13th Apr 2018 13:28:22 (GMT) | PE Header | - | Offset: 0x000000F8 | VA: 0x004000F8 | -
[LoadConfig] Struct determined as v8 (Expected size 140 | Actual size 64)
[LoadConfig] CodeIntegrity -> Flags 0x9A00 | Catalog 0x5A83 (23171) | Catalog Offset 0xA57C65D0 | Reserved 0x5A839A00
[LoadConfig] GuardAddressTakenIatEntryTable 0xA57C65FE | Count 0x5ACCD49C (1523373212)
[LoadConfig] GuardLongJumpTargetTable 0x5ACCD4B0 | Count 0x5A839A00 (1518574080)
[LoadConfig] HybridMetadataPointer 0xA57C65FE | DynamicValueRelocTable 0x5A839A00
[LoadConfig] FailFastIndirectProc 0xA57C65D8 | FailFastPointer 0x5A839A00
[LoadConfig] UnknownZero1 0xA57C65FE
[File Heuristics] -> Flag #1 : 00000000000001001101000000000000 (0x0004D000)
[Entrypoint Section Entropy] : 0.30 (section #0) ".text " | Size : 0x1F9CF4 (2071796) byte(s)
[DllCharacteristics] -> Flag : (0x8140) -> ASLR | DEP | TSA
[SectionCount] 4 (0x4) | ImageSize 0x4D6000 (5070848 ) byte(s)
[ModuleReport] [IAT] Modules -> KERNEL32.dll | USER32.dll | GDI32.dll | ADVAPI32.dll | WS2_32.dll | msvcrt.dll | COMCTL32.dll
[!] File appears to have no protection or is using an unknown protection
- Scan Took : 0.531 Second(s) [000000213h (531) tick(s)] [506 of 580 scan(s) done]*
-
-
And here are some screenshots of OllyDBG and IDA
(
https://imgur.com/a/u2SX9Ol)
-
-
EXE SCREENSHOTS:
(
https://imgur.com/a/FOjjZsr)
-
-
If anyone has advanced knowledge on how to crack this type of authentication or remove it completely, would be highly apreciated!
**I can provide the exe to anyone who asks**