For wlscgen8.0.6, VID：2A0A
From 0x00142be0h to 0x00142befh: C0 0F F8 02 D5 0B 0C 8B 75 6E 9B 32 0A CF 95 3B
For wlscgen8.2.1 ,VID：2A0A：
From 0x00148be0h to 0x00148befh: EA 25 D2 28 90 81 45 99 84 A2 3D C2 BE 89 7A 9D

If we want to hardcod VID,
For wlscgen8.2.1, only offstets of 0x00148beeh and 0x00148befh need to be changed;
For wlscgen8.0.6, only offstets of 0x00142beeh and 0x00142befh need to be changed;

You can change VID without unpacking wlscgen.exe(the original wlscgen). For unpacking wlscgen.exe, only the offsets are different.
how to change VID, please see the attachment.
Password : 1234567008348

Expecting thanks and reputations!



There's a question:
I dumped TORO DSF emulator using pva dumper3.3, and use dmp2mkey2.3 to convert the .dmp file to a .reg file, then I can change the VID (E8,0F) in the reg file, and modify the .reg file as follow:
"CellType"=hex:\
01,01,03,03,03,03,03,03,\
to
"CellType"=hex:\
01,01,03,03,03,01,03,01,\

and emulate it with multikey18.2.4. and modify the WP in the .reg file as was posted by yogi_saw,
Thanks to this guy!

It works for stand-alone, but can't generate networked license.

Hope somebody to share wlscgen8.3 or above version.

Thanks

Have you tried Yogi's emu? with it You can create lic I guess...

@calvin

I didn't have the password for Yogi's emu. So I haven't try it.
Can you please help me?

Thanks

@calvin

I didn't have the password for Yogi's emu. So I haven't try it.
Can you please help me?

Your PM is disabled it seems...

I've modfied my option.
You can PM me now!
Thanks again!

@008348 the emulator is non networked license can't generatd networked lic but if u play with reg u can find way 2 networked lics

@ Thanks yogi_saw,
it is appreciate if you could share how to play with it.

Hi 008348 , when you are talking about offest , wich location are you talking about ........i can not find these offest ( 0x00142be0h to 0x00142befh ) in Wlscgen 8.0.6.

Plz help i am still a newbie.

BR

look in your image attached, in "Here 2" location, the offset is the address to the left

thx you bassem , i was was a little bit confused with this tool......i have another question for you , to find VID with breaking on lsdecode, i still stuck where to break near string "vendor code" , not results....:(

BR

Hi 008348 , when you are talking about offest , wich location are you talking about ........i can not find these offest ( 0x00142be0h to 0x00142befh ) in Wlscgen 8.0.6.
Plz help i am still a newbie.
BR

You can use a hex editor to find the offsets, for example UltraEdit-32.

thx you bassem , i was was a little bit confused with this tool......i have another question for you , to find VID with breaking on lsdecode, i still stuck where to break near string "vendor code" , not results....:(
BR
bp of lsdecode 8.2 for infmation:

1、For 7.x-8.1 licenses:
vendor code：00422460 (EAX)
vendor info：00423A60 (ECX ASCII)
Feature Name：00423988 (ECX ASCII)
7 secrets：00409CF7 (EAX ASCII)
Client lock Code：00423906
Feature version：004239DD
2、For 8.2 licenses：
vendor code：004098C9 (EAX)
Feature Name, vendor info, vendor code,etc.：00420D21 (ESI ASCII)
7 secrets：00409CF7 (EAX ASCII)

easiest way with olly

press contrl+G in the upper left window, a popup box will appear, paste the hex address code (example:00423906 )

olly will jump to this address, now press F2, the address will turn red, now you've set a bp

Ok , many thx to my friends 00348 & Bassem


BR

For wlscgen8.0.6, VID：2A0A
From 0x00142be0h to 0x00142befh: C0 0F F8 02 D5 0B 0C 8B 75 6E 9B 32 0A CF 95 3B
For wlscgen8.2.1 ,VID：2A0A：
From 0x00148be0h to 0x00148befh: EA 25 D2 28 90 81 45 99 84 A2 3D C2 BE 89 7A 9D

If we want to hardcod VID,
For wlscgen8.2.1, only offstets of 0x00148beeh and 0x00148befh need to be changed;
For wlscgen8.0.6, only offstets of 0x00142beeh and 0x00142befh need to be changed;

You can change VID without unpacking wlscgen.exe(the original wlscgen). For unpacking wlscgen.exe, only the offsets are different.
how to change VID, please see the attachment.
It's password proteced, PM me for password.

Expecting thanks and reputations!



There's a question:
I dumped TORO DSF emulator using pva dumper3.3, and use dmp2mkey2.3 to convert the .dmp file to a .reg file, then I can change the VID (E8,0F) in the reg file, and modify the .reg file as follow:
"CellType"=hex:\
01,01,03,03,03,03,03,03,\
to
"CellType"=hex:\
01,01,03,03,03,01,03,01,\

and emulate it with multikey18.2.4. and modify the WP in the .reg file as was posted by yogi_saw,
Thanks to this guy!

It works for stand-alone, but can't generate networked license.

Hope somebody to share wlscgen8.3 or above version.

Thanks

I want to change VID for WlscGen 8.2 can support with the VID 0FED but cannot change
Please see my process bellow:

-for idea i follow your tutorial (Hardcoding Vendor ID of wlscgen8.0.6 and 8.2.1)
-I want change VID to support this OFED Please see

0FED XOR 9B8ABED9 = 9B8AB134
9B8AB134 XOR 0AC221DE = 914890EA
VLM_MORPHID(914890EA)=? (How to get this one)

can you explain to me clearly How to change VID

I want to change VID for WlscGen 8.2 can support with the VID 0FED but cannot change
Please see my process bellow:

-for idea i follow your tutorial (Hardcoding Vendor ID of wlscgen8.0.6 and 8.2.1)
-I want change VID to support this OFED Please see

0FED XOR 9B8ABED9 = 9B8AB134
9B8AB134 XOR 0AC221DE = 914890EA
VLM_MORPHID(914890EA)=? (How to get this one)

use wlscgen.exe ver 7.1 to get this one

can you explain to me clearly How to change VID

@TEMS and yazzzing

If you don't know how to get VLM_morphId(914890EA), here is a simple way :
1. Load Wlscgen7.1.exe into W32Dasm.
2. At the Entry Point, patch the code to :
:0045D530 push 914890EA
:0045D535 call 0043D43A <-- _VLM_morphId()
3. F2 set a break point at
0045D535 call 0043D43A
Execute the "Single Step Thru" (F8) twice.
4. After the call, eax=BE89XXXX, this is VLM_MORPHID(914890EA).
5. Terminate the Process.
Then modify wlscgen8.2.1(don't need to unpack) offsets 00148beeh and 00148befh: "D6 59" to "XX XX" with the help of hex editer, for example: UltraEdit-32.

Hi , could somebody share wlscgen 7.1 (undongled if possible ) .....

BR

Hi , could somebody share wlscgen 7.1 (undongled if possible ) .....

BR


here wlscgen 7.3 undongled if you want:

Hi , thx you for your share , but a need wlscgen 7.1 , the offest are quite differents betwen the versions...............

BR

the method of changing vendor code is basicaaly the same as the tutorial I released before,

here u go undongled wlscgen 7.1

Hi , i have followed the tutorial made by mayaputra for wlscgen, i'am facing these issues, in the adresse 0045D535 i have no call instruction but i have PUSH 545458??

Something is wrong ?? , i am still newbie and a i will appreciate your help.....

BR

@TEMS and yazzzing

If you don't know how to get VLM_morphId(914890EA), here is a simple way :
1. Load Wlscgen7.1.exe into W32Dasm.
2. At the Entry Point, patch the code to :
:0045D530 push 914890EA
:0045D535 call 0043D43A <-- _VLM_morphId()
3. F2 set a break point at
0045D535 call 0043D43A
Execute the "Single Step Thru" (F8) twice.
4. After the call, eax=BE89XXXX, this is VLM_MORPHID(914890EA).
5. Terminate the Process.
Then modify wlscgen8.2.1(don't need to unpack) offsets 00148beeh and 00148befh: "D6 59" to "XX XX" with the help of hex editer, for example: UltraEdit-32.
plz explain for:
At the Entry Point, patch the code to :
:0045D530 push 914890EA
:0045D535 call 0043D43A <-- _VLM_morphId()

Ali dnload the attachement provided by me 2 post above it has utility to generate undongled wlscgen 7.1 load this file into olly now press spacebar to assemble new the above commands

Ali dnload the attachement provided by me 2 post above it has utility to generate undongled wlscgen 7.1 load this file into olly now press spacebar to assemble new the above commands
thanks alot
but i need it for wlscgen 8.2.1.5
BR

U have to read carefully wat i m instructing is for 8.2 but this exercise has to be done on 7.1 coz we dont need to find address of vlmorphid function in 8.2 which is known in 7.1
see the value of ax after the call executed that is really of ur choice...read carefully wat 8348 has written