How to bypass HWID-Protected Application

HI!

Hii! It's been a while since my last post (Probs almost a year as I'm somewhat busy developing my startup for now)

Introduction

HWID stands for Hardware Identification so that the Application will fetch your unique-id from your hard disk drives, then send it to their server to check if your unique-id is registered. If your unique-id is in their database, you can execute the program, but if it's not there, the program will usually pop up an error msg / open a browser and redirect you to their site.

I suck at making illustrations, lmao.

Execution

reconnaissance

First thing first, we need to follow the flow of the program because I'm not an expert in reversing applications with the assembly things, so I'm just going to use a web debugging proxy to follow all their HTTP requests flow. Fiddler is my favorite.

Fiddler
Requests made by the Application, through point blank's port

The attack!

After seeing this for the first time, the only thing pop into my head is "Hosts File."

Src: https://www.freshjones.com/blog/editing-hosts-file-for-web-development
The original path from the request
I made the exact copy of the pathname and filename
My hosts file configuration
Reissued request

Lmao, CRACKED!

Update 7 July 2020

Fiddler Auto Responder

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store