Runtime patching of MPRESS packed executable disables license checks (Gearotic Motion)

Using software, like taxes, is inevitable. Paying for software, unlike taxes, is optional.
Sometimes changing one bit out of millions can make all the difference.

That is what we will do today.

Target: Gearotic Motion 2 Development version

Tools:

Background:

GM2 is an executable packed by MPRESS. I was unable to dump it using standard means, the resource table was intact but the program was pulling invalid default settings for text box entries. Instead of dumping the executable correctly, I chose to make a loader application that patched the application after it finished unpacking itself.

The loader application serves the purpose of spawning our target, suspending execution at a certain point, and injecting a patcher dll. It may be possible using readprocessmemory/writeprocessmemory, but the loader includes code for the patcher dll.

I modified the loader/patcher code to run correctly and to accept parameters via the command line. Code can be provided upon request. Continue reading “Runtime patching of MPRESS packed executable disables license checks (Gearotic Motion)”

Runtime patching of MPRESS packed executable disables license checks (Gearotic Motion)