My second crackme, this time a VM crackme

My second crackme. It is a VM crackme, means the whole is written and interpreted by a VM engine. I didnt add any anti-debug trick except a nice anti-PEiD trick in it.

Again, patching is allowed. Tick ZF is not accepted as a solution, as the effect is not permanent. Learn how to patch dude. If you patch the crackme, submit the patched version here.

If possible, do take some time write up a tutorial on how you cracked it so others can learn from it.

crackme_nop_vm
http://crackmes.de/users/opcode0×90/crackme_nop_vm/

Thwarting VM Detection by Tom Liston and Ed Skudis

I believe most of you have at least heard of VMware, Microsoft Virtual PC, or the recent VirtualBox (http://www.virtualbox.org/) These are virtualization software. They create virtual machine environment (called guest) that runs on your local computer (called host). These software are pretty useful especially when it comes to analyzing malwares or other uses. *ahem*

This is a neat paper about how to detect a VME, and about how to prevent it against detection. Recommended read.

http://handlers.sans.org/tliston/ThwartingVMDetection_Liston_Skoudis.pdf