bypassing GonsoLicense using Shadowcopy
-
precursor
non-extensive guide for bypassing GonsoLicense
requires:- a working Windows
shadowcopyservice (with some knowledge of it, preferably)- to check if
shadowcopyservice exists, open an admincommand promptand entervssadmin list providers- it should respond with info about thevssadminservice
- to check if
- a valid GonsoLicense key
- not-blacklisted vrchat account tied to said key
optional:
- if you would like to create a file monitor[3]: some basic programming knowledge
read the footnotes!
it might be intimidating, but it is very simple when you get used to itstep-by-step
- load affected
unitypackageinto Unity, import any avatar requirements - log into the vrchat SDK panel
- open GonsoLicense verifier, enter key and unlock avatar
- initiate an avatar upload, as normal, and while it compiles shaders and shader variants:
4a. call Windows'shadowcopy(or use a script[1]) on the drive where the project exists - navigate to the location where your
shadowcopyis saved and browse to the copied project directory - copy decrypted avatar files (fx, menu, parameters) from
Packages\com.vrchat.avatars\Samples\Dynamics\Robot Avatar\Animatorsand theMeshes.assetfrom theGonsoLicensefolder insideAssets[2]
6a. these will have psuedo-randomized names, copy everything if you need to
6b. copy these files, trying to move them will not work - either cancel the ongoing upload or let it finish, you at this point have the decrypted files to do what you want with
- when importing the Meshes, you will most likely have to manually fix each
SkinnedMeshRendererand point it to the correct mesh - refer to this post for more info on how to do that - GoGo might also be broken - refer to this post for more info on using GoGoLoco from the VCC
footnotes
[1]
we found using an administrator PowerShell script to directly call the
shadowcopyservice works best - here's a script you can use to do the same$s1 = (Get-WmiObject -List Win32_ShadowCopy).Create("C:\\", "ClientAccessible") $s2 = Get-WmiObject Win32_ShadowCopy | Where-Object { $_.ID -eq $s1.ShadowID } $d = $s2.DeviceObject + "\\" cmd /c mklink /d C:\shadowcopy "$d" Write-Host -NoNewLine 'Press any key to finish and delete the shadowcopy...'; $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown'); $s2.Delete()important: on line 1, change
C:\\to the letter of the drive that your targeted project exists on - e.g. for theDdrive change it toD:\\you can save this to a file with a
.ps1extension - e.g.shadowcopy.ps1and launch it from an administrator powershell in the same directory using.\name-of-file.ps1when launched, this will create a "snapshot" of the targeted drive, essentially freezing it, and everything in it, in time
it will then mount theshadowcopythat was just made inC:\shadowcopy(you may have to delete this directory if it already exists), where you can browse all of the files from the snapshot
it will then wait for any user input, and delete theshadowcopywhen input is given[2]
the location that GonsoLicense stores files in is variable and prone to change, as it can technically store files anywhere on the system
[3]
for the more technically inclined, a file monitor can be written to immediately update the user when files are changed - this can make it easier to signify when the
shadowcopyservice or script should be launched, as it is time sensitivehow does this actually work
unity and encrypted files
Unity does a lot of things right, but it cannot read encrypted files; this means that the SDK cannot just create an avatar from files that it can't read
at some point during the upload process, GonsoLicense needs to decrypt the encrypted files and store them out of sight while it builds the SDK-uploadable package
all the user needs to do, then, is access those files while this is being doneunity and file locking
while any file operation is happening, Unity locks the project directory, effectively preventing any external edits to the files while Unity works with them
this means the user cannot directly access the decrypted files while it is building, so there's one other way to get around thatshadowcopy
shadowcopyis a Windows service targeted towards server machines that allows server managers to create backups of entire drives, on the fly
the strength of this service is that it does not directly copy files, it creates a virtual "snapshot" of sorts that freezes the drive in time and saves the drive's virtual data at that very moment; this leads it to be unaffected by any file locks put in place by Unity or other programs
the user can then simply mount the snapshot as a directory and browse the saved files freely, copying anything directly from that virtual drive to their actual storageending notes
if you don't trust yourself performing this, it's better to ask someone who does (@halcyon has done quite a few by now and has been instrumental in finding a safer way to perform this method)
consider not supporting creators who use this on their models - it's sleazy at best and while Gonso has pure intentions at heart, this system's (and his) reputation is based on the reputation of the creators that use it
unfortunately, many of them are what we call "bad apples" in this community
i don't have anything directly against Gonso, but a handful of his partnered creators have histories of being generally unpleasant human beingsif the creator uses payhip's antileak as well as GonsoLicense, payhip antileak can still identify the file and user who purchased it; i've come up with some experimental bypasses for payhip's system but they require more testing to confirm stability
this method may get patched, but this takes advantage of a technically un-fixable flaw within Unity; more updates if and when that happens
this method was found and refined by a small group of software developers including myself (though i mostly did translation work)
feel free to ask any questions you have - a working Windows
-
T taikeru referenced this topic on
-
-
S SeraphicRoses referenced this topic on
-
S SeraphicRoses referenced this topic on
-
precursor
non-extensive guide for bypassing GonsoLicense
requires:- a working Windows
shadowcopyservice (with some knowledge of it, preferably)- to check if
shadowcopyservice exists, open an admincommand promptand entervssadmin list providers- it should respond with info about thevssadminservice
- to check if
- a valid GonsoLicense key
- not-blacklisted vrchat account tied to said key
optional:
- if you would like to create a file monitor[3]: some basic programming knowledge
read the footnotes!
it might be intimidating, but it is very simple when you get used to itstep-by-step
- load affected
unitypackageinto Unity, import any avatar requirements - log into the vrchat SDK panel
- open GonsoLicense verifier, enter key and unlock avatar
- initiate an avatar upload, as normal, and while it compiles shaders and shader variants:
4a. call Windows'shadowcopy(or use a script[1]) on the drive where the project exists - navigate to the location where your
shadowcopyis saved and browse to the copied project directory - copy decrypted avatar files (fx, menu, parameters) from
Packages\com.vrchat.avatars\Samples\Dynamics\Robot Avatar\Animatorsand theMeshes.assetfrom theGonsoLicensefolder insideAssets[2]
6a. these will have psuedo-randomized names, copy everything if you need to
6b. copy these files, trying to move them will not work - either cancel the ongoing upload or let it finish, you at this point have the decrypted files to do what you want with
- when importing the Meshes, you will most likely have to manually fix each
SkinnedMeshRendererand point it to the correct mesh - refer to this post for more info on how to do that - GoGo might also be broken - refer to this post for more info on using GoGoLoco from the VCC
footnotes
[1]
we found using an administrator PowerShell script to directly call the
shadowcopyservice works best - here's a script you can use to do the same$s1 = (Get-WmiObject -List Win32_ShadowCopy).Create("C:\\", "ClientAccessible") $s2 = Get-WmiObject Win32_ShadowCopy | Where-Object { $_.ID -eq $s1.ShadowID } $d = $s2.DeviceObject + "\\" cmd /c mklink /d C:\shadowcopy "$d" Write-Host -NoNewLine 'Press any key to finish and delete the shadowcopy...'; $null = $Host.UI.RawUI.ReadKey('NoEcho,IncludeKeyDown'); $s2.Delete()important: on line 1, change
C:\\to the letter of the drive that your targeted project exists on - e.g. for theDdrive change it toD:\\you can save this to a file with a
.ps1extension - e.g.shadowcopy.ps1and launch it from an administrator powershell in the same directory using.\name-of-file.ps1when launched, this will create a "snapshot" of the targeted drive, essentially freezing it, and everything in it, in time
it will then mount theshadowcopythat was just made inC:\shadowcopy(you may have to delete this directory if it already exists), where you can browse all of the files from the snapshot
it will then wait for any user input, and delete theshadowcopywhen input is given[2]
the location that GonsoLicense stores files in is variable and prone to change, as it can technically store files anywhere on the system
[3]
for the more technically inclined, a file monitor can be written to immediately update the user when files are changed - this can make it easier to signify when the
shadowcopyservice or script should be launched, as it is time sensitivehow does this actually work
unity and encrypted files
Unity does a lot of things right, but it cannot read encrypted files; this means that the SDK cannot just create an avatar from files that it can't read
at some point during the upload process, GonsoLicense needs to decrypt the encrypted files and store them out of sight while it builds the SDK-uploadable package
all the user needs to do, then, is access those files while this is being doneunity and file locking
while any file operation is happening, Unity locks the project directory, effectively preventing any external edits to the files while Unity works with them
this means the user cannot directly access the decrypted files while it is building, so there's one other way to get around thatshadowcopy
shadowcopyis a Windows service targeted towards server machines that allows server managers to create backups of entire drives, on the fly
the strength of this service is that it does not directly copy files, it creates a virtual "snapshot" of sorts that freezes the drive in time and saves the drive's virtual data at that very moment; this leads it to be unaffected by any file locks put in place by Unity or other programs
the user can then simply mount the snapshot as a directory and browse the saved files freely, copying anything directly from that virtual drive to their actual storageending notes
if you don't trust yourself performing this, it's better to ask someone who does (@halcyon has done quite a few by now and has been instrumental in finding a safer way to perform this method)
consider not supporting creators who use this on their models - it's sleazy at best and while Gonso has pure intentions at heart, this system's (and his) reputation is based on the reputation of the creators that use it
unfortunately, many of them are what we call "bad apples" in this community
i don't have anything directly against Gonso, but a handful of his partnered creators have histories of being generally unpleasant human beingsif the creator uses payhip's antileak as well as GonsoLicense, payhip antileak can still identify the file and user who purchased it; i've come up with some experimental bypasses for payhip's system but they require more testing to confirm stability
this method may get patched, but this takes advantage of a technically un-fixable flaw within Unity; more updates if and when that happens
this method was found and refined by a small group of software developers including myself (though i mostly did translation work)
feel free to ask any questions you have@taikeru ILY
β¦ . γβΊ γ . β¦ . γβΊ γ . β¦ pouya till my grave. β¦ . γβΊ γ . β¦ . γβΊ γ . β¦
MUTED FOR NOW LOL SOMEONE FLAGEGD ME FOR STARTING DRAMA OVER ME SAYING SORRY LMAOOO
No more drops from me 4 now LOLβΊ γ . β¦βΊ γ . β¦ ~ < ~ β¦ . γβΊ γ . β¦
[ it/him/he ]
- a working Windows
-
B blayzah referenced this topic on
-
P pinkcookie2777 referenced this topic on
-
T taikeru referenced this topic on
-
for the programmers and more technically inclined, here's a very simple nodeJS based directory monitor, mentioned in footnote [3]
'use strict' Object.defineProperty(exports, '__esModule', { value: true }) const chokidar = require('chokidar') // Define the path of the directory you want to monitor const directoryToWatch = 'path/to/project/directory/here' const watcher = chokidar.watch(directoryToWatch, { persistent: true, ignoreInitial: false, awaitWriteFinish: { stabilityThreshold: 2, pollInterval: 5 }, atomic: true }) const alertUser = function (message) { console.log('Alert: '.concat(message)) } watcher .on('add', function (path) { return alertUser('File added: '.concat(path)) }) .on('change', function (path) { return alertUser('File changed: '.concat(path)) }) .on('unlink', function (path) { return alertUser('File removed: '.concat(path)) }) .on('error', function (error) { return console.error('Watcher error: '.concat(error)) }) console.log('Watching for changes in directory: '.concat(directoryToWatch))it utilizes the
chokidarpackage to monitor a directory for any incoming changes, additions, and deletions - users can use this to see immediately when GonsoLicense creates files in\Packages\com.vrchat.avatars\Samples\Dynamics\Robot Avatar\Animators(or wherever it may write to within the project directory), and should give ample notice to launchshadowcopyyou might even be able to modify this script to detect when the decrypted files are written and automatically launch
shadowcopyif there's enough interest i wouldn't mind writing a redistributable script to automate this whole process as much as possible
// avid reverse engineer, long-time software developer
// "...culture shouldn't exist only for those who can afford it."
// - Hakita -
Tried to use the script here, getting error;
Get-Wmi : Invalid class "Win32Shadowcopy"I have confirmed that my pc does have shadowcopy in the services and is running. Not entirely sure what to do from here. I didn't know what gonso license was when I bought the model and now I really want to bypass it to be able to work on my avatar as often as I want without fear of getting the license locked. Gonso has prevented me from changing the most basic things and causing my entire model to break if I try any simple workarounds because it expects things to be mostly untouched. Extremely anti-consumer, if I only knew I wouldn't have bought this model.
-
Tried to use the script here, getting error;
Get-Wmi : Invalid class "Win32Shadowcopy"I have confirmed that my pc does have shadowcopy in the services and is running. Not entirely sure what to do from here. I didn't know what gonso license was when I bought the model and now I really want to bypass it to be able to work on my avatar as often as I want without fear of getting the license locked. Gonso has prevented me from changing the most basic things and causing my entire model to break if I try any simple workarounds because it expects things to be mostly untouched. Extremely anti-consumer, if I only knew I wouldn't have bought this model.
@cxward you can enable shadowcopy in two ways:
- opening
services.msc( Win + R > typeservices.msc) - scroll down and locate
Volume Shadow Copy - double click (or right click > properties) and set the startup type to
automatic - right click and start the service
on some systems that may not have the service, like Home, you can enable
System Protection(which uses and enables the shadowcopy service):- open Control Panel
- navigate to System > Advanced System Settings > System Protection
- select your Windows (C) drive
- click Configure
- turn on System Protection and set it to 5%
- click create
your system may need a reboot afterwards, but shadowcopy should be enabled - I run shadowcopy using the service on Windows 10 Pro, so I can a least confirm that works
- opening
