Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Search Forums
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Showing results 1 to 25 of 49
Search took 0.01 seconds.
Search: Posts Made By: oxident
Forum: Reverse Code Engineering 01-04-2019, 06:17 AM
Replies: 0
Views: 17,346
Posted By oxident
Approach for recent FlexLM daemons?

Hi!

For the last years, I relied on Arlequim's old but great working generic ECC patcher. Unfortunately, many vendors now use more recent FlexLM versions and that tool isn't effective anymore.

I'm...
Forum: Reverse Code Engineering 03-01-2016, 11:38 AM
Replies: 6
Views: 6,491
Posted By oxident
So you mean, "security by obscurity"?...

So you mean, "security by obscurity"? :eek:
Forum: Reverse Code Engineering 03-01-2016, 02:28 AM
Replies: 6
Views: 6,491
Posted By oxident
Thanks for this information. Very valueable! May...

Thanks for this information. Very valueable!

May I ask how you've discovered this? None of the signature / pattern search tools I've tried are showing any evidence of a (known) crypto algorithm.
Forum: Reverse Code Engineering 01-16-2016, 09:29 PM
Replies: 6
Views: 6,491
Posted By oxident
Question Serial checking using DLL

Hi!

I've been trying to understand how a particular target application checks for a valid serial number during installation. I was able to isolate the DLL which gets called (available here...
Forum: General Forum 05-22-2013, 05:42 PM
Replies: 0
Views: 12,619
Posted By oxident
Crypted license code based on dongle or MAC

Hi!

I'm trying to understand the following target:
http://www.4shared.com/zip/H2XjEmTr/License.html

Basically, it's a license check utility for serial numbers derived from either a dongle's serial...
Forum: Reverse Code Engineering 12-21-2012, 09:04 AM
Replies: 10
Views: 8,974
Posted By oxident
Thanks. That did it and now everything work's out...

Thanks. That did it and now everything work's out of the box. I lost a few hours until I've discovered this.

Just to explain the effect of the "chinese hack": A component of the installer was...
Forum: Reverse Code Engineering 12-20-2012, 02:51 PM
Replies: 10
Views: 8,974
Posted By oxident
I did understand you but I have to admit that the...

I did understand you but I have to admit that the target has been somehow "pre-patched" or crippled (by someone else) and I really suspect there's something wrong. I already tried different hasp...
Forum: Reverse Code Engineering 12-20-2012, 04:48 AM
Replies: 8
Views: 4,813
Posted By oxident
Yes, I know what you mean. I've already done this...

Yes, I know what you mean. I've already done this in the past and in my case, the vendors were always so lazy, they simply replaced the dongle without asking...

Maybe you should upload one of your...
Forum: Reverse Code Engineering 12-19-2012, 07:26 PM
Replies: 10
Views: 8,974
Posted By oxident
Hmm, I would also say that the reg file should...

Hmm, I would also say that the reg file should work perfectly but it's quite strange that it won't work in conjunction with MK x64 (which serves a dongle for another application quite well) but it...
Forum: Reverse Code Engineering 12-19-2012, 01:18 PM
Replies: 8
Views: 4,813
Posted By oxident
It's only marked as "too many failed...

It's only marked as "too many failed attempts" if the problem was because of your bruteforce attacks. But if your app detected something, it may write some details to the dongle.

But the dongle...
Forum: Reverse Code Engineering 12-19-2012, 12:06 PM
Replies: 8
Views: 4,813
Posted By oxident
The protected application can surely...

The protected application can surely "damage" the dongle in terms of "deactivating" it because it may write to the dongle.

Another point is that, to my knowledge, you can damage the dongle by...
Forum: Reverse Code Engineering 12-19-2012, 05:36 AM
Replies: 10
Views: 8,974
Posted By oxident
Unfortunately, this one doesn't work. Dongle gets...

Unfortunately, this one doesn't work. Dongle gets detected by Windows (as it would using VUSBBUS) but the application won't "see" the dongle.

I've tried to "swap" the PW from 0x2395 0x7ce5 to 0x7ce5...
Forum: Reverse Code Engineering 12-18-2012, 08:38 AM
Replies: 10
Views: 8,974
Posted By oxident
Thanks for making that clear. I've already tried...

Thanks for making that clear. I've already tried this by taking a look at MK's examples. Unfortunately this results in a non-starting akusb service (Code 10) but I'll keep trying!
Forum: Reverse Code Engineering 12-18-2012, 05:49 AM
Replies: 10
Views: 8,974
Posted By oxident
VUSBBUS Type 0xEA -> MK?

Hi!

I'm trying to convert a VUSBBUS dongle to Multikey (for x64 support) and I'm quite unsure how to dump the virtual dongle because I've never seen this "type" (0xEA) before. Therefore, none of my...
Forum: General Forum 08-04-2012, 03:14 PM
Replies: 7
Views: 10,230
Posted By oxident
Okay, thanks for the hint. It's really stable if...

Okay, thanks for the hint. It's really stable if I switch to text view. So I guess, having a printed reference on desk with all relevant opcodes is still mandatory ;)
Forum: General Forum 08-04-2012, 10:22 AM
Replies: 7
Views: 10,230
Posted By oxident
Yes, that's quite clear to me. But switching from...

Yes, that's quite clear to me. But switching from a JNZ to a JMP with the same destination shouldn't change the instruction size, should it?


That's exactly how I do it for now but it's quite...
Forum: General Forum 08-04-2012, 03:58 AM
Replies: 7
Views: 10,230
Posted By oxident
How to assemble in IDA?

Hi!

I'm making huge progress in learning IDA and I'm already able to break simple protections but one thing remains unclear to me:

If I need to alter the control flow of a target (by changing JZs...
Forum: Reverse Code Engineering 07-15-2012, 02:26 PM
Replies: 41
Views: 24,451
Posted By oxident
Then it uses a call to the Win32-API to find the...

Then it uses a call to the Win32-API to find the file. Try to find that call inside your target and modify the program flow. In almost any case there's a JNZ which simply quits the application
Forum: Reverse Code Engineering 07-15-2012, 10:28 AM
Replies: 41
Views: 24,451
Posted By oxident
Maybe a stupid question but why don't you simply...

Maybe a stupid question but why don't you simply patch the target's mk detection routine?
It's quite easy using ApiMonitor and OllyDbg/IDA. Just look for registry queries...
Forum: General Forum 06-14-2012, 04:03 PM
Replies: 5
Views: 7,303
Posted By oxident
Correct me if I'm wrong but the device I used to...

Correct me if I'm wrong but the device I used to do my first AVR steps was a Teensy USB Board which can be programmed directly. There are tons of examples emulation HID devices or even mass storage...
Forum: General Forum 05-11-2012, 06:04 PM
Replies: 5
Views: 7,303
Posted By oxident
Of course you're right but when talking about...

Of course you're right but when talking about "closed systems" (embedded Linux with read-only filesystems for example) then I don't see any other possibility than just simulating the real dongle.

My...
Forum: General Forum 05-11-2012, 05:10 PM
Replies: 5
Views: 7,303
Posted By oxident
Simulating SSPRO with an AVR?

Hi!

Just a short question: Is it possible to simulate a Sentinel SuperPro/UltraPro dongle using an AVR based microcontroller, like the one used on the Teensy USB board (AT90USB1286)?
Forum: Reverse Code Engineering 11-29-2011, 08:43 AM
Replies: 12
Views: 6,212
Posted By oxident
Now I've tried both, putting 0xEFD4 in cell 3 and...

Now I've tried both, putting 0xEFD4 in cell 3 and 0x334C in cell 4 (both with celltype 3) and using VUSBBUS ... without any luck.
The overwrite function still returns error 0x4.

Third try was to...
Forum: Reverse Code Engineering 11-28-2011, 03:08 PM
Replies: 12
Views: 6,212
Posted By oxident
[Please DO NOT quote whole messages, it is...

[Please DO NOT quote whole messages, it is unnecessary]

Yes, this is of course the most "trivial" one. The other modification includes checking the product options (or better said: max. supported...
Forum: Reverse Code Engineering 11-28-2011, 02:47 PM
Replies: 12
Views: 6,212
Posted By oxident
[Please DO NOT quote whole messages, it is...

[Please DO NOT quote whole messages, it is unnecessary]

I've hidden the ID because I guess it would be better not to reveal too much details about this work to the manufacturer. As long as this...
Showing results 1 to 25 of 49

 
Forum Jump




Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.