SafeNet USB SuperPro/UltraPro

code.breaker · #1 04-24-2010, 03:40 AM

i have 2 dumper for SafeNet USB SuperPro/UltraPro and i have used pva 3.3 dumper without wp and converted with dmp2mkey.exe and used emulator with mk 8.2.3. But this doesn't work. why this doesn't work please let me know.

1. dmp2mkey.exe spro_RNBO_SPN_DRIVER_74d1_0.dmp

Number of Query Cells = 1
0x08

DevID = 0x74D1
Serial = 0x0892
WP = 0x0000

Cell 0x08 : enhanced, sig=6110
**
Descriptor = 0xF99E106A C6 = 0x6D3A

Processing time 1.844 seconds

Writing MultiKey Registry file...

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\MultiK ey\Dumps\74D10000]
"Type"=dword:00000000
"DongleType"=dword:00000003
"Name"="Dump 74D1"
"CellType"=hex:\
01,01,03,03,03,01,03,01,\
03,03,00,00,00,00,00,00,\
00,01,00,00,01,01,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
01,01,00,00,00,01,00,00
"sntMemory"=hex:\
92,08,D1,74,00,00,00,00,00,00,00,00,3A,6D,00,00,\
6A,10,9E,F9,72,3A,00,00,00,00,00,00,2A,87,00,00,\
01,00,CC,2B,FF,FF,01,00,00,00,01,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,FF,FF,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
C8,00,00,00,00,00,00,00,00,00,01,00,F4,01,01,00

and

2. dmp2mkey.exe spro_RNBO_SPN_DRIVER_b99a_0.dmp

Number of Query Cells = 4
0x18 0x1A 0x1C 0x1E

DevID = 0xB99A
Serial = 0x2550
WP = 0x0000

Cell 0x18 : enhanced, sig=15491
*
Descriptor = 0xC62AFCEE C6 = 0x2D34

Cell 0x1A : enhanced, sig=7883
*********************
Descriptor = 0xD36209E1 C6 = 0x2D34

Cell 0x1C : standard, sig=0

Cell 0x1C is Inactive (no data in dump)

Cell 0x1E : enhanced, sig=14039
*************
Descriptor = 0xFC1C23B8 C6 = 0x2D34

Processing time 25.829 seconds

Writing MultiKey Registry file...

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\MultiK ey\Dumps\B99A0000]
"Type"=dword:00000000
"DongleType"=dword:00000003
"Name"="Dump B99A"
"CellType"=hex:\
01,01,03,03,03,01,03,01,\
01,01,01,01,01,01,01,01,\
01,01,01,01,00,00,00,00,\
03,03,03,03,03,03,03,03,\
02,02,02,02,01,01,01,01,\
01,01,01,01,01,01,01,01,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00
"sntMemory"=hex:\
50,25,9A,B9,00,00,00,00,00,00,00,00,34,2D,00,00,\
23,00,78,44,A7,00,63,30,01,00,0A,00,85,CA,B7,10,\
19,00,02,00,3F,00,00,00,7A,65,00,00,00,00,00,00,\
EE,FC,2A,C6,E1,09,62,D3,00,00,00,00,B8,23,1C,FC,\
0A,00,1E,00,32,00,64,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

P@blo · #2 04-24-2010, 04:16 AM

If you have ultrapro dongles you need extract q/r pairs for multikey.
This emu support only table emulaton.

code.breaker · #3 04-24-2010, 04:30 AM

Quote:

Originally Posted by P@blo

If you have ultrapro dongles you need extract q/r pairs for multikey.
This emu support only table emulaton.

dump is here you can check if you get anything from dumper and u can get the .reg working for mk 8.2.3

http://www.4shared.com/file/nHXvFOXd/dump_file.html

gnerogeem · #4 04-24-2010, 04:32 AM

@code.breaker

Multikey 0.18.2.3 SSPro reg example.

Code:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\MultiKey\Dumps\00006CC1]
"Name"="Sentinel SuperPro dump"
"Copyright"="None"
"Created"="11 Nov 2009"
"DongleType"=dword:00000003
"Type"=dword:00000000
"sntMemory"=hex:\
        C6,2B,C1,6C,00,00,00,00,08,00,00,00,00,00,00,00,\
        15,00,35,0D,24,4E,59,B1,00,00,59,E9,45,1B,00,00,\
        00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"CellType"=hex:\
        01,01,03,03,03,01,03,01,\
        01,01,01,01,01,01,01,00,\
        01,01,01,01,00,00,00,00,\
        00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00,\
        00,00,00,00,00,00,00,00

Check your reg file again.

bassem_16 · #5 04-24-2010, 04:39 AM

for code breaker this is the output for the first one

Code:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\MultiKey\Dumps\74D10000]
"DongleType"=dword:00000003
"Copyright"="None"
"Created"="Sat Apr 24 10:37:42.546 2010"
"Name"="74D1 Sentinel SuperPro Dump"
"Type"=dword:00000000
"CellType"=hex:\ 
    01,01,03,03,03,01,03,01,\ 
    03,03,00,00,00,00,00,00,\ 
    00,01,00,00,01,01,00,00,\ 
    00,00,00,00,00,00,00,00,\ 
    00,00,00,00,00,00,00,00,\ 
    00,00,00,00,00,00,00,00,\ 
    00,00,00,00,00,00,00,00,\ 
    01,01,00,00,00,01,00,00
"sntMemory"=hex:\ 
    92,08,D1,74,00,00,00,00,00,00,00,00,3A,6D,00,00,\ 
    6A,10,9E,F9,72,3A,00,00,00,00,00,00,2A,87,00,00,\ 
    01,00,CC,2B,FF,FF,01,00,00,00,01,00,00,00,00,00,\ 
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,FF,FF,\ 
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 
    00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 
    C8,00,00,00,00,00,00,00,00,00,01,00,F4,01,01,00

code.breaker · #6 04-24-2010, 05:10 AM

[Please DO NOT POST WHOLE MESSAGES. If you do it, I just delete it, so why bother?]

@ bassem_16 Does not work with you .reg..what next

P@blo · #7 04-24-2010, 05:11 AM

code.breaker
If You want to check reg-file I need your soft.
Send me link PM.

jabrix · #8 04-24-2010, 11:41 AM

your reg files for gar**** software.

Search it with google, except you have real dongle and want to solve it by your self.

jeff5595 · #9 04-25-2010, 07:03 AM

i have the ultrapro model, what would be the process to create the emulation? do I still use the SENTEMUL2007 program or would it be a Reg File? you mention q/r pairs, is the Ultrapro model procedure completly differant the the Superpro? or is it a additional step? Thanks

Git · #10 04-25-2010, 09:47 AM

You can use MultiKey on Win32. It is a similar procedure, but the query algo cells are different. For the SuperPro the algorithm is known, so you only have to give the emulator the value in cell 6 and a descriptor value for each cell, and it can calculate to Response for *any* Query that a program may send it. For the UltraPro, the algo cell normally uses the AES 256 encryption standard. It is almost impossible to crack without the key and that is very well hidden. So we have to have a way of sending back the correct Response for any Query our program sends to the dongle. The method used is to record Query/response pairs and then put those pairs in the reg file so the emulator can act like the dongle. You must be certain you catch ALL of the Q/R pairs, but be warned, it is quite possible for a program to use an effectively infinite number of random Queries.

People should also be aware that SuperPro+ and SDHK are also capable of using AES cell encryption if the SP_CAPS_AES_ALGO flag is set and I am surprised that we don't see it used more often.

Git

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode