Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #11  
Old 10-03-2010, 03:14 PM
Freakster235 Freakster235 is offline
Member
 
Join Date: Sep 2010
Posts: 14
Default

Hello,

here is the link to the Software Image:
http://hotfile.com/dl/73530646/f0683...tware.rar.html

The password is: hardlock

Thanks a Lot!
Reply With Quote
  #12  
Old 10-03-2010, 04:59 PM
bbk bbk is offline
Member
 
Join Date: Jan 2010
Posts: 26
Default

@Freakster235

http://hotfile.com/dl/73546602/4110ee7/hardlok.zip.html
Reply With Quote
  #13  
Old 10-03-2010, 11:46 PM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

@Freakster235 - I have downloaded & installed it and i see that there are 9 Main EXE. Executing these exe in emulating mode, i have found that only 7 of 9 which able to run properly (detect the dongle). On the contrary the others EXE (OmniOrder.exe & OmniPlate.exe) give me message "No dongle found or wrong version".

I don't know about this application so it's not too clear for me to understand the meaning of full features, unlimited e.t.c as you said.

For a while I preassume if we can make these two EXE run properly without patching them then all the modules/features enable.

Ok, Here with the first reg for testing. Use multiky emulator & install the hardlock driver (not hasp driver).

Confirm to me if there are something that we should fix.

Last edited by SonofabiT : 10-04-2010 at 01:40 PM.
Reply With Quote
  #14  
Old 10-04-2010, 01:09 PM
Freakster235 Freakster235 is offline
Member
 
Join Date: Sep 2010
Posts: 14
Default

@SonofabiT,

Thanks for your quick Response.
The 2377_test3.reg contains the correct seeds for me. All Exe Applications Runs properly.
How do you know what Hex Byte controls the Exe access?

I also found out when you change the last two bytes (1B,00) to 00,00 the Run-Time Count is deactivated.

I think there are more deactevated Functions in this Software or Dongle, this is The Basic edition and there are 3 higher editions availible.
I think there are another limitaions about features in the Programm.

If iam wrong please correct me, but for what all the other Bytes in the Dongle Memory.

Thanks You.

Freakster
Reply With Quote
  #15  
Old 10-04-2010, 01:29 PM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

Quote:
Originally Posted by Freakster235 View Post
@SonofabiT,

Thanks for your quick Response.
The 2377_test3.reg contains the correct seeds for me. All Exe Applications Runs properly.
Well i am glad... Congratulations & enjoy with the full modules
Quote:
Originally Posted by Freakster235 View Post
How do you know what Hex Byte controls the Exe access?
Reversing your app...
Quote:
Originally Posted by Freakster235 View Post
If iam wrong please correct me, but for what all the other Bytes in the Dongle Memory.
It depends how the protection applied. Different developer will different way to implement it. In the case of your app, the hardlokc memory has been used by your app to activate & deactivated the features/modules.
Reply With Quote
  #16  
Old 10-04-2010, 05:17 PM
Freakster235 Freakster235 is offline
Member
 
Join Date: Sep 2010
Posts: 14
Default

@SonofabiT

so now i had time to test a litte bit more. But there are some features also deactivated. In OmniNest the Automatic Menu is grayed Out and some Fields in Technologies, they are all options.
In OmniConv in the Import Menu the field DSTV is grayed out.

I didn't find a full feature list to show you.

I hope you can help with the other locked things.

Thank You!
Reply With Quote
  #17  
Old 10-05-2010, 02:02 AM
cylchen cylchen is offline
Member
 
Join Date: Jun 2010
Posts: 10
Default

"Seed1"=dword:0000333C
"Seed2"=dword:00002567
"Seed3"=dword:00006815
You upload the software installed, I tried it, the above is correct SEED
Reply With Quote
  #18  
Old 10-05-2010, 08:12 AM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

@ cychen - We are talking about enabling all the software features/modules/functions.

@ Freakster235
Let us see your hardlock memory in the .dat file given by dumper. Use HexEditor to see the addr 0x2000 - 0x0207F.
Code:
C:\hexeditor\hiew32>hiew.exe 2377.dat
▓    2377.dat         ↓FRO --------                  0000000F│Hiew 7.26 (c)SEN
░ 00000000:  1A 9B 52 76│52 76 A1 B9│1A 9B 52 76│D9 58 1A 9B  →˘RvRví╣→˘Rv┘X→˘
░ ........:  .. .. .. ..│.. .. .. ..│.. .. .. ..│.. .. .. ..  ................
░ ........:  .. .. .. ..│.. .. .. ..│.. .. .. ..│.. .. .. ..  ................
▓ 00002000:  .. .. 00 00│00 00 00 00│00 00 00 00│00 00 00 00  
▓ 00002010:  00 00 00 00│00 00 00 00│00 00 00 00│00 00 00 00
▓ 00002020:  D0 07 FF 00│00 00 00 00│D0 07 1F 00│00 00 00 00  ╨•*     ╨•▼
▓ 00002030:  D0 07 07 00│00 00 00 00│D0 07 00 00│D0 07 00 00  ╨••     ╨•  ╨•
▓ 00002040:  D0 07 3F 00│00 00 00 00│00 00 00 00│00 00 00 00  ╨•?
▓ 00002050:  00 00 D0 07│03 00 07 00│00 00 00 00│00 00 00 00    ╨•♥ •
▓ 00002060:  00 00 03 00│00 00 00 00│00 00 00 00│00 00 D0 07    ♥           ╨•
▓ 00002070:  00 00 00 00│6E 00 09 00│03 00 01 00│07 03 1B 00      n ○ ♥ ☺ •♥←
▓ ........:  .. .. .. ..│.. .. .. ..│.. .. .. ..│.. .. .. ..  ................
▓1Help   2PutBlk 3Edit   4Mode   5Goto   6DatRef 7Search 8Header 9Files 10Quit
- addr 0x2000-0x2001 : Your app read this memory addr as a dongle number.
This dongle number appears in decimal notation if you select Help->Info in the EXE.

- addr 0x2022-0x2023 : Enabling/Disabling modules/featurs in the OmniConv.exe.
Modify this word (2 bytes) will activate/deactivate "Import/Export" features & "DSTV Settings" etc.

- addr 0x2056-0x2057 : Enabling/Disabling several Main EXE.
Modifying this word will enabling/disabling several or event all the main EXE.

- addr 0x2070-0x2071 : Enabling features in the OmniNest.exe.
Modify this word will activate/deactivate the "Automatic" & "Technology" features.

- addr 0x207E-0x207F : It seems deal with the expiration/limitation date.
Modify this word will impact the expiration date or even make it "Unexpired".

Here with another mkey reg to overcome your problems :
http://hotfile.com/dl/73934734/bdbd2...st_02.rar.html

The reg will enable the "Automatic" & Fields in "Technology" menu in Omninest.exe. The Import Menu for DSTV & DSTV settings are not grayed out anymore. Also, the reg will bypass the limitation date.

I don't know how to use this app then honetly i don't know how the condition of its full features/modules. If there are another modules/features which will be activated/enabled then do it your self.

Take a journey with your app under debugger and or disassembler. Later you will know how the app used the memory dongle to activate/enable it's modules/features. Today i have removed the app from my PC.

Good Luck
SonofabiT

Last edited by SonofabiT : 10-05-2010 at 10:06 AM.
Reply With Quote
  #19  
Old 10-07-2010, 03:05 PM
Freakster235 Freakster235 is offline
Member
 
Join Date: Sep 2010
Posts: 14
Default

@SonofabiT

Thanks you.

nearly all modules works perfect.
" - addr 0x2070-0x2071 : Enabling features in the OmniNest.exe.
Modify this word will activate/deactivate the "Automatic" & "Technology" features. "

it seems like it is addr. 0x2070-x02072, if you filled this out with "FF" then all modules works.

How did you find out wich section in the .dat file you have to modifiy the give the application the correct response?

an example:
- addr 0x2022-0x2023:

if i change 0x2023 to 01 the DSTV Import ist activated, but the GST Import is grayed out, if i set it to FF then all Import Options are disabled. So how did i know which is the correct value for activating the modules.

Thanks to all for your help.
Reply With Quote
  #20  
Old 10-08-2010, 04:19 AM
benito benito is offline
Senior Member
 
Join Date: Jul 2007
Posts: 685
Default

He already wrote you exactly what you have to do! Read carefully:

Quote:
Originally Posted by Sonofabit
Take a journey with your app under debugger and or disassembler. Later you will know how the app used the memory dongle to activate/enable it's modules/features. Today i have removed the app from my PC.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.