Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 03-15-2011, 03:38 PM
SamiLoai SamiLoai is offline
Member
 
Join Date: Mar 2011
Posts: 12
Lightbulb Pleas Help me

the qustion easy
how to Convert this file to mek Dump or dng
how
Hardlock In:> HLM_LOGIN: ModAd=27592 (0x6BC8),
RefKey=نO )wت, E44F0929EA77F9CA
VerKey=ل/ws, E12F77191A73A3EF
Hardlock Out:> HLM_LOGIN: ModAd=27592 (0x6BC8) -> Status=No device available
Reply With Quote
  #2  
Old 03-16-2011, 05:41 AM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,251
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

post here .dmp/.reg from Sporaw's dumper
__________________
... Either you work well or you work much ....
Reply With Quote
  #3  
Old 09-28-2011, 03:52 PM
Cplus Cplus is offline
Member
 
Join Date: Aug 2008
Posts: 11
Default Im jacking this thread

Ok Bfox, Ive seen your helpful offerings all over this forum so Im gonna jack this thread rather than start a new one with a similar name.

Using vusbus based multi emu with manually edited .reg files (after hl-dump), I can emulate my two hardlock dongles. One works perfect with it's associated software, but the other software does not. When I do that with the physical dongle in, it works. . I feel that I am so close. Can you "Please Help me?" I think I have all the dat's, reg's, and monitor logs you might need to look at but I will wait to post anything.

Last edited by Cplus : 10-25-2011 at 05:12 PM. Reason: Clarity..
Reply With Quote
  #4  
Old 09-28-2011, 04:43 PM
Trit0n Trit0n is offline
Senior Member
 
Join Date: Feb 2008
Posts: 115
Default

For a more detailed analysis, we need a dump file !
(possibly the name of the software or the ModAd also suffice)
a little more information please...
(I suspect an error in "" HlkMemory "= hex: \"
Reply With Quote
  #5  
Old 09-29-2011, 06:58 AM
Trit0n Trit0n is offline
Senior Member
 
Join Date: Feb 2008
Posts: 115
Default

Looks like the problem is HL_RUS
(your software using this feature)
But this is not easy

Look at this example:

00001ff0h: <---- ROM RUS_FIB Structure
00002000h: <---- RAM
00002010h: <---- RAM
00002020h: <---- RAM
00002030h: <---- RAM
00002040h: <---- RAM
00002050h: <---- RAM
00002060h: <---- RAM RUS
00002070h: <---- RAM RUS
00002080h: <---- checkout collisions HL_CODE()/HL_CRYPT()
00002090h: <---- Dongle's ID

in ROM RUS:
typedef struct rus_fib
{
Byte MARKER[2];
Long SERIAL_ID;
Byte VERSION[2];
Word FIXED;
Word VAR;
Word CRC;
} ALIGN_GCC RUS_FIB;

in RAM RUS:
-Expiration date (2 bytes , from fastapi.h)
-Slots (12 bytes,96 on/off slots)
-Constant Block (Relate to CRC of EXPDATE and SLOTS)
-Variable Block (Relate to CRC of Latest Date of use of program)
-xx..

In your case, I think:
(Look at your log)
010001F000001200 (EMU) must be 010002F000001200 (as pysical dongle)
Reply With Quote
  #6  
Old 09-29-2011, 09:33 AM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,251
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

the RUS option/date can be extended...
__________________
... Either you work well or you work much ....
Reply With Quote
  #7  
Old 09-29-2011, 01:02 PM
Cplus Cplus is offline
Member
 
Join Date: Aug 2008
Posts: 11
Default Awesome

Thank you much for the help. I am now poking around with Olli debug, toro monitor, and a hex editor. I am totally new to this so Im trying to self learn. I feel like you've given me plenty to go one plus this thread has good info http://www.reteam.org/board/showthre...?t=1045&page=5.

However I am still in the dark and must continue to toil.

I just noticed something.. My reg is missing 00002080h and 00002090h. Given that the program may be using these values during initial check, I am off to try adding them to my reg file.

Should that not work, can you help me correlate the 6th digit of these log lines: 010001F000001200 and 010002F000001200 with the memory dump and data? Perhaps Bfox, you are telling me that it is calculated based on the expdate, which my dump shows null. Am I close?

Ok, now off to keep working. I just wanted you to know I've been hard at work with the info youve given me so far. I am learning slow, but sure with practice. Thanks always.

(EDIT) Adding the additional lines from memory to the regfile did not help. Toro log appears the same. Going to play with Ollidbg now..

Last edited by Cplus : 09-29-2011 at 01:11 PM.
Reply With Quote
  #8  
Old 09-29-2011, 03:18 PM
Trit0n Trit0n is offline
Senior Member
 
Join Date: Feb 2008
Posts: 115
Default

Maybe even reading this:
http://www.reteam.org/board/showthre...ighlight=flora
and believe me no easy solution
(not that I did not want to help you but it is difficult...)
Reply With Quote
  #9  
Old 09-29-2011, 04:04 PM
Cplus Cplus is offline
Member
 
Join Date: Aug 2008
Posts: 11
Default the clouds darken?

That sounds like bad news except my challenge has a different distinction.. and i dont need a lic file. If it required one, I would have it or buy it as my softwares and keys are up to date and legit, just ask my wallet. I need the convenience, of sh1t not hanging off my lappy when I'm working, and to avoid the pain of calling someone to drive many hours to me my keys, when i forget them. [It is happened more than once.)

Thanks for the link but later in the thread of which you posted the 1st page,"Luna Deadlock", Bfox provides three or so lines of mem as a solution. I want solve in the grandest way my own challenges but also, I've done very little on this earth purely on my own, as even the spirit of a memory can reveal those giants shoulders on top of where we alls stand. Perhaps my feet have grown very large right now. We all here thirst, for new information, for to extend yet another thread to the universe, to connect with the knowledge. Who can have interest enough to join me, LEAD me in to solve this riddle? I am quite capable so put me to your test of tasks. Or you can PM to me if you offer a solution. I can accept this because I will eventually have to get back to regular working. [The hours here have been quite enjoyable though. I can quietly get a feel for each ones personalities and through that the true overall mission speaks itself.] Again, for your time.

C
Reply With Quote
  #10  
Old 09-29-2011, 04:42 PM
Trit0n Trit0n is offline
Senior Member
 
Join Date: Feb 2008
Posts: 115
Default

But now it sounds very frustrated
Sorry I could not help you
(that is not the aim of this forum)
But understand the problem is not easy to solve

do not give up so quickly
I think Bfox can give you the decisive tip
(he is certainly the benefits in terms HL_Rus)

@ Bfox little hint?
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.