Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 07-04-2011, 04:41 PM
asb1347 asb1347 is offline
Member
 
Join Date: Jun 2011
Posts: 3
Default hasp srm emulator

Hi
I have an emulator that use this method for generating license for a PC. A reseller has created it for selling this emulator and generate license for each customer based on hardware maybe.
he send you this registery file:

REGEDIT4
[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Wilmk\ 12345678]
"License"=hex:7F,7F,A2,AD,46,73,92,E7,ED,C0,6A,53, B3,A9,DC,CA
"DongleType"=dword:00000001
"SN"=dword:11223344
"Type"=dword:000000EA
"Memory"=dword:00000001
"SecTable"=hex:00,00,00,00,00,00,00,00
"NetMemory"=hex:00,00,00,00,00,00,00,00,00,00,FF,F F
"Option"=hex:00,00,00,00,00,00,00,00,00,00,00,00,0 0,00
"Data"=hex:\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00


And also this batch file to get answer file:

reg export HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Wilmk\ 12345678 Answer.txt
reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Wilmk\ 12345678 /f
pause


after applying reg file and executing batch file, a reg file is being generated like this:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Wilmk\ 12345678]
"License"=hex:7f,7f,a2,ad,46,73,92,e7,ed,c0,6a,53, b3,a9,dc,ca
"DongleType"=dword:00000001
"SN"=dword:11223344
"Type"=dword:000000fa
"Memory"=dword:00000001
"SecTable"=hex:00,00,00,00,00,00,00,00
"NetMemory"=hex:00,00,00,00,00,00,00,00,00,00,ff,f f
"Option"=hex:00,00,00,00,00,00,00,00,00,00,00,00,0 0,00
"Data"=hex:00,00,00,00,00,00,00,00,00,00,00,00,00, 00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 ,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 ,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 ,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"Answer"=hex:7a,3a,d4,79,2f,ee,de,b7,91,ee,6b,d5,7 9,9f,19,6d



you send this answer to him and he send you a reg file like this:

REGEDIT4

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Wilmk\ 608D2C50]

"License"=hex:C0,D9,56,BF,CF,B0,E8,A4,18,C0,3C,29, E3,15,D6,1B



[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Wilmk\ 608D2C50\SRMData]

"Option"=hex:37,68,61,BC,1E,8F,F0,19,22,0D,3A,C9,4 8,FF,C4,02,40,8A,3A,B5,E9,60,16,4E,21,8F,42,42,1B, 73,76,C2,2B,BE,A5,01,AE,65,2E,AD,85,C3,4C,13,C6,C7 ,CE,36



when you apply this to registery, emulator will work for a period of time and has some limitation. He wants money to give you full solution.

Is there anybody here know this method and could remove this limitations?
Thanks in advance
Reply With Quote
  #2  
Old 07-04-2011, 11:40 PM
gokilaravee gokilaravee is offline
Senior Member
 
Join Date: Nov 2008
Posts: 221
Default

this emulator is highly vmped...not possible to remove time limitation..
__________________
“As a child of God, I am greater than anything that can happen to me.”
Reply With Quote
  #3  
Old 07-05-2011, 02:43 AM
SunBeam SunBeam is offline
Senior Member
 
Join Date: Jun 2011
Posts: 61
Default

..oh it's possible ;-)
Reply With Quote
  #4  
Old 07-05-2011, 04:33 AM
gamebit0 gamebit0 is offline
Senior Member
 
Join Date: Mar 2007
Posts: 98
Default

asb1347, if your reg-file is not a fake, seems your software does use dongle in HL compatibility mode only. you can try other emulators.

Last edited by gamebit0 : 07-05-2011 at 04:38 AM.
Reply With Quote
  #5  
Old 07-05-2011, 04:36 AM
yogi_saw yogi_saw is offline
Senior Member
 
Join Date: May 2009
Posts: 533
Default

@gamebit0 is there any public ed emulator for this?
__________________
"Don't backstab me, i have two eyes on my back..." saint DABANGG
Reply With Quote
  #6  
Old 07-05-2011, 04:42 AM
gamebit0 gamebit0 is offline
Senior Member
 
Join Date: Mar 2007
Posts: 98
Default

yogi_saw, sorry, i'm edited my last post
Reply With Quote
  #7  
Old 07-05-2011, 12:28 PM
gus gus is offline
Senior Member
 
Join Date: Nov 2007
Posts: 331
Default

name soft¿
please upload log with hasploger
Reply With Quote
  #8  
Old 07-05-2011, 03:20 PM
asb1347 asb1347 is offline
Member
 
Join Date: Jun 2011
Posts: 3
Default

this is some part of the emulator.
another reg file required for this too.
but this is the license part of it.
Reply With Quote
  #9  
Old 07-05-2011, 10:09 PM
robin1044 robin1044 is offline
Senior Member
 
Join Date: Mar 2008
Posts: 189
Default

better try to reverse your App. using your original dongle, instead of reversing Emulator. (or pay the emulator service provider )

Reg file seems to be a customized copy of Multikey ...

SRMData --> dealing with SRM API
another reg file? SRMTable? --> SRM Envelope - encrypt/decrypt pairs...
Reply With Quote
  #10  
Old 07-09-2011, 01:27 AM
tale tale is offline
Member
 
Join Date: Feb 2008
Posts: 8
Default

I've found the hasp srm emulator tools and video tutorials(~50MB.)
It's on 4share link is :

http://www.4shared.com/file/ne2qnIAD...Memulator.html

but i don,t know password of rar file and waitting for anyone who can do it for ours.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.