Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #41  
Old 11-24-2009, 07:03 AM
Git Git is offline
Super Moderator
 
Join Date: Oct 2007
Location: Torino
Posts: 1,797
Default

I have posted the full procedure here. Use the search.

Git
Reply With Quote
  #42  
Old 12-02-2009, 10:51 AM
pfonseca pfonseca is offline
Member
 
Join Date: Nov 2009
Posts: 6
Default

It is possible.... my Hasp HL key dosent work.
I am a week to trying to get this to work and nothing.

1 - Toro save, payrs, log and info.
2 - H5dmp.exe to make my *.dmp
3 - UniDump2Reg VusbKey HASP HL and I get my *.reg.
4 - Edit *.Reg

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\AABBCCDD]
"Name"=""
"Copyright"="Copyright (C) 2009"
"Created"="01/12/2009 00:58:18"
"SN"=dword:4xxxxxxF2
"Type"=dword:000000DA
"Memory"=dword:00000001
"SecTable"=hex:00,00,00,00,00,00,00,00
"NetMemory"=hex:03,00,0F,D0,02,00,00,00,FF,FF,FE,F F
"Option"=hex:00,01,02,4A,1F,01,01,0B,09,01,00,3B,3 1,00
"Data"=hex:\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,00,00,FF,FF,\
00,00,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
57,42,50,54,02,00,00,00,10,00,00,00,00,00,D8,BE,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ColumnMask"=dword:000000FF
"CryptInitVect"=dword:0000003F
"QTable"=hex:\
3C,B5,32,4E,AF,E7,3A,2B,0F,7A,4F,4D,76,6F,B4,CE,29 ,C0,3B,0F,53,6D,70,24,E8,38,F8,44,4C,DB,92,8A,\
"ATable"=hex:\
03,AF,E6,31,F8,9F,F6,7B,BD,AA,62,5E,57,C7,39,D7,29 ,C0,3B,0F,53,6D,70,24,E8,38,F8,44,4C,DB,92,8A,\

5 - Import to Regedit. In Regedit I can see the ATable an Qtable, and i think it is all ok.
6 - Install Vusbbus 0.15.4 and apear in the Pc system
7 - When I run the program give me 2 error's, ":1031 envelope error" and ":25 Clock as no power" and the program dont work

Someone who has had the same problem to help me?

Regards
Pfonseca
Reply With Quote
  #43  
Old 12-04-2009, 12:14 PM
alpertheidiot alpertheidiot is offline
Junior Member
 
Join Date: Dec 2009
Posts: 1
Default

Git, I appreciate what you are saying, you certainly dont want anybody to ask questions without even bothering to do a search. And I can see that you repeat this wherever necessary.
Believe or not, Ive been searching on the forum but I couldnt find your procedure, as I have one of those purple (hasp hl pro) usb.

Please can you kindly let us know your procedure title at least, if not the link.

Thank you for your understanding and help.
Reply With Quote
  #44  
Old 12-04-2009, 07:54 PM
foffa foffa is offline
Senior Member
 
Join Date: Jul 2007
Location: %TEMP%
Posts: 344
Default

for all 1 posts useres , please don make forum full of rubbish posts

that is not insult at alll , please uderstand me , and JUST do a search ,
EXTRACTING MASTER PAIRS , read read read read , try ty try try

we alll have mind did not we but ,who can make it work correctly
Reply With Quote
  #45  
Old 12-05-2009, 09:27 AM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

@ All - I am extracting master pair(s) table from .protect section. Here is the problem : http://reteam.org/board/showpost.php...9&postcount=26

The target, haspHL dump and other necesary file available in this post :
http://reteam.org/board/showpost.php...2&postcount=19

Except two exe files, there are three Enveloped-dll files that identified by Toro's PELoader. I could extract all master pair(s) Table (haspHL) by dump these exe and dll when an "Error 1031:Enveloped Unknown" occured.

I had checked all exe and dll to see if there is an "Error 1031" and i conclude that all "Error 1031:Enveloped Unknown" have been overcomed.

I have used multikey emulator and start the s/w. In emulating mode, i load these 3 dll with Toro's PELoader. I found that one of the three enveloped-dll (hardwareID.dll ) could not be overcomed because when i have loaded the hardwareID.dll , i have got the following error MsgBox :
Code:
Unable to access HASPSRM Run-time Environment (H0333)
I could not get log in Toro's haspmon32 when this SRM error displayed. Even i have loaded hardwareID.dll into ollydbg and monitor it with Xyrurg&Sataron haspLoger 1.71 but i could not get the log.

Notes :
1. Driver Used : HaspHL Device Driver v 5.22.
2. Adding the very last Q-R or all Q-R when the error occured could not solve the problem.
3. Upgrading the haspHL driver to HaspSRM run-time driver could not solve the problem.
4. Contacting profesional dongle emulating service COULD SOLVE the problem. Unfortunately money is the BIG problem for me.

I wonder the hardwareID.dll used SRM functions. Please, direct me how to solve this kind of problem and let this forum work as usual.

Last edited by SonofabiT : 11-01-2010 at 09:17 AM.
Reply With Quote
  #46  
Old 12-05-2009, 01:20 PM
Git Git is offline
Super Moderator
 
Join Date: Oct 2007
Location: Torino
Posts: 1,797
Default

I will give this some more thought, but the immediate thing that comes to mind is that you are using the Hasp HL procedure on SRM so I wouldn't expect it to work. Didn't Tyrus just post something about SRM envelope or was that only concerned with .NET exe's ?. Search on app.rar.

Git
Reply With Quote
  #47  
Old 12-06-2009, 10:07 AM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

It seems the emulator on the app.rar is not Table base. If i am not wrong Tyrus usualy use Aeskey entrie in the .sys file.

i still try to follow the useful post here :
http://reteam.org/board/showpost.php...6&postcount=11

The dongle is haspHL time ( "Type"=dword:000000DA) instead of SRM.

In the case of this hasp type, Does it mean that one of enveloped-dll is haspSRM instead of haspHL ?
Is multikey 0.18.2.0 able to emualate haspHL dongle that have SRM-enveloped ?
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.