Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #21  
Old 06-19-2009, 11:47 PM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

Quote:
Originally Posted by diden View Post
nobody can give you this tool, there are people here who are looking for money
Not completely true !
read what Toro said : http://reteam.org/board/showpost.php...1&postcount=16

On his latest public Sentinel Monitor, he gave us an option to import PVA dump file. We hope Toro add an option to import ssproDevID.bin (dumped by sporaw) on his great tools.
Reply With Quote
  #22  
Old 06-20-2009, 03:26 AM
smithjsmi smithjsmi is offline
Senior Member
 
Join Date: Dec 2008
Posts: 64
Default

Quote:
Originally Posted by SonofabiT View Post
Not completely true !
read what Toro said : http://reteam.org/board/showpost.php...1&postcount=16

On his latest public Sentinel Monitor, he gave us an option to import PVA dump file. We hope Toro add an option to import ssproDevID.bin (dumped by sporaw) on his great tools.
Look how many days has gone but toro not share his tool, its mean he don't have time for it and he never get free time to make public monitor.

I think forget it.
Reply With Quote
  #23  
Old 06-20-2009, 11:04 AM
SonofabiT SonofabiT is offline
Senior Member
 
Join Date: Dec 2008
Posts: 351
Default

Dear All
For any HaspHL Max dongle, Are there possible to catch both Q/A and Qenc/Aenc Tables from another usb loger such as USB Trace and Bushound ?
If yes they are, please explain how to understand the logs of these s/w.

Last edited by SonofabiT : 06-20-2009 at 12:01 PM.
Reply With Quote
  #24  
Old 06-20-2009, 02:01 PM
Git Git is offline
Super Moderator
 
Join Date: Oct 2007
Location: Torino
Posts: 1,797
Default

Communication between the dongle and the driver are enceypted. You need to write a tool to decrypt the data in the logs, or write a plugin for USBTrace.

Git
Reply With Quote
  #25  
Old 07-10-2009, 03:55 AM
Trit0n Trit0n is offline
Senior Member
 
Join Date: Feb 2008
Posts: 115
Default

Fake or not fake?

I have Toro Monitor V3.2 once analyzed further.
In the code is the most part of the tool menus available.
(you can see it if you rename the HardlockFilter.sys and run the monitor)
- that is enough for a Screenshot!

In the code, fragments are also still available for "ExtractPairsFromDumpedSection / EncryptionInfo and Hasp4SeedandSecTableFinder"
But most entries do not have a function like this:
PUSH EBP
MOV EBP, ESP
ADD ESP, -8
MOV DWORD PTR SS: [EBP-8], EDX
MOV DWORD PTR SS: [EBP-4], EAX
POP ECX
POP ECX
POP EBP
RET

I have worked with Olly to edit the code to make everything visible, like a "Fake-Monitor"
(just for fun !!!!!)

- you can see everything, but nothing works (except the original Monitor Functions)
If someone wants to try :
http://rapidshare.com/files/25408612...r-V32.rar.html

Link to Original:
http://www.dongla.net/storage/dongles/haspmon32.zip

- if you want to install your own code: 00412133 to 00412D9B, this part is not needed.

And once again:
This monitor has no more functionality than the original monitor (is only intended to demonstrate)
- Have fun
Reply With Quote
  #26  
Old 07-11-2009, 10:58 AM
bolota bolota is offline
Senior Member
 
Join Date: May 2008
Posts: 124
Default

It is a great tool, very much like to have with all the tools.
Reply With Quote
  #27  
Old 07-13-2009, 02:31 AM
smithjsmi smithjsmi is offline
Senior Member
 
Join Date: Dec 2008
Posts: 64
Default monitor

Quote:
Originally Posted by Trit0n View Post
Fake or not fake?

I have Toro Monitor V3.2 once analyzed further.
In the code is the most part of the tool menus available.
(you can see it if you rename the HardlockFilter.sys and run the monitor)
- that is enough for a Screenshot!

In the code, fragments are also still available for "ExtractPairsFromDumpedSection / EncryptionInfo and Hasp4SeedandSecTableFinder"
But most entries do not have a function like this:
PUSH EBP
MOV EBP, ESP
ADD ESP, -8
MOV DWORD PTR SS: [EBP-8], EDX
MOV DWORD PTR SS: [EBP-4], EAX
POP ECX
POP ECX
POP EBP
RET

I have worked with Olly to edit the code to make everything visible, like a "Fake-Monitor"
(just for fun !!!!!)

- you can see everything, but nothing works (except the original Monitor Functions)
If someone wants to try :
http://rapidshare.com/files/25408612...r-V32.rar.html

Link to Original:
http://www.dongla.net/storage/dongles/haspmon32.zip

- if you want to install your own code: 00412133 to 00412D9B, this part is not needed.

And once again:
This monitor has no more functionality than the original monitor (is only intended to demonstrate)
- Have fun
everybody try with own and he is learn more and make good tools, however, as I know some senior not share his tool only make publicity.
Reply With Quote
  #28  
Old 07-13-2009, 06:15 AM
Git Git is offline
Super Moderator
 
Join Date: Oct 2007
Location: Torino
Posts: 1,797
Default

Please don't quote 100% of a post and add a single line. Use the Quick Reply box below which you can activate by clicking the far right button with the feather icon.

Git
Reply With Quote
  #29  
Old 08-15-2009, 01:02 AM
kooolguy kooolguy is offline
Member
 
Join Date: Nov 2007
Posts: 44
Default Q & A Table

Can someone guide me in solving the Q&A table for hardlock? I have tried using Toro Monitor 3.2 & tried solving it, but it did not work as it had a lot of ascii characters, etc.
Reply With Quote
  #30  
Old 08-15-2009, 04:22 AM
jabrix jabrix is offline
Senior Member
 
Join Date: Aug 2009
Location: JKT
Posts: 136
Send a message via MSN to jabrix Send a message via Yahoo to jabrix
Default

@koolguy
just solved Hardlock dongle. I use:
1. hl-dump http://www.sporaw.ru
2. hl-solver
2. mkey.


Last edited by jabrix : 08-15-2009 at 04:25 AM.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.