Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 01-27-2010, 10:55 AM
maximae maximae is offline
Member
 
Join Date: Jan 2010
Posts: 5
Unhappy How to dump Hardlock Server ?

I have Terminal access to comp with Hardlock Server
and Aladdin Hardlock USB attached to this comp.

I find ModAd in aladdin server monitor and try to dump.
When i damp from terminal client hldmp.exe wrote:
....
Dumping Hardlock with ModAd = ....h (.....).
Remote via HL-Server USB Hardlock with ID: ......h (...).
Luna ASIC type (new)
Hardlock with memory... Memory dumped.
Dumping Algo Data... 2%


This is correct dumping ???

Next i use UnidmpToreg 1.15 and save for vUSBBus Hardlock.
Then Correct result for MultiKey(mkey 18.2.3) as shown in example reg for new Hardlock.
Run mkey - program not working.

Whats Wrong?
Reply With Quote
  #2  
Old 01-27-2010, 12:04 PM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,265
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

may be wrong seed1/2/3
__________________
... Either you work well or you work much ....
Reply With Quote
  #3  
Old 01-28-2010, 05:08 AM
maximae maximae is offline
Member
 
Join Date: Jan 2010
Posts: 5
Default

My HLK Memory contains only:
"HARDLOCK Server Logins:005 CompanyName"

It is correct?
Reply With Quote
  #4  
Old 01-28-2010, 10:34 AM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,265
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

may be u can show the dump?
__________________
... Either you work well or you work much ....
Reply With Quote
  #5  
Old 01-29-2010, 05:32 AM
maximae maximae is offline
Member
 
Join Date: Jan 2010
Posts: 5
Default

This is dumper reg:
(i change modad, id, and company name in data)
Full files here:http://rapidshare.com/files/34281245..._1234.rar.html
pass www.reteam.org
Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Emulator\Hardlock\Dumps\1234]
"Copyright"="(c) 2005-2006, NoDongle Team. E-mail: support@nodongle.biz, Web: http://www.nodongle.biz "
"Name"="1234"
"ID"=dword:12345678
"Created"="28.01.2010 13:12:02"
"Data"=hex:48,41,52,44,4C,4F,43,4B,20,53,65,72,76,65,72,20,\
           4C,6F,67,69,6E,73,3A,30,30,30,35,20,20,20,20,20,\
           20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,\
           41,41,41,41,41,41,41,41,41,00,00,00,00,00,00,00,\
           00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
           00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
           00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
           00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"Code"=hex:C2,97,C1,6B,D6,83,9E,34,97,C2,1C,B6,34,9E,38,6D,\
           B6,1C,C1,6B,83,D6,D6,83,2C,79,1C,B6,D6,83,34,9E,\
           1C,B6,2C,79,34,9E,D6,83,C1,6B,B6,1C,D6,83,83,D6,\
           1C,B6,97,C2,38,6D,34,9E,C1,6B,C2,97,9E,34,D6,83,\
           34,9E,38,6D,2C,79,6B,C1,6D,38,E9,43,C2,97,C1,6B,\
           38,6D,E9,43,2C,79,1C,B6,E9,43,43,E9,....
This is reg for mkey(Multikey)
Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\MultiKey\Dumps\00001234]
"Name"="1234"
"Copyright"="None"
"Created"="1 Jul 2010"
"DongleType"=dword:00000002
"ID"=dword:12345678
"withMemory"=dword:00000001
"Seed1"=dword:0000DC13
"Seed2"=dword:0000349E
"Seed3"=dword:0000580C
"HlkMemory"=hex:48,41,52,44,4C,4F,43,4B,20,53,65,72,76,65,72,20,\
4C,6F,67,69,6E,73,3A,30,30,30,35,20,20,20,20,20,\
20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,\
41,41,41,41,41,41,41,41,41,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
This is correct regs?
Reply With Quote
  #6  
Old 01-30-2010, 02:02 PM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,265
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

imho, yes.
__________________
... Either you work well or you work much ....
Reply With Quote
  #7  
Old 01-30-2010, 02:15 PM
maximae maximae is offline
Member
 
Join Date: Jan 2010
Posts: 5
Default

But Soft NOT Working!

When i emulate this reg with mkey,
Keyid utility shows "Aladdin HASP SRM USB key" ???

What i must check next?
Reply With Quote
  #8  
Old 01-30-2010, 02:25 PM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,265
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

u can upload REAL dump and target?
__________________
... Either you work well or you work much ....
Reply With Quote
  #9  
Old 02-01-2010, 04:29 AM
justine justine is offline
Senior Member
 
Join Date: Dec 2007
Location: Serbia,Belgrade
Posts: 82
Send a message via ICQ to justine Send a message via MSN to justine Send a message via Yahoo to justine Send a message via Skype™ to justine
Default

Maybe your app comunicate with dongle only througth network. It is posible that app doesnt search dongle on lpt/usb at all
__________________
ALLEZ!!
Reply With Quote
  #10  
Old 02-01-2010, 03:42 PM
nodongle nodongle is offline
Senior Member
 
Join Date: Oct 2007
Posts: 320
Default

Seems protected softare is Galileo / SuperNova Ulter Systems.
Your reg data is not enough for emulate network dongle.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.