Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 12-19-2012, 11:46 AM
ustev ustev is offline
Member
 
Join Date: Jul 2009
Posts: 19
Default Can a dumper damage a physical dongle?

At my previous post i wrote about a dongle if you remember. After few tries of dumping and solving i noticed that my physical dongle doesn't seem to be working any more! I tried the dongle on 3 different computers. Can a dumper damage a working dongle? Or is there any kind of copy protection to do so!?
Reply With Quote
  #2  
Old 12-19-2012, 12:06 PM
oxident oxident is offline
Member
 
Join Date: Jul 2011
Posts: 49
Default

The protected application can surely "damage" the dongle in terms of "deactivating" it because it may write to the dongle.

Another point is that, to my knowledge, you can damage the dongle by bruteforcing the WP key. Some dongle feature an internal counter which may brick the dongle if too many failed attempts have been done.

Sorry to say...
Reply With Quote
  #3  
Old 12-19-2012, 12:15 PM
ustev ustev is offline
Member
 
Join Date: Jul 2009
Posts: 19
Default

Thx for the reply. I can replace the dongle. Should i send the dongle to company, is there any chance to dongle keep a log file for dumping attemps with detailed information such as; computer name, data time etc...? Or will they only find a damaged dongle? Thnx...
Reply With Quote
  #4  
Old 12-19-2012, 01:18 PM
oxident oxident is offline
Member
 
Join Date: Jul 2011
Posts: 49
Default

It's only marked as "too many failed attempts" if the problem was because of your bruteforce attacks. But if your app detected something, it may write some details to the dongle.

But the dongle memory is very limited. Don't expect detailed information there...
Reply With Quote
  #5  
Old 12-20-2012, 02:45 AM
ustev ustev is offline
Member
 
Join Date: Jul 2009
Posts: 19
Default

oxident thank you again for information. So you can say i can send it back to company.
Sorry for double checking but can any body else confirm that? Any other seniors? Its very important to me and i dont want to do any mistakes about it (im aware that i did allready )
Reply With Quote
  #6  
Old 12-20-2012, 04:48 AM
oxident oxident is offline
Member
 
Join Date: Jul 2011
Posts: 49
Default

Quote:
Originally Posted by ustev View Post
Its very important to me and i dont want to do any mistakes about it (im aware that i did allready )
Yes, I know what you mean. I've already done this in the past and in my case, the vendors were always so lazy, they simply replaced the dongle without asking...

Maybe you should upload one of your dumps and then some of the seniors here can take a look at it!
Reply With Quote
  #7  
Old 12-20-2012, 08:11 AM
ustev ustev is offline
Member
 
Join Date: Jul 2009
Posts: 19
Default

Oo this is good news indeed! Thanks alot oxident i will replace the dongle asap...

And here is the dumps i created please take a look...
Attached Files
File Type: zip dumps.zip (4.4 KB, 26 views)

Last edited by ustev : 12-20-2012 at 10:12 AM.
Reply With Quote
  #8  
Old 12-20-2012, 10:31 AM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,234
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

may be your dongle is spro256, upro256, sdhk
__________________
... Either you work well or you work much ....
Reply With Quote
  #9  
Old 12-20-2012, 11:03 AM
kjms kjms is offline
Senior Member
 
Join Date: Aug 2009
Posts: 336
Default

wp is missing
Code:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\MultiKey\Dumps\000067F6]
"Name"="Sentinel SuperPro 67F6"
"Copyright"="None"
"Created"="Sun Dec 02 20:30:10 2012"
"DongleType"=dword:00000003
"Type"=dword:00000001
"Option"=hex:02,00,03,80,7F,00,00,00
"CellType"=hex:\
01,01,03,03,03,01,03,01,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
03,03,01,01,01,00,00,00
"sntMemory"=hex:\
06,32,F6,67,00,00,00,00,00,00,00,00,29,6E,11,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
63,6A,6B,6C,78,3B,77,7A,C3,3E,76,66,C9,21,70,6F,\
34,32,F0,3A,33,30,30,27,61,38,2D,30,69,66,F5,78,\
A0,77,DE,55,72,6A,67,76,3F,69,7D,79,E5,61,42,69,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
09,26,3D,EE,80,90,DC,17,00,00,00,00,00,00,00,00
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.