Reverse Engineering Team
Unregistered, You must accept the Forum Rules below to be able to use some forum functions.

Read forum rules below...

1. All posts must be written in English.
2. Don't spam/abuse any other member via E-mail or Private Messages.
3. Have phun!

For breaking above rules you may be warned/banned appropriately!

Emulating Hasp HL Max

View previous topic View next topic Go down

Emulating Hasp HL Max

Post by fox_coder on Thu May 19, 2011 5:07 pm

Dumping Hasp HL keys

How can be emulated hasp HL max [You must be registered and logged in to see this link.] . It works of course for Pro and Time.

What we need:

* a key
* dumper – i used h5dmp.exe
* TORO hasp monitor
* Sataron’s UniDMP2reg convertor
* emulator – i used Chingachguk vusb emulator


1. So at first, install dongle drivers, connect a dongle, run Toro monitor.
2. start your protected application and used it.
3. in TORO monitor you will see password for your key and memory of your dump. So use your protected software as usual, try to open all menus and dialogs, use every function …
4. Save log file, and save log file.
5. use dumper and dump the key. Result will be – two files hasp.dmp (about 790 B in my case) and hhl_mem.dmp (about 4 KB).
6. then use Sataron’s Unidump2reg and make a reg file (use vUSB Hasp HL option). You can edit this regfile and change licensing of your program (if it uses – hl max can be used for 112 programs)
7. And now the most important thing. Hasp HL uses enveloping technology with 128-bit AES symmetric encryption engine on key.

In TORO log we will find pairs. They can be found in the pairs window too.

Instructions can look like this one:

Code:

HaspHL In:> Hasphl_decrypt, Length=32
Data:
4284 ... ... ... 84ADA4 – It is a question for hash key
HaspHL Out:> Hasphl_decrypt Status=0 (0x0)
Response:
8222 ... ... ... 84ADA4 – And the key respond – it is his answer

(I remove part of code)
So what we will do with it? We will do Q/A table. This is Questions and Answers table in reg file. I added it on the end of file.

Data or question of IN – write in Qtable
Response or answer or OUT – write in Atable
Data shoul be write in pairs like these: 4284 ... ... ... 84ADA4 should be write: 42,84, ... ... ... 84,AD,A4

The end of regfile shoul look:

Code:

... regfile

"QTable"=hex:\
42,84,... 84,AD,A4,\


"ATable"=hex:\
82,22,C2 ... 84,AD,A4,\

Your program can use only one Q/A or too many. You must add them all. Then you can save your regfile.


8. Add reg file into registry
9. unplug your dongle
10. Install Chingachguk & Denger emulator, vusbbus.sys must be 0.15 or above. If all went fine, new device Hasp HL was found.
11. Your program should run

I hope, this text will help.

Vusb 0.15.1.4 can handle encrypt function too.

For a large Q/A pairs from Toro Emulator, you can use splitter.
Attached Files
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

fox_coder
Admin
Admin

Posts : 12
Points : 41
Reputation : 6
Join date : 2010-09-11

http://exetools.team-talk.net

Back to top Go down

Re: Emulating Hasp HL Max

Post by avatar on Wed Nov 09, 2011 10:22 pm

Fox,

I have such a dongle and a very protected software. I have had several people with experience look at it and each have reached different levels of success but none can git it to a usable state. Can I send you the program and the dongle info in hopes you can give it an attempt?


avatar

Posts : 1
Points : 1
Reputation : 0
Join date : 2011-11-09

Back to top Go down

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum