Reverse Engineering Team
Unregistered, You must accept the Forum Rules below to be able to use some forum functions.

Read forum rules below...

1. All posts must be written in English.
2. Don't spam/abuse any other member via E-mail or Private Messages.
3. Have phun!

For breaking above rules you may be warned/banned appropriately!

HASP HL hardware emulator MCU

View previous topic View next topic Go down

HASP HL hardware emulator MCU

Post by Coyote on Thu Apr 03, 2014 2:57 pm

Hi,

Does anyone tried to emulate HASP with some hardware key like STM32 Discovery? Where can I find functions and traffic sniff over USB?
I would try to implement functions (HL_Login, HL_Code, HL_READ, HL_READBL....) directly in MCU STM32 with usb. There aare examples how to make a HID device like mouse, joystick,etc..


I think its not too complicated to make MCU board to appear like HASP HL in USB decriptor  (USB descriptor dumper ) , then a dongle should recognize all functions and send back result like true one.


Has somebody thinking about this way?

Coyote

Posts : 8
Points : 13
Reputation : 1
Join date : 2014-04-03

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by ngoksun on Mon May 19, 2014 7:09 am

Yes, I had did it success. It work fine just like original. But just for old HASP4/Hardlock that publiced algo.

ngoksun

Posts : 4
Points : 4
Reputation : 0
Join date : 2014-05-17

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by Coyote on Fri Dec 18, 2015 7:13 pm

Is there a possibility to get this source code?

Coyote

Posts : 8
Points : 13
Reputation : 1
Join date : 2014-04-03

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by ovis25 on Sat Dec 19, 2015 11:34 am

Don't understand you how do you plan to make this, algo is unknown and emulators use Q-A table emulation.
You can extract data from firmware?
Sure buy src for emulators.

ovis25

Posts : 433
Points : 731
Reputation : 112
Join date : 2014-06-07
Location : reversing.ro

http://reversing.ro

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by Coyote on Sat Dec 19, 2015 6:46 pm

Don't know about Q-A tables, but if the emulator runs on PC it can also run in MCU, much simpler.

Coyote

Posts : 8
Points : 13
Reputation : 1
Join date : 2014-04-03

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by Coyote on Wed Dec 23, 2015 3:42 pm

OK so far so good, now the PC recognizes the dongle. It is still empty, but at least it is enumerated as the real one:

The question is: where can I find a source code to implement emulation with Q/A table? Or any other stuff about the emulation methods?

Code:
Information for device HASP HL 3.25 (VID=0x0529 PID=0x0001):
*** ERROR: Descriptor has errors! ***
Connection Information:
------------------------------
Connection status: Device connected
Device actual bus speed: Full
Device is hub: No
Device adress: 0x0003
Current configuration value: 0x01
Number of open pipes: 0
Device Descriptor:
------------------------------
0x12 bLength
0x01 bDescriptorType
0x0200 bcdUSB
0xFF bDeviceClass   (Vendor specific)
0x00 bDeviceSubClass  
0x00 bDeviceProtocol  
0x08 bMaxPacketSize0   (8 Bytes)
0x0529 idVendor
0x0001 idProduct
0x0325 bcdDevice
0x01 iManufacturer   "AKS"
0x02 iProduct   "HASP HL 3.25"
0x00 iSerialNumber
0x01 bNumConfigurations
Hex dump:
0x12 0x01 0x00 0x02 0xFF 0x00 0x00 0x08 0x29 0x05
0x01 0x00 0x25 0x03 0x01 0x02 0x00 0x01
Configuration Descriptor:
------------------------------
0x09 bLength
0x02 bDescriptorType
0x0014 wTotalLength
0x01 bNumInterfaces
0x01 bConfigurationValue
0x00 iConfiguration
0x80 bmAttributes   (Bus-powered Device)
0x19 bMaxPower   (50 mA)
Hex dump:
0x09 0x02 0x14 0x00 0x01 0x01 0x00 0x80 0x19
Interface Descriptor:
------------------------------
0x09 bLength
0x04 bDescriptorType
0x00 bInterfaceNumber
0x00 bAlternateSetting
0x00 bNumEndPoints
0xFF bInterfaceClass   (Vendor specific)
0x00 bInterfaceSubClass  
0x00 bInterfaceProtocol  
0x00 iInterface
Hex dump:
0x09 0x04 0x00 0x00 0x00 0xFF 0x00 0x00 0x00
*** ERROR: Remaining descriptor data is too small (Less or equal to 2 Bytes)String Descriptor Table
--------------------------------
Index  LANGID  String
0x00   0x0000  0x0409
Hex dump:
0x04 0x03 0x09 0x04
0x01   0x0409  "AKS"
Hex dump:
0x08 0x03 0x41 0x00 0x4B 0x00 0x53 0x00
0x02   0x0409  "HASP HL 3.25"
Hex dump:
0x1A 0x03 0x48 0x00 0x41 0x00 0x53 0x00 0x50 0x00
0x20 0x00 0x48 0x00 0x4C 0x00 0x20 0x00 0x33 0x00
0x2E 0x00 0x32 0x00 0x35 0x00
0xEE   0x0000  Request failed with 0x0000001F
Hex dump:
------------------------------
Whole Device Descriptor as hex dump:
0x12, 0x01, 0x00, 0x02, 0xFF, 0x00, 0x00, 0x08, 0x29, 0x05,
0x01, 0x00, 0x25, 0x03, 0x01, 0x02, 0x00, 0x01
Whole Configuration Descriptor as hex dump:
0x09, 0x02, 0x14, 0x00, 0x01, 0x01, 0x00, 0x80, 0x19, 0x09,
0x04, 0x00, 0x00, 0x00, 0xFF, 0x00, 0x00, 0x00, 0x02, 0xFF

------------------------------
Connection path for device:
Intel(R) 6 Series/C200 Series Chipset Family USB Enhanced Host Controller - 1C26
Root Hub
Generic USB Hub
HASP HL 3.25 (VID=0x0529 PID=0x0001)
Brought to you by TDD v1.83.0, Mar  7 2014, 14:22:05

Coyote

Posts : 8
Points : 13
Reputation : 1
Join date : 2014-04-03

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by BfoX on Thu Dec 24, 2015 2:09 pm

Coyote wrote:The question is: where can I find a source code to implement emulation with Q/A table? Or any other stuff about the emulation methods?

aes128 source and vusb-based source help u, may be =)

BfoX

Posts : 942
Points : 1233
Reputation : 229
Join date : 2012-04-18
Location : Earth

Back to top Go down

Re: HASP HL hardware emulator MCU

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum