Reverse Engineering Team
Unregistered, You must accept the Forum Rules below to be able to use some forum functions.

Read forum rules below...

1. All posts must be written in English.
2. Don't spam/abuse any other member via E-mail or Private Messages.
3. Have phun!

For breaking above rules you may be warned/banned appropriately!

Dinkey dump and emulation (and training)

View previous topic View next topic Go down

Dinkey dump and emulation (and training)

Post by cicciosprint on Thu Jul 24, 2014 5:37 am

Hello everyone!
I received a software protected with a Dinkey (presumably 1S) and, although it works flawlessly, I would like to delve a bit deeper in dongle protection - moreover I am designing a security system myself, so it turns out useful.

I have used the nodongle script to dump its internal memory, obtaining the serial, key value and memory content, gotten Multikey with its license and I have two (and half) questions:
1) is there a copy of Dink2Mk still up and available to us mere mortals?
2) is it enough to have the system up and running and available for testing?
half) are there docs out there outlining the dongle's inner workings, implementation and anti-debugging techniques?

Thanks!

cicciosprint

Posts : 4
Points : 6
Reputation : 0
Join date : 2014-07-23

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by ovis25 on Thu Jul 24, 2014 11:57 am

Dink2mk:

[You must be registered and logged in to see this link.]

Post dump and soft here.

ovis25

Posts : 421
Points : 711
Reputation : 110
Join date : 2014-06-07
Location : reversing.ro

http://reversing.ro

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by BfoX on Thu Jul 24, 2014 12:58 pm

tell us the software name

BfoX

Posts : 917
Points : 1201
Reputation : 226
Join date : 2012-04-18
Location : Earth

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by cicciosprint on Fri Jul 25, 2014 2:47 am

The software is nevrokard.
I converted the dump, plugged it into the emulator and it runs as expected in isolation mode.
I noticed the dump data, when converted into the reg file, is byteswapped, is that an added security layer or just the dumper tool?
Also, are there any public docs on dongle encryption, if any? I am curious to run a relative search for the license data, which seems to be in a separate data chunk after a series of 5a4d's (assuming the first chunk stands for the key, however any change breaks the licensing. Does dinkey also store a checksum of its content?

cicciosprint

Posts : 4
Points : 6
Reputation : 0
Join date : 2014-07-23

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by BfoX on Fri Jul 25, 2014 12:38 pm

dinkey have many tricks like check sum, seh, etc.
the dongle memory context also include version number, time of expirity, number of run. all ciphered.

show the dongle dump here or pm

BfoX

Posts : 917
Points : 1201
Reputation : 226
Join date : 2012-04-18
Location : Earth

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by cicciosprint on Mon Jul 28, 2014 7:06 am

Thanks for the info, Bfox. I will contact you in pm for more info.
I am sure the data is somehow checked against a checksum as the first data chunk contains two series of bytes that differ for a single byte.
Are there any signature packs around for disassembling a dinkey protected sw?

cicciosprint

Posts : 4
Points : 6
Reputation : 0
Join date : 2014-07-23

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by freeart on Tue Jul 29, 2014 9:05 am

I changed the date in the dongle. 
  ddlook.exe tells me "no limit" 
but the software always gives me the same date "Expires: 08/01/2015" why? 
I read in the sdk but I did not find what to change 

Who can help me

freeart

Posts : 25
Points : 37
Reputation : -1
Join date : 2012-09-29

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by BfoX on Wed Jul 30, 2014 1:09 am

ddlook.exe tells you "no limit" only for run the software with dongle shell

BfoX

Posts : 917
Points : 1201
Reputation : 226
Join date : 2012-04-18
Location : Earth

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by freeart on Wed Jul 30, 2014 3:22 am

DINKVALUE =4abf93ba

EFD033C7C20CAF98A8186B41FEC47763 = NO LIMIT
EFD437CBCE00AB94A898EBC17E4477E3 = Expires: 2015-08-01


execs 2 word No. of executions left

exp_day 1 byte expiry day
exp_month 1 byte expiry month
exp_year 2 word expiry year

feature 4 int feature


AND CORRECT? 

OR MISSING SOME TYPE

freeart

Posts : 25
Points : 37
Reputation : -1
Join date : 2012-09-29

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by BfoX on Wed Jul 30, 2014 7:11 am

@freeart: may be correct, may be missing some type. who care =)
i waiting your time expire

BfoX

Posts : 917
Points : 1201
Reputation : 226
Join date : 2012-04-18
Location : Earth

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by freeart on Tue Aug 05, 2014 3:47 am

Ho anche ansioso di 
Spero di trovare la medicina 
o si aspettano calo dei prezzi 
crittografia che utilizza il controllo di copia 
?

freeart

Posts : 25
Points : 37
Reputation : -1
Join date : 2012-09-29

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by CC-Dark on Sat May 16, 2015 5:11 am

send dump data to here

CC-Dark

Posts : 13
Points : 17
Reputation : 0
Join date : 2014-04-11

Back to top Go down

Re: Dinkey dump and emulation (and training)

Post by Sponsored content


Sponsored content


Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum