| Сейчас на форуме: rmn (+1 невидимый пользователь) |
 |
eXeL@B —› WorldWide —› Finding out Serial Number of SSP Dongle |
| Посл.ответ | Сообщение |
|
|
Создано: 07 февраля 2008 14:11 · Поправил: vernon · Личное сообщение · #1 I have an old version of a dongle protected app. I was able to download a new version but when i run the program, It says "dongle is not authorised for this program". I understand that the app wont run using a dongle that has different serial number than the one that it was programmed with. I intend to find the serial number of the dongle using ida and then emulate the dongle using toro and from there i can prepare the dng file using edge solver. can any one point me to the right direction? I only need to find the serial number of the dongle to which this version of the program work with. Thanks.  |
|
|
Создано: 07 февраля 2008 14:27 · Личное сообщение · #2 maybe they changed devid in the new version? also serial or something like it can be stored in the dongle's memory. |
|
|
Создано: 07 февраля 2008 15:14 · Поправил: vernon · Личное сообщение · #3 devID is the same, i was able to see that clearly using IDA. what i need to know is how to see the serial number in IDA. Toro Monitor says the program used rnbosproread, but i have read from somewhere that it is not doable. |
|
|
Создано: 07 февраля 2008 17:09 · Личное сообщение · #4 vernon: but i have read from somewhere that it is not doable what not doable? calling rnboSproRead() ? |
|
|
Создано: 07 февраля 2008 17:21 · Личное сообщение · #5 reading cell 0 using rnboSproRead that is |
|
|
Создано: 07 февраля 2008 19:15 · Личное сообщение · #6 yes, it is not possible. but 'serial' is not necessary == devid. it can be stored in any cell - whatever application developers decided to use. |
|
|
Создано: 08 февраля 2008 09:00 · Личное сообщение · #7 thank you for confirming that it is not possible. it is always a pleasure having reply from you. in my case, serial is as important as devID because the program wont work if the serial number is not the same as the dongle that the developer has programmed it with. cell00 = FF66 cell2A = FF86 cell2B = A000 changing values of any of this cells would invalidate the dongle. i believe that the program is able to check serial number in cell00 to check the values in the other two cells and vice versa. my question now is why TORO monitor is telling me that cell 00 was read using rnbosproread? and TORO actual could display dongle serial number. |
|
|
Создано: 09 февраля 2008 13:36 · Личное сообщение · #8 can anyone please advise how i could brute force the serial number using toro as emulator? |
|
|
Создано: 09 февраля 2008 21:26 · Личное сообщение · #9 I was wrong saying that you cannot read cell 0. here's the extract from SentinelSP Developer's Guide: Cell Contents Readable? 00 Key serial number; sequentially assigned per key Yes 01 Developer ID; unique to your company/product. Yes 02 – 07 Reserved for use by Rainbow Technologies. No you can try disassembling the file using IDA, when applying sentinel signature to find rnboSproRead() calls |
|
|
Создано: 10 февраля 2008 16:29 · Личное сообщение · #10 i did disassemble the program using IDA applying sentinel signatures. i run search in IDA for rnboSproRead but calls does not contain the Serial Number. I also have driverstudio with softICE could you tell me where i should put my breakpoint so i could see the serial number on memory. if it is not possible.. please say so and i will stop. thanks |
|
|
Создано: 10 февраля 2008 19:31 · Личное сообщение · #11 it is not possible |
|
|
Создано: 10 февраля 2008 21:15 · Поправил: ssx · Личное сообщение · #12 = |
|
|
Создано: 11 февраля 2008 05:41 · Личное сообщение · #13 thanks for the help and attention |
|
eXeL@B —› WorldWide —› Finding out Serial Number of SSP Dongle |
Для печати