#1
|
|||
|
|||
Trace new hasp protected program
I have a prog protected by TimeHasp4. In recently update, I found some changes in this prog. You can't find the famous 'cmp bh, 32h' trademark, and you can't find the text '_TEXT_HA' in PE header. Hasp doesn't use AX,BX,CX,DX to transfer keys anymore.
|
#2
|
|||
|
|||
Code:
: 8B4528 mov eax,[ebp][28] : 50 push eax ; EDX : 8B4524 mov eax,[ebp][24] : 50 push eax ; ECX : 8B4520 mov eax,[ebp][20] : 50 push eax ; EBX : 8B451C mov eax,[ebp][1C] : 50 push eax ; EAX : 8B4518 mov eax,[ebp][18] : 50 push eax ; Pwd1 : 8B4514 mov eax,[ebp][14] : 50 push eax ; Pwd2 : 8B4510 mov eax,[ebp][10] : 50 push eax : 8B450C mov eax,[ebp][0C] : 50 push eax : 8B4508 mov eax,[ebp][08] : 50 push eax ; Services : E8D92E0000 call .010003FB3 ; Call _Hasp : 83C424 add esp,024 ; Search pattern 83 C4 24 5F 5E : 5F pop edi : 5E pop esi : 5B pop ebx |
#3
|
|||
|
|||
I'm so lazy, that I haven't traced it till now.
I replaced codes of your posting by the old version of hasp routine, and old emulation routine works for me without any fixing. Quote:
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
how to trace a program exception? | rcer | General Discussion | 6 | 01-16-2017 07:31 |
is it possible to crack HASP protected program without the dongle? | jonwil | General Discussion | 12 | 04-22-2014 13:14 |
How to unpack DOS program working in protected mode? | rootra | General Discussion | 7 | 05-24-2004 17:28 |