[ketan]

as a tradition, hasp envelope util ( sdk v11.0 and below ) hook following functions from importe table...

KERNEL32.DLL!GetProcAddress
KERNEL32.DLL!ExitProcess

in order to increse level of obfuscation, hasp envelope util ( sdk v12.0 and onwards ) started to hook many more functions from important system dlls,

KERNEL32.DLL
USER32.DLL
ADVAPI32.DLL
SHELL32.DLL

and more...

internally, each iat function is assigned unique # and it is mapped into a bit table indicating it is hooked or not ( ie. 1 bit per iat function )

so in order to successfully recover full iat with valid functions,
one must find a code location in .protect section of hasp envelope where this test is performed, and if we patch it in manner that no function is hooked,
we can easy recover needed information.

note: with such trick, still above mentioned two functions need to be corrected!

on the rainbow sentinel part, the envelope is pretty simple and straight
it contains no obfuscation as such except very well developed big switch/case kinda structure and pcode format ( documented on CrackZ pages w/o proper respect given to it's author ie. me! )

Thanks...