Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 08-16-2005, 16:56
Elickson
 
Posts: n/a
Unhappy Trace new hasp protected program

I have a prog protected by TimeHasp4. In recently update, I found some changes in this prog. You can't find the famous 'cmp bh, 32h' trademark, and you can't find the text '_TEXT_HA' in PE header. Hasp doesn't use AX,BX,CX,DX to transfer keys anymore.
Reply With Quote
  #2  
Old 08-16-2005, 21:01
sope2001
 
Posts: n/a
Code:
: 8B4528       mov         eax,[ebp][28]              
: 50           push        eax       	   ; EDX
: 8B4524       mov         eax,[ebp][24]              
: 50           push        eax             ; ECX
: 8B4520       mov         eax,[ebp][20]              
: 50           push        eax             ; EBX
: 8B451C       mov         eax,[ebp][1C]              
: 50           push        eax             ; EAX
: 8B4518       mov         eax,[ebp][18]              
: 50           push        eax             ; Pwd1
: 8B4514       mov         eax,[ebp][14]              
: 50           push        eax             ; Pwd2
: 8B4510       mov         eax,[ebp][10]              
: 50           push        eax                        
: 8B450C       mov         eax,[ebp][0C]              
: 50           push        eax                        
: 8B4508       mov         eax,[ebp][08]
: 50           push        eax             ; Services     
: E8D92E0000   call       .010003FB3       ; Call _Hasp
: 83C424       add         esp,024 	  ; Search pattern 83 C4 24 5F 5E
: 5F           pop         edi                        
: 5E           pop         esi                        
: 5B           pop         ebx
Pay attention to the stack ...Sope
Reply With Quote
  #3  
Old 09-05-2005, 09:05
Elickson
 
Posts: n/a
Talking

I'm so lazy, that I haven't traced it till now.
I replaced codes of your posting by the old version of hasp routine, and old emulation routine works for me without any fixing.
Quote:
Originally Posted by sope2001
Code:
: 8B4528       mov         eax,[ebp][28]              
: 50           push        eax       	   ; EDX
: 8B4524       mov         eax,[ebp][24]              
: 50           push        eax             ; ECX
: 8B4520       mov         eax,[ebp][20]              
: 50           push        eax             ; EBX
: 8B451C       mov         eax,[ebp][1C]              
: 50           push        eax             ; EAX
: 8B4518       mov         eax,[ebp][18]              
: 50           push        eax             ; Pwd1
: 8B4514       mov         eax,[ebp][14]              
: 50           push        eax             ; Pwd2
: 8B4510       mov         eax,[ebp][10]              
: 50           push        eax                        
: 8B450C       mov         eax,[ebp][0C]              
: 50           push        eax                        
: 8B4508       mov         eax,[ebp][08]
: 50           push        eax             ; Services     
: E8D92E0000   call       .010003FB3       ; Call _Hasp
: 83C424       add         esp,024 	  ; Search pattern 83 C4 24 5F 5E
: 5F           pop         edi                        
: 5E           pop         esi                        
: 5B           pop         ebx
Pay attention to the stack ...Sope
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
how to trace a program exception? rcer General Discussion 6 01-16-2017 07:31
is it possible to crack HASP protected program without the dongle? jonwil General Discussion 12 04-22-2014 13:14
How to unpack DOS program working in protected mode? rootra General Discussion 7 05-24-2004 17:28


All times are GMT +8. The time now is 13:26.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )