#16
|
|||
|
|||
Hasp SRM
If you have dongle then here is many hints availble for unpacked the hasp SRM Protection.
|
#17
|
||||
|
||||
|
#18
|
||||
|
||||
this looks decrypted usbtrace log..Is this based on hasp4 en/decrypt(cipher) function?
|
#19
|
|||
|
|||
IMO this is more like dll function hooking/monitoring/logging.
|
#20
|
|||
|
|||
hi
i have a dump file and log file for tems 10
can help me to emul it thanks |
#21
|
||||
|
||||
http://www.unpack.cn/thread-68333-1-1.html
HASP HL Envelope Recent study of HASP HL Envelope in the shelling, the search to a nice HASP HL Envelope IAT Fixer, has been successfully used to repair my program IAT. Original author of s0cpy. lostdongle in the online issue of the shelling of a hasp srm video, which with the hasp srm Envelope iat fixer and the same, just to "find prtc_sec, # FFFF82D18BE55DC3 #", was revised to: "find prtc_sec, # 66C1E7?? 5E5B8BE566C1E6?? 5DC3 # ", the need to hasp srm Envelope version to modify. This code corresponds to the position of a retn (. Protect section), where there is a need to restore esp in the API function's address. /* ///////////////////////////////////////////////////////////////////////////////// HASP_HL Envelop 1.2x/1.3x import resolver script v0.1a Author: s0cpy Email : s0cpy.store@gmail.com OS : WinXP SP2, Ollydbg 1.1, ODbgScript 1.65.4 Date : 2008-01-12 Action: Fix IAT, but not fix emulated functions. Config: Ignore all exceptions, start from OEP. Some emulated functions need to be resolved manually: GetCommandLineA GetProcAddress GetCurrentProcess GetStartupInfoA GetCurrentProcessId GetCurrentThreadId ///////////////////////////////////////////////////////////////////////////////// */ var prtc_sec var iat_cell var ss var es var gtc var endp var iatstart var iatend var gtc_c var sysmod gpa "GetTickCount", "kernel32.dll" mov gtc, $RESULT ask "Enter start code section address" cmp $RESULT, 0 je @halt mov ss, $RESULT mov es, $RESULT ask "Enter start address of IAT" cmp $RESULT, 0 je @halt mov iatstart, $RESULT ask "Enter end address of IAT" cmp $RESULT, 0 je @halt mov iatend, $RESULT ask "Enter start address of `.protect` section" cmp $RESULT, 0 je @halt mov prtc_sec, $RESULT ask "Enter start address of system modules memory" cmp $RESULT, 0 je @halt mov sysmod, $RESULT @end_point: find prtc_sec, #66C1E7??5E5B8BE566C1E6??5DC3# mov endp, $RESULT add endp, 4 bphws endp, "x" @search: cmp iat_cell, iatend je @halt mov iat_cell, iatstart cmp [iatstart], 00000000 add iatstart, 4 je @search cmp [iat_cell], sysmod ja @search @scan: mov eip, [iat_cell] jmp @run @count: inc gtc_c cmp gtc_c, 2 je @fix @run: run sti sti sti cmp eip, gtc je @count cmp gtc_c, 0 je @search @zero_c: mov gtc_c, 0 @fix: mov [iat_cell], eip cmp iat_cell, iatend je @halt jmp @search @halt: bphwc endp mov eip, oep an eip pause ret |
#22
|
|||
|
|||
Dumper v.1.0
Sentinel HASP (HASP SRM) Dumper v.1.0 (public)
build on (22:00:22 Jul 23 2011) |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
HASP API | ivanov | General Discussion | 1 | 11-16-2004 07:10 |