Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 12-26-2009, 10:40 AM
Git Git is offline
Super Moderator
 
Join Date: Oct 2007
Location: Torino
Posts: 1,797
Default SafeDump V1.28

Remove the ".zip" from each filename to leave SafeDump128.part1.rar and SafeDump128.part2.rar

SafeDump V1.28 18 October 2009

NOTE : This utility needs V7.5.0 or later of the Sentinel drivers, "Sentinel Protection Installer 7.5.0.exe"

SafeDump dumps data from Sentinel dongles of the SuperPro family, including SuperPro XM and Sentinel Dual Hardware Key in SuperPro emulation mode, but not UltraPro. It saves data in the familiar format used by PVA V3.3 dumper. It has two main new features compared to earlier dumpers. Firstly it gives a full summary of the dongle's info with the later extended info command. Secondly, it interrogates that info for the presence of a Password Counter and will NOT attempt to bruteforce the Write Password if it detects that the dongle is protected by a Password Counter. So in order to find the Write Password by brute force, two things must happen : you must provide 'wp' or 'WP' as the second parameter, AND the dongle must report that it does NOT have a Password Counter. Only then will brute force be attempted. This makes it much much safer to find WP than with a normal dumper. However, things can go wrong, programs can have bugs, so you use this program completely at your own risk. No liability will be accepted for broken dongles or any other damage. The program has been tested on 32bit and 64bit Windows. If you find any problems, please report them on RETB or Exetools. Please give full details of what you were doing and what did ot did not happen that you think is an error. The clearer your error report, the sooner the bug gets fixed.

Usage :

Code:
SafeDump 0xDevID [wp]
0xDevID : Attempts to dump the dongle with the given hexadecimal DevID
wp      : Checks if the dongle has Password Counters, if it does NOT have the
          counters then attempts to find the WP of the dongle by brute force.
Output files. The output file is a binary file consisting of 64 bytes of Access Code info, 128 bytes of Cell data info, and 4096 bytes for each Algo cell representing 1024 DWORDs per Algo cell.

The utility is a 32 bit command line program and returns the following values for use in a batch file :

OK
00 : Success

Fatal
05 : Incorrect input parameters
10 : DevID incorrectly formatted
15 : DevID incorrectly formatted
20 : RNBOsproFormatPacket failed with <error code>
25 : RNBOsproInitialize failed with <error code>
30 : RNBOsproSetContactServer failed with <error code>
35 : RNBOsproFindFirstUnit failed with <error code>
40 : RNBOsproGetKeyType failed
45 : Key family is UltraPro
50 : Key family is UNKNOWN
55 : Key form is UNKNOWN
60 : RNBOsproGetKeyInfoEx failed
65 : Dongle is not a SuperPro, program will quit
70 : Could not open dump file <filename> for writing
75 : Error writing Access Codes to dump file <filename>
80 : Error writing Cell Data to dump file <filename>
85 : RNBOsproQuery reports error <error code>

Warning
100 : Unable to find WP
105 : Not safe to find WP, brute force not executed


The program will report Usage information if it's name is typed with no parameters, or a single parameter of /?, ?, -?, /h, h, or -h


Example session :

Code:
D:\DEV\safedump\release>safedump 0x1234
  Key family is         = SuperPro
  Key form is           = USB
  Key has               = 256 cells
  serverName            = 0
  serverIPAddress       = 0
  serverIPXAddress      = 0
  version               = 7.5.0
  protocol              = NONE
  devId                 = 0x1234
  serialNum             = 0x4321
  capabilities          = SP_CAPS_AES_ALGO
  capabilities          = SP_CAPS_PASSWORD_COUNTER  ****!! DO NOT BRUTEFORCE WP !!****
  capabilities          = SP_CAPS_SECURE_TUNNEL
  capabilities          = SP_CAPS_DISABLE_DEVICE_SHARING
  hardLimit             = 3
  inUse                 = 0
  numTimeOut            = 0
  highestUse            = 0
  subLicLimit           = 0
  subLicInUse           = 0


Processing dongle 1234
Finding cell data...
Found 2 Query cells
cell = 0x30
cell = 0x3e
Working..
Done

Git
Attached Files
File Type: zip SafeDump128.part1.rar.zip (78.1 KB, 1510 views)
File Type: zip SafeDump128.part2.rar.zip (42.7 KB, 1165 views)
Reply With Quote
  #2  
Old 12-26-2009, 11:08 AM
diegotorres diegotorres is offline
Member
 
Join Date: Dec 2008
Posts: 39
Thumbs up Thanks

Quote:
Originally Posted by Git View Post
SafeDump V1.28 18 October 2009
Gift thank you very much. Excellent contribution.

Regards,

Diego
Reply With Quote
  #3  
Old 12-26-2009, 11:23 AM
lumm-6 lumm-6 is offline
Junior Member
 
Join Date: Dec 2009
Posts: 2
Default

[And thank you for the WORST QUOTING ever seen on this forum. Please DO NOT quote whole messages - think about it - the original message is right in front of our eyes - why do we need to see it twice?]

thank you very much. .

Last edited by Git : 12-26-2009 at 12:49 PM.
Reply With Quote
  #4  
Old 12-26-2009, 11:40 AM
benito benito is offline
Senior Member
 
Join Date: Jul 2007
Posts: 685
Default

Jesus are all new users crazy??? Why do you quote whole message??
Thanks Git, your work is always excellent.
Reply With Quote
  #5  
Old 12-26-2009, 12:39 PM
yogi_saw yogi_saw is offline
Senior Member
 
Join Date: May 2009
Posts: 533
Default

Tnx git i really needed this one tnx a lot 4 sharing
Reply With Quote
  #6  
Old 12-26-2009, 12:43 PM
gus gus is offline
Senior Member
 
Join Date: Nov 2007
Posts: 331
Default

thanks git , test today
Reply With Quote
  #7  
Old 12-26-2009, 12:46 PM
Xilefarte Xilefarte is offline
Senior Member
 
Join Date: Dec 2007
Posts: 50
Default

thanks for sharing
Reply With Quote
  #8  
Old 12-26-2009, 12:52 PM
kiki kiki is offline
Senior Member
 
Join Date: Jun 2007
Posts: 186
Thumbs up

thanks you!
Reply With Quote
  #9  
Old 12-26-2009, 12:59 PM
Git Git is offline
Super Moderator
 
Join Date: Oct 2007
Location: Torino
Posts: 1,797
Default

Just for interest, if you see this capability : SP_CAPS_AES_ALGO it means the dongle is capable of using AES Encryption for the Cell Algo, just like UltraPro and SHK does. If you also see an Access Code of 7 for the query cells rather than 3, it means that cell is actually using the AES Encryption and there is no way your normal solvers can find the Descriptor. Also, most normal emulators cannot emulate it.

Git
Reply With Quote
  #10  
Old 12-26-2009, 01:10 PM
gus gus is offline
Senior Member
 
Join Date: Nov 2007
Posts: 331
Default

i try dump and error :

safedump 0xdevid

RNBOsproFindFirstUnit failed with 3

sentinel driver 7.5 and update 7.6

ssdump and pva dump ok

thanks

EDIT: other sentienl same error , GIT please solution for this error?

Last edited by gus : 01-28-2010 at 07:27 AM.
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2021, Jelsoft Enterprises Ltd.