Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 07-31-2012, 10:16 AM
nedgraphics nedgraphics is offline
Member
 
Join Date: Jun 2008
Posts: 26
Default hardlock for win7 64bit

I use multikey system to emulate my program.
my multikey.sys version is 0.18.0.3.
who can help to convert from dmp to register file running under
win7 operating system. attached dmp file.
Attached Files
File Type: zip dmp.zip (2.5 KB, 40 views)
Reply With Quote
  #2  
Old 07-31-2012, 10:42 AM
kjms kjms is offline
Senior Member
 
Join Date: Aug 2009
Posts: 336
Default

save as reg
Code:
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\MultiKey\Dumps\000075E4]
"Name"="HARDLOCK (new) dump"
"DongleType"=dword:00000002
"ID"=dword:517197EA
"withMemory"=dword:00000001
"Seed1" =dword:000011F6
"Seed2" =dword:0000CD52
"Seed3" =dword:00009C61
"HlkMemory"=hex:\
           F0,C5,F5,AC,DC,3E,F6,41,D1,A6,A2,86,57,31,9D,9C,\
           01,2D,9F,60,CE,3D,80,ED,A9,85,71,36,DF,6A,1D,57,\
           A9,85,71,36,DF,6A,1D,57,A9,85,71,36,DF,6A,1D,57,\
           A9,85,71,36,DF,6A,1D,57,00,00,00,00,00,00,00,00,\
           00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
           0F,DE,1D,1C,06,00,00,00,00,00,16,00,0E,DA,F6,0F,\
           Ec,EE,00,00,00,00,FF,FF,FF,FF,FF,00,00,00,00,00,\
           20,E1,ED,A1,DD,17,1E,12,00,00,13,C7,C2,A9,29,6D
Reply With Quote
  #3  
Old 07-31-2012, 11:45 AM
nedgraphics nedgraphics is offline
Member
 
Join Date: Jun 2008
Posts: 26
Default

why i t is same as winxp 32bit register file.

Last edited by Git : 08-01-2012 at 07:31 AM.
Reply With Quote
  #4  
Old 07-31-2012, 02:32 PM
BfoX BfoX is offline
Senior Member
 
Join Date: Aug 2007
Posts: 2,234
Send a message via ICQ to BfoX Send a message via MSN to BfoX Send a message via Yahoo to BfoX
Default

=) why is not?
__________________
... Either you work well or you work much ....
Reply With Quote
  #5  
Old 08-01-2012, 12:38 AM
nedgraphics nedgraphics is offline
Member
 
Join Date: Jun 2008
Posts: 26
Default

understand it. very thanks
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.