MultiKey Hasp4 Request

[mhafez]

Dear all,

I'm newbie to your (our if I'm accepted to be one of you) respectful forum and I've been reading for a week or two now and I've succeeded to dump and emulate a HARDLOCK dongle using Multikey.

Now, I want to emulate another key but this one is HASP4 M1 and the problem lies in the monitoring stage, when I try to monitor it using Toro Aladdin Dongles Monitor the program give error that the connected dongle is not a proper one and toro monitor shows nothing.
And using haSploGer can not see the dongle at all also but the program works OK.

I've read in the forum that this because the program may have anti-debug protection or something similar.

Anyway, Now I have dumped the dongle using h5dmp.exe but I can not get the EStruct DStruct for multikey.

I have the reg file that I'm using with vusbbus which is working fine 100% and need to convert this part to be compatible with multikey (ESTRUCT DSTRUCT).

Any help is appreciated

Code:

"EDStruct"=hex:\
31,00,32,00,2e,00,50,00,4e,00,46,00,69,00,6e,00,\
70,26,00,00,00,00,05,00,68,00,52,00,00,00,00,00,\
2d,00,00,00,00,00,01,00,a1,10,45,a3,19,c0,c5,01,\
00,42,8d,76,bf,43,c4,01,6d,40,96,ad,d8,c1,c5,01,\
35,5f,53,a3,19,c0,c5,01,00,90,00,00,00,00,00,00,\
1a,82,00,00,00,00,00,00,20,00,00,00,00,00,00,00,\
08,03,6f,00,65,00,6d,00,32,00,2e,00,69,00,6e,00,\
66,00,2e,00,69,00,6e,00,74,26,00,00,00,00,05,00,\
68,00,52,00,00,00,00,00,2d,00,00,00,00,00,01,00,\
a3,c1,55,a3,19,c0,c5,01,db,e6,f7,a3,19,c0,c5,01,\
53,06,9b,ad,d8,c1,c5,01,db,e6,f7,a3,19,c0,c5,01,\
00,b0,00,00,00,00,00,00,c2,a6,00,00,00,00,00,00,\
20,00,00,00,00,00,00,00,08,03,6f,00,65,00,6d,00,\
32,00,2e,00,50,00,4e,00,46,00,2e,00,69,00,6e,00,\
c5,26,00,00,00,00,01,00,68,00,52,00,00,00,00,00,\
2d,00,00,00,00,00,01,00,63,83,17,d8,19,c0,c5,01

and the advantage of using multikey is the x64.

[gnerogeem]

@mhafez

Dump with h5dmp
Post your dump here.

[mhafez]

gnerogeem thanks for quick reply

here's the link to the dump with h5dmp

http://rapidshare.com/files/375820913/hasp4.rar.html

[Git]

mhafez - if you are a new user and post a URL or attachment your post does not get shown immediately, but passed to moderators/admin for approval. Just please be patient. What you did, ie posting the same message 5 times, is not likely to make moderators say "oh look, this is a smart new member we have here, lets approve his posts really quickly". When having to needlessly delete 5 messages I am much more prone to accidentally slip and delete the 6th one too. Capiche?

Git

[mhafez]

@Git
Sorry, I didn't know that rule and i thought somthing has gone wrong, and I'd appritiate any help from you if you have time.

@gnerogeem
I've allready done the reg file as shown in the example file coming with multikey with no luck, thanx for your advice.

[gnerogeem]

Paste your dump here, using CODE.
Maybe someone will help you.
Good luck.

[yogi_saw]

haven't it created hhl_mem.dmp file?

[mhafez]

@gnerogeem
Can not paste the dump from h5api as it is not plan text. and can not dump or monitor it using toro monitor or hasploger as mentioned in my first post.

@yogi_saw
No it didn't create that file. and your toro simulator is x86 only which i already have but with vusbbus.
and here is the reg file that i'm using with vusbbus

Code:

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHASP\Services\Emulator\HASP\Dump\4D896524]
"Name"="Vectorgrafix"
"Copyright"="Copyright (C) 2008"
"Created"="23/05/2008 18:25:25"
"SN"=dword:56e33a83
"Type"=dword:00000001
"Memory"=dword:00000001
"SecTable"=hex:94,85,b4,a5,d8,c9,f8,e9
"NetMemory"=hex:ff,ff,ff,ff,ff,ff,00,00,ff,ff,ff,ff
"Option"=hex:01,01,00,4a,1f,00,09,03,6f,00,65,00,6d
"Data"=hex:\
0f,56,65,63,74,6f,72,67,72,61,66,69,78,20,20,20,\
0f,53,58,54,2c,47,50,57,2c,50,52,46,2c,20,20,20,\
0f,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff
"EDStruct"=hex:\
31,00,32,00,2e,00,50,00,4e,00,46,00,69,00,6e,00,\
70,26,00,00,00,00,05,00,68,00,52,00,00,00,00,00,\
2d,00,00,00,00,00,01,00,a1,10,45,a3,19,c0,c5,01,\
00,42,8d,76,bf,43,c4,01,6d,40,96,ad,d8,c1,c5,01,\
35,5f,53,a3,19,c0,c5,01,00,90,00,00,00,00,00,00,\
1a,82,00,00,00,00,00,00,20,00,00,00,00,00,00,00,\
08,03,6f,00,65,00,6d,00,32,00,2e,00,69,00,6e,00,\
66,00,2e,00,69,00,6e,00,74,26,00,00,00,00,05,00,\
68,00,52,00,00,00,00,00,2d,00,00,00,00,00,01,00,\
a3,c1,55,a3,19,c0,c5,01,db,e6,f7,a3,19,c0,c5,01,\
53,06,9b,ad,d8,c1,c5,01,db,e6,f7,a3,19,c0,c5,01,\
00,b0,00,00,00,00,00,00,c2,a6,00,00,00,00,00,00,\
20,00,00,00,00,00,00,00,08,03,6f,00,65,00,6d,00,\
32,00,2e,00,50,00,4e,00,46,00,2e,00,69,00,6e,00,\
c5,26,00,00,00,00,01,00,68,00,52,00,00,00,00,00,\
2d,00,00,00,00,00,01,00,63,83,17,d8,19,c0,c5,01
"ColumnMask"=dword:000000BB
"CryptInitVect"=dword:00000033

[mhafez]

this is the reg file that is used with vusbbus and needed to be converted to work with multikey

Code:

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHASP\Services\Emulator\HASP\Dump\4D896524]
"Name"="Vectorgrafix"
"Copyright"="Copyright (C) 2008"
"Created"="25/05/2008 16:50:58"
"SN"=dword:56e33a83
"Type"=dword:00000001
"Memory"=dword:00000001
"SecTable"=hex:94,85,b4,a5,d8,c9,f8,e9
"NetMemory"=hex:ff,ff,ff,ff,ff,ff,00,00,ff,ff,ff,ff
"Option"=hex:01,01,00,4a,1f,00,09,03,6f,00,65,00,6d
"Data"=hex:\
0f,56,65,63,74,6f,72,67,72,61,66,69,78,20,20,20,\
0f,53,58,54,2c,47,50,57,2c,50,52,46,2c,20,20,20,\
0f,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,\
ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff,ff
"EDStruct"=hex:\
31,00,32,00,2e,00,50,00,4e,00,46,00,69,00,6e,00,\
70,26,00,00,00,00,05,00,68,00,52,00,00,00,00,00,\
2d,00,00,00,00,00,01,00,a1,10,45,a3,19,c0,c5,01,\
00,42,8d,76,bf,43,c4,01,6d,40,96,ad,d8,c1,c5,01,\
35,5f,53,a3,19,c0,c5,01,00,90,00,00,00,00,00,00,\
1a,82,00,00,00,00,00,00,20,00,00,00,00,00,00,00,\
08,03,6f,00,65,00,6d,00,32,00,2e,00,69,00,6e,00,\
66,00,2e,00,69,00,6e,00,74,26,00,00,00,00,05,00,\
68,00,52,00,00,00,00,00,2d,00,00,00,00,00,01,00,\
a3,c1,55,a3,19,c0,c5,01,db,e6,f7,a3,19,c0,c5,01,\
53,06,9b,ad,d8,c1,c5,01,db,e6,f7,a3,19,c0,c5,01,\
00,b0,00,00,00,00,00,00,c2,a6,00,00,00,00,00,00,\
20,00,00,00,00,00,00,00,08,03,6f,00,65,00,6d,00,\
32,00,2e,00,50,00,4e,00,46,00,2e,00,69,00,6e,00,\
c5,26,00,00,00,00,01,00,68,00,52,00,00,00,00,00,\
2d,00,00,00,00,00,01,00,63,83,17,d8,19,c0,c5,01
"ColumnMask"=dword:000000BB
"CryptInitVect"=dword:00000033

[BfoX]

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\4D896524]
"Name"=""
"Copyright"="Copyright (C) 2010 BfoX"
"Created"="15/04/2010 19:45:43"
"SN"=dword:56E33A83
"Type"=dword:0000000A
"Memory"=dword:00000001
"SecTable"=hex:94,85,B4,A5,D8,C9,F8,E9
"NetMemory"=hex:FF,FF,FF,FF,FF,FF,00,00,FF,FF,FF,F F
"Option"=hex:00,01,02,4A,1F,01,0F,03,0A,01,0D,2D,3 9,00
"Data"=hex:\
0F,56,65,63,74,6F,72,67,72,61,66,69,78,20,20,20,\
0F,53,58,54,2C,47,50,57,2C,50,52,46,2C,20,20,20,\
0F,20,20,20,20,20,20,20,20,20,20,20,20,20,20,20,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF
"EDStruct"=hex:\
20,02,BF,69,72,96,01,4E,5E,6C,7C,06,16,24,34,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ColumnMask"=dword:000000BB
"CryptInitVect"=dword:00000033