This awesome tool allows for a tool that logs the usb data exchange between hardware and device driver. Another method would be to use this little program called USBSnoop –. I myself have never been able to get softice working, but if you can, go for it.
WinDBG is suitable for this, however softice can be used as well. Device drivers need to be debugged using a kernel debugger since drivers dont operate in user mode. The key can be obtained either in memory during live analysis in a debugger or statically by probing the driver or contents of the USB device. How might this be cracked? Well for starters, we would need to identify the key. Say for example the software in question is done the right way – encrypted and needs the key to be decrypted at run time.
Their protection suite is quite popular, however recent versions produced have one fatal flaw – implementation of their dongle based copy protection can be halted based on a single 3 byte patch. Trouble is, once you’ve cracked this 3rd party providor’s method, it works on EVERY ONE of their clients. There are a few companies out there that implement dongle based protections to software companies as a 3rd party service taking the hassle of implementing a copy based protection system out of the hands of the software company. Not only that, the check for a device can be patched, quite easily. Why? Device drivers can be produced to emulate the functionality and visibility of any device including USB and parallel devices. The wrong way would be to merely check for the presence of the dongle. The right way would be to encrypt your programs and store the encryption key on the dongle and decrypt at run time depending on whether the device is connected or not. Like I said, if the protection is implemented wrong, it cracking the program could be as simple as a 3 byte patch of changing The fact of the matter is, depending on how the dongle protection is incorporated, it can be impossible to crack a program without the device. These are relatively cheap to produce and are hard to crack. The older ones used the parallel printer port.įinding a computer with a parallel port these days is tough, so as with all technology, adaptations were made. So what is a dongle? Traditionally a dongle is a hardware device that connects to the PC through one of the ports in the back.
The idea is simple – store the registration key or encryption key on a mobile piece of hardware. Every other executable is packed with this or that, PEID is no longer updated, and many software companies are moving towards dongle based security. Reversing aint easy these days and is getting harder.
0 kommentar(er)
