PDA

View Full Version : Aladdin HASP HL


lmdolphed
2010-04-01, 09:29 AM
Is possible to get Aladdin HASPHL2010 Unlimited license (Not Sentinel)?

What i need is for this application:
http://www.dongleservice.com/hasp_emulator/HASPHL2010.zip

I dont know the diference between them but there is a diference. I already tested the dongle file in the sentinel HASP2010 ad doesnt even work on the valid period.


I have a dongle file and its working, but its only for a few days(period). The dongle service sent me a trial dongle file.

I need a license for unlimited license, i pay/donatte
not as much as the dongle service ask, to anyone that help me. :p

Thanks in advance
bassem_16
2010-04-03, 09:19 PM
HASP2010 isnt c r @ c ked yet , actually only v 2007 is , so we are all waiting :)
Or use Vusb
Shiela
2010-04-04, 03:11 AM
HASP2010 isnt c r @ c ked yet , actually only v 2007 is , so we are all waiting :)
Or use Vusb

Stop waiting for HASPLHL 2010 c r a c k ed version.
The 2007 version was packed with these protection


RELEASE NAME ..... SoftKey Solutions SENTINEL/HASP Emulator 2007 *FIXED*
SUPPLIER ......... Team EDGE
*****ER .......... Team EDGE
PROTECTION ....... RSA-512, RC6, MD5, Custom, Obfuscation.
RELEASE DATE ..... 24/10/2007
SIZE ............. 1 x 5MB
URL .............. http://www.neobit.org/

There were rumors that saying 2010 version was packed with these protection + VM packed. It is possible to c r a c k it, but take time.
If you have time and got such knowledge to bypass these protection, do it. :D

For the time being, just use Multikey. Latest version of Multikey didn't support for x64 anymore and it was packed with VM protection. The last version that support for x64 was 0.18.0.3. Here is the changelog and the manual

Changelog

History

+ Added
- Corrected
! Changed

0.18.0.3 (15.04.2009)
- Fixed installation on 64 bit systems.

0.18.0.2 (22.03.2009)
+ Guardant: added entry in the registry with entries in the key.
! in the name of a registry key using a password to read the key.


0.18.0.1 (20.03.2009) (alfa test build)
+ Emulation keys Guardant Fidus (?), Stelth I, Stelth II (old revision);
! changed the internal algorithm haspHL (encrypt / decrypt) using AES;



0.17.1.0 (08.02.2009) (test build)
- Sentinel - Support long query, snt read fixed, chiper-Funk transferred to the Sea;
- Hardlock - the keys without the support of memory;
+ Hardlock - Support HL_CALC;


0.17.0.0 (08.10.2008)
! DTable / ETable instead QTable / ATable / QEncTable / AEncTable, hopefully,
that processing speed has increased (see examples)
+ Added examples dumps
+ Added Catalog Tools - useful tools
- SNT Read fixed (cells 5 / 7)

0.16.2.1 (19.09.2008)
! before you install the emulator, you must remove the previous version and
clean. inf'y. Connected with the change of name to devaysa MultiUSB
- SNT Read fixed

0.16.2.0 (18.09.2008)
+ DDK 6001, optimization of code
- SNT Write / OverWrite not work correctly

0.16.1.1 (28.07.2008)
+ Support 64-bit
- Dumps examples are given to a single format
! small code changes in this regard (Hardlock & Sentinel),
testing more than desirable

0.16.1.0 (xx.07.2008)
+ Emulation keys Sentinel SuperPro (example reg file attached)
+ Support SRM drivers for HASP-HL keys

0.16.0.1 (26.06.2008)
+ A complete emulation of HASP, tabular emulate HASP-HL (encode / decode)
+ Emulate Hardlock (Luna & Flora)
+ Possible to connect the keys with the same password (modad), for this
must be reg-file after a password to add any character, and the result
new dump
! changed the name and path stored in the registry



Manual

*** General ***

[HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ MultiKey \ Dumps \ xxxxxxxx]

xxxxxxxx - password key

To use the keys with the same password you want to add any character
after the password key:
... MultiKey \ Dumps \ xxxxxxxxa]
... MultiKey \ Dumps \ xxxxxxxx1]


"Name" = "xxx"
"Copyright" = "xxx"
"Created" = "xxx"

"DongleType" = dword: 0000000x - type key
1 - HASP
2 - HARDLOCK
3 - SENTINEL
4 - GUARDANT


*** HASP ***

"SN" = dword: xxxxxxxx - serial number

"Type" = dword: 000000xx - model
12 - Time HASP 3
0A - HASP4 M1 (deafult)
1A - HASP4 Time
EA - HASP HL
DA - HASP HL Time

"Memory" = dword: 00000001 - the size of memory

"SecTable" = hex: 00,00,00,00,00,00,00,00 - private table

"NetMemory" = hex: 03,00,0 F, D0, 02,00,00,00, FF, FF, FE, FF - cells' power 'memory

"Option" = hex: - not used

"Data" = hex: - memory cells

"ColumnMask" = dword: 000000FF

"CryptInitVect" = dword: 0000003F

Table-emulated functions hasp_decrypt + hasp_encrypt

The tables are arranged in podvetkah core of the dump:
Decrypt: [HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ MultiKey \ Dumps \ 12345604 \ DTable];
Encrypt: [HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ MultiKey \ Dumps \ 12345604 \ ETable].


The format of entries in the table (all values hexadecimal):
"10:00112233445566778899 AABBCCDDEEFF" = hex: FF, EE, DD, CC, BB, AA, 99,88,77,66,55,44,33,22,11,00
"20:00112233445566778899 AABBCCDDEEFF" = hex: FF, EE, DD, CC, BB, AA, 99,88,77,66,55,44,33,22,11,00
"30:00112233445566778899 AABBCCDDEEFF" = hex: FF, EE, DD, CC, BB, AA, 99,88,77,66,55,44,33,22,11,00

where

- "10:00112233445566778899 AABBCCDDEEFF" - a request to the key
10 (20,30) - query length in bytes
"00112233445566778899AABBCCDDEEFF" - the first 16 bytes of the query

- Hex: FF, EE, DD, CC, BB, AA, 99,88,77,66,55,44,33,22,11,00 - the answer key, are only
the first 16 bytes of real answer.

For example:

================================================== ================
2008/10/10 07:13:25.109 <== HaspHL_decrypt: Length = 0x10
2008/10/10 07:13:25.109 <== HaspHL_decrypt: Input Data =
2008/10/10 07:13:25.109
2A E1 F0 A2 | E1 B2 F1 F9 | 9F C8 72 F6 | CA 4B 01 49

2008/10/10 07:13:25.171 ==> HaspHL_decrypt: Output Data =
2008/10/10 07:13:25.171
53 9D 4D 03 | 00 00 00 00 | CB D2 6B 04 | 00 00 00 00

2008/10/10 07:13:25.171 ==> HaspHL_decrypt: Status = 0x00
================================================== ================
2008/10/10 07:13:23.484 <== HaspHL_decrypt: Length = 0x20
2008/10/10 07:13:23.484 <== HaspHL_decrypt: Input Data =
2008/10/10 07:13:23.484
7B 6E 8C DF | D6 51 A3 0C | 47 E1 FA 60 | 51 6C 79 71
2E 0E 0C 38 | C6 99 FE 97 | B2 C2 E1 37 | 7F 61 CD 7A

2008/10/10 07:13:23.546 ==> HaspHL_decrypt: Output Data =
2008/10/10 07:13:23.546
02 B0 3C 6E | DA 88 46 BA | 4C 7E 5A 12 | 8E D6 DE 76
2E 0E 0C 38 | C6 99 FE 97 | B2 C2 E1 37 | 7F 61 CD 7A

2008/10/10 07:13:23.546 ==> HaspHL_decrypt: Status = 0x00
================================================== ================
2008/10/10 07:13:23.609 <== HaspHL_decrypt: Length = 0x30
2008/10/10 07:13:23.609 <== HaspHL_decrypt: Input Data =
2008/10/10 07:13:23.609
7B 6E 8C DF | D6 51 A3 0C | 47 E1 FA 60 | 51 6C 79 71
2E 0E 0C 38 | C6 99 FE 97 | B2 C2 E1 37 | 7F 61 CD 7A
9C F3 2A BD | A4 DA 3B 78 | 97 CC 44 ED | 42 47 42 E6

2008/10/10 07:13:23.671 ==> HaspHL_decrypt: Output Data =
2008/10/10 07:13:23.671
77 64 61 62 | 63 5F 60 61 | A2 B9 AC 60 | 61 62 63 5F
2E 0E 0C 38 | C6 99 FE 97 | B2 C2 E1 37 | 7F 61 CD 7A
9C F3 2A BD | A4 DA 3B 78 | 97 CC 44 ED | 42 47 42 E6

2008/10/10 07:13:23.671 ==> HaspHL_decrypt: Status = 0x00
================================================== ===============

The resultant table:

[HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ MultiKey \ Dumps \ 12345604 \ DTable];
"10:2 AE1F0A2E1B2F1F99FC872F6CA4B0149" = hex: 53,9 D, 4D, 03,00,00,00,00, CB, D2, 6B, 04,00,00,00,00
"20:7 B6E8CDFD651A30C47E1FA60516C7971" = hex: 02, B0, 3C, 6E, DA, 88,46, BA, 4C, 7E, 5A, 12,8 E, D6, DE, 76
"30:7 B6E8CDFD651A30C47E1FA60516C7971" = hex: 77,64,61,62,63,5 F, 60,61, A2, B9, AC, 60,61,62,63,5 F

If the protocol meets a single query length of 32 (20h) bytes, which is immediately
No request for a length of 48 (30h) bytes, then the query should be stored in the table as
two requests to 16 (10h) bytes



*** HARDLOCK ***

"ID" = dword: xxxxxxxx - serial number

"withMemory" = dword: 0000000x - the key to memory, or without it

"Seed1" = dword: 0000xxxx
"Seed2" = dword: 0000xxxx
"Seed3" = dword: 0000xxxx

"HlkMemory" = hex: - memory cells

*** SENTINEL ***

"Type" = dword: 00000000 - Model

"sntMemory" = hex: - memory cells

"CellType" = hex: - types of cells



*** GUARDANT ***

... MultiKey \ Dumps \ xxxxxxxx] - xxxxxxxx - pwRead - password key for reading;

"DongleType" = dword: 00000004
"pWrite" = dword: 23232323>>> password for entry, optional if the program does not use record
"Data" = hex: \
... (256 bytes - a full dump of descriptors)



As you can see from the manual, it support to 4 types of dongle.
For HASP it can support to 5 types.
Now it's all depend on you to choose and with the right step, you can emulate your dongle without any problem.
Learn and do some research. :)