Hi there !

My problem is kinda big i think cause i have a HASP4 envelope on a program. The thing i need is the HaspCode() algorithm for hasp4. It will be nice if someone would share it with me. If not at least i ask him to calculates responses for - Seed = DF3 Pass1 =0292 Pass2 = 2DF1. I tried to calculate them but i'm not sure that i obtained the corect result that is AX=0048 BX=4202 CX=4808 DX=004A.

best regards,
.:hack3r2k:.

Without a working dongle for your target you will probably fail hard.
Once you get past the few first checks you will probably see that it sends smaller or larger amount of data through the dongle for encryption/decryption.
In some of the Hasp4 envelopes I've seen it sends the whole section through the dongle in pieces like 0xf000 bytes or there about. In other newer versions (march 2002 which I believe is the newest) it does alot of pseudo random checks by decrypting smaller pieces of code and compare it with a precomputed table which is kinda annoying since all it's code is obfuscated which just adds a bit more fun to the debugging.

Good luck.

// CyberHeg

This happens also on HASP4 standard ? I seen some progs prot with envolope that worked after filling the regs with the correct values... Anyway u didn't said to me if those values i posted are correct...


bye

Yes, also on Hasp4 standard. What else does there exists but standard? The most common one is Hasp4 M1 or TimeHasp4. Rest are just Nethasps and the M4 model(s).
No I didn't tell if your values are correct because I don't know if they are correct and frankly I don't care either.
There doesn't exist any public discovered algorithms of HaspCode for Hasp4 dongles.
How did you find those values anyway? Used the HaspCode algorithm for Hasp3? or find the checking from the envelope?

// CyberHeg

HaspCode works the same for all versions of Hasp.
It is mearly a bit addressing scheme.
The code and docs are out there everywhere.

All readers go out and retreive the Linear version of the
Hidden number, and as far as any of the docs out there, it
would appear that nobody has been able to base the results
of HaspCode on the Password, nor has there been any reason too.

So unless you know the Linear version of the hidden number, I
am afraid you are S.O.L.

And judging from the fact that nobody else has been able
to tell you this, it would appear as though most peoples
knowledge of this is mearly based upon reversing, and not
a true understanding of the Hasp.

Get a reader... Read the lock device... And submit the Lock data,
and you'll have a dozen or so people claiming to be experts, with all the answers you need. In truth all you would need then would be an emulator to do a validation of the Seed value, and not need to listen to these so called 'Experts'......

I believe there is a reader and emulator on Crackz site.

Anyhow, have fun and good luck.

Regards,
TGODD

The internal hasp codes can be rebuild from the passwords given. I used that method succesfully on 4 dongles.

@Hack3r2k
Your returned values are wrong. Even if you swapped the passwords your codes are still wrong. Not even close.

I do not doubt this.

However what would be the need if you had access to the lock anyways.

I would also be curious as to the algo used to do this.


Regards,
TGODD

I was a while ago very curious about the HASP as the company I work for uses them and I wanted to know secure they where. I searched the whole web and found what I needed. You should also go and search. Besides the fun it will also give you knowledge.

Again I itterate.

The only time you would need to calculate the Haspcode from the seed would be if you did not have the lock device.

I was the original reverser of the Hasp and I do know how to calculate them from the passwords, but this method was never implimented in our emulator, which was the first by at least 3 years.

So knowledge is not something I am in need of at this time....



I was only curious to see the algo that YOU used to calculate the seed. But hey thats cool if you do not want to share.

I do understand that.

Regards,
TGODD

IC, sorry for that.

I used the source at http://anticrack.p15106404.pureserver.info/modules.php?op=modload&name=News&file=article&sid=3407 to create my emulator.

The reason why I emulate is that I did want to run our program without the dongle. It's a VB program so I replaced the hasp32vb.dll with a selfmade dll. I could offcourse include the complete seed table in my dll but I wanted it to be generic. So I was very pleased with the above mentioned source. Since then I knew the HASP sucks.

Hiya,

I've written a reply to this post about 3 times now, and the msgboard keeps timing me out and I lose it (I'm pissed off!), final try ;-).

With respect to the previous posts.

1. The algorithm posted in the link before has been known for 4 years or more, it was probably (don't want to deromanticise the whole zen pondering nonsense) recovered from an errant HASP library, which can still be found on the web somewhere, load it into IDA and away you go.....

2. The old HASP envelope depended on HaspCode() responses to a given seed/passwords for decryption, Quine's essay describes the entire process (MD5 ad nauseam). The new HASP 4 implementation of HaspCode() AFAIK changes only the secret table, this can be recovered with either the dongle or (maybe?) some knowledge of some good responses to a given seed.

3. The HASP 4 envelope does NOT depend on HaspCode() for its decryption, instead the real work is by new block services (Encode/DecodeData 0x3C/0x3D), this is the REAL task, and if they've done it half way good (think sproQuery() here), its going to be very secure for a while.

4. Rumours. I heard that someone has these new encode/decode services mapped out (I don't believe this to be true). From someone with close links to Aladdin, I was informed there is not a generic solution, they'd be crazy to do more security by obscurity imho so I believe it to be true, effectively this implies you need access to the dongle, and the dream of a generic emulator is defeated right there.

5. My HASP drivers for HASP 3 are available on the net. If you want my HASP pack with source or someone wants to host it, I'll upload.

Regards

CrackZ.

You are 99-100% correct CrackZ.

the 1% being that one Martin McKeen claims to have
cracked the Hasp4 3c and 3d.

I can not confirm this, nor has anybody else that I am connected to.

The SproQuery (legacy *nonEnhanced) has however has been cracked for quite some time now. (93-94). That would have been Rainbow SuperPro.

There is still some legacy software out there which does only use the Hasp Function 2 (HaspCode). As far as the Hasp 3c & 3d, there is now way to go crazy randomizing what you throw at the lock (if only to screw a cracker up), because there is no way for the vendors to validate the random queries.

So one could find the valid queries and still emulate them.
Could make for a pretty hefty table however.

Regards,
TGODD

Hi !

Thank you all for your suggestions. I guess that without the original dongle i can't make that shit work. So the only chance i have to crack that proggy is to put my hands on it's dongle and spy it's answers at 2, 3C, 3D services... I think that it's possible no ?


best regards,
.:hack3r2k:.

CrackZ:

Have no information to contribute to this interesting topic other than a possible solution for CrackZ's timeout problem. Having run into this a few times myself on longer posts, I've taken to composing replies in a word processor and copying and pasting into the Reply box. That way your "time" in the box can be limited. Worked for me. Should work for you.

Regards.

Yes it is very possible.

The function 2 is easy.
Just follow the link that Iwarez posted.
You'll get alot out of that, and the code snippet there will do exactly what you want.


The 3C & 3D you will have to log those to find the apropriate responses, if in fact you need to at all.

Do not be discouraged by anyone here.
Some of us are more knowledgable than others but that comes with experience.

And never back down from a daunting challenge, there is always something to learn even if you are not successful.

As far as the hasp goes, it was originally cracked in 92'-93'.


and cyberheg,
The HaspCode function (Hasp Function 2) is the same for all hasps, with only one exception which I saw 8 Years ago (before that Hasp4).



Regards,
TGODD

@CrackZ
I would like the HASP package you made. Only thing it could do is make my HASP knowledge a bit better. Thanks for your time.

Hiya,

My HASP package proved to be a bit big for the upload, so I've sent it to Woodmann and hopefully he can add it somewhere to my old site + a link here and you can figure out what to do from there I hope. The code was based on the HASP v4.65 drivers, but should work with the current v4.7 on Aladdin's site, it takes advantage of Aladdin's desire to modularise their code by merging everything into hardlock.*.

Tgodd: Indeed I was contacted by the aforementioned Martin McKeen, but he seems to be hard to track down and from the crumbs I gleened from him I think his solution requires access to the dongle. Indeed with sproQuery() I was referring to the latest or last generation of Rainbow creations (advanced algorithm).

JMI: Exactly what I ended up doing in the end *grin* and am doing now ;-), writing it in NotePad, thanks for the suggestion though.

Iwarez: Logging your HASP calls shouldn't really be too much of a problem with the dongle, you could do it either at API or driver level, I hope to implement some code to log 0x3C/0x3D services sometime, I think unpacking is probably a better way to go to be honest, rather than emulation.

Regards

CrackZ.

http://www.woodmann.net/crackz/CrackZ'sHASPPackage.zip

Say thank you to CrackZ

A BIG THANK YOU to CrackZ for his many efforts and contributions to the RCE knowledge database.

Regards.

I double the really big thank you to CrackZ. Several questions for crackz, how many man months did this take you? How did you come up with the method?

THANKS AGAIN

MTB

Just out of curiosity.....

CrackZ

What locks can you emulate?

TGODD

Thank you Crackz for uploading this. I'll take a look at it and try to learn... BTW, it wasn't me who wanted to log the hasp calls...

Hiya to all.

In briefness:

1. Iwarez, sorry, I realise my post was meant to be to hack3r2k regarding logging ;-), sometimes the eyes are too quick for the mind or perhaps the other way around.....

2. MTB, most of the code, the int 6 handler, the decryption routines, even the decrypted data were all dumped from the HASP drivers themselves, actually decrypting them and so on proved to be little more than time consumption in SoftICE, although I had to force some of the 11 routines to be decrypted manually resulting in some pretty hard crashes ;-). About 2 days work I'd say, that and fiddling with MASM and debugging to get the thing working ;p.

The weakness arose from my noticing that hardlock wen't from about 40k to around 440k in a few driver increments, the v4.01 drivers I was planning to use did all the direct dongle I/O on the HASP side, in fact if anyone plans attacking the HASP 4 new services don't use the new drivers, grab v4.01 and examine the I/O there. Later on Aladdin 'modularised' this to pass in a structure via Hardlock in later versions, this is where the weakness lies, and it also means for dongles I don't recognise the control can be handled by the real HASP code.

About 1 further day was spent getting the bugs out of the NT/2K version, some of the string handling there was pretty ugly in ASM, and there were 2 nasty bugs to solve, the mov eax, ds:KeNumberOfProcessors rings in my ears for some reason ;-).

3. Tgodd.

I wrote emulators (drivers) for Sentinel/DK2 and Hardlock a while back, sadly as you are probably aware, 2 of these do not have generic solutions for certain API functions, I'm no hardware engineer, so until someone discloses what I'm missing they remain incomplete, although implementation errors from most developers mean I can usually get a solution through ;P.

Regards to all on this thread.

CrackZ.

CrackZ,

I can sympathize with you on the KeNumberOfProcessors.


My approach, due to legalities is purely emulation, however,
code patching is an all too familiar evil.

BTW my claim that I was first to reverse the Hasp is in fact true.
I was emulating on Win3.1 back in 93 and even earlier.

I'll tell ya... When I first saw the NT DDK I thought I was screwed.
Man what a change from Vxd writing....

It all seems so trivial now......


Regards,

TGODD

Delete....

Thank god its not working

Hiya,

Well I haven't posted for a while, so a quick bit of info from me.

I'm pretty close to finishing a new HASP driver which will actually be a Hardlock.* replacement (will support old HASP INT 6, new HASP and Hardlock's).

Aladdin merged everything into Hardlock.* and now rely on code
obfuscation of a banality that really defies belief, unfortunately the encryption of the API structure still depends and OR/XOR/ADD/SUB and a seed, all wrapped up in tedious little loops to make tracing boring.

Expect some docs/stuff soon on my www. Like 2 weeks time. Also expect me to have fixed a few annoying bugs.

Regards

CrackZ.

FoxB:

Try the CrackZ link at the bottom of the Forums. That is the "old" address of the server, not the current one.

Regards.