Log in

View Full Version : Hardlock Memory Dumper


cyco2
December 5th, 2002, 18:33
hey ppl... a while ago I asked something on the forum, well some ppl at this forum started to bitch.
Anyway I don't care, and I WANT to help ppl in stead of bitching all day.

Here is one of my first tests... I will come back with a more advanced one.

This is only for testing... if you got a hardlock dongle at your home, pls test this.

btw, a brute forcer is also coming for module addresses. I found a way to do this in less then 3 hours.

All are programmed on the low level api.

Also I found a secret undocument API which covers the verify key calculation.

my final will be WITH source code ..... I hope ppl will like it.

Goofy...

Bengaly
December 5th, 2002, 18:49
who who
go get them =)
and puke on all bitchers :-)

CrackZ
December 6th, 2002, 08:14
Hiya,

I don't know what you used to brute force the MOD_AD, but 3hrs seems awful slow to me ;-), I managed it in around 20 minutes with just the ASM sample they provide in the SDK.

Anything wrong with testapi.exe for the rest?.

Regards

CrackZ.

cyco2
December 6th, 2002, 08:34
well ur right... crackz... testapi will do it. But why is there a API_FUNCTION (dec 30) which is undocumented where ya can create a verify key with?... I mean I could not find it in any doc / source of them.

Second I did not optimize it yet, to set flags like don't search for USB auto and crap... the slowness of the bruteforce atm is the LowLevel api... not my code. And btw their High Level ASM example is ... well not very pretty right ?

I will optimize the bruteforces also in ASM, so maybe I will all together get more and better results. And then again I'm talking about bf'ing the whole range (1 to 8192*8), often the Dongle has a module address between 26000 and 35000 (I got 5 different dongles here).

But you are right crackz... I hoped only I could help some ppl out since there are no such tools available... maybe u even want to host the tool when it is ready?

/me wrote a very easy to use CHardlockDongle Object, which can encrypt/decrypt (KEYE) unlimited count of bytes.... (not the 64k limit like the HL API got). it will be with the source

Let me know if ya interested, and if you know things about Hardlock you think I should know by making this tool... please tell me

thanx for responding...

Goofy...

tgodd
December 6th, 2002, 21:27
You should be able to do it in a few minutes.

Regards,
TGODD

tgodd
December 6th, 2002, 21:43
Just a small hint.

There are only 8160 (decimal) possibilities.



Regards,

TGODD

cyco2
December 8th, 2002, 17:13
Thanx for the info... though how ya know only that small range will cover all the module addresses? And what is the range exacly, I'll put it in my program, with the help of all ya ppl I can make as best working program possible.

Anyway let me know what kind of features you think would be handy if ya have to deal with a hardlock dongle?

Goofy...

Sab
December 9th, 2002, 10:02
Hi cyco nice upload. Needs work of course but im sure ppl will find it quite nice to try. Maybe it might be a nudge for others to start uploading similar findings on the same dongle or perhaps different ones(: Whether they are discovered already or not. Keep on Keep'n on (: -Sab

marcos135
April 4th, 2004, 07:47
Here is my test for my hardlock usb dongle....
excecute the file in dos mode and run "dongle/test "argument
and it will show the module address automatically....