I have one target <program name removed>
I full dump the exe in presence with dongle with lordpe.
I found the OEP and Import table too.
I fixed the pe header and section.
Still when programm starts showing
General Error
FormatMessage()
Error code blah blah.
Then programm starts and then autoclose by the kernel error in msvcrt.dll file

I found the similiar software old version crack. I found that in crack there is one more .idata section in last with small size. i dont come to know its function. Should i need such section ?

Help plz.
Regards
D

Hiya,

I've been doing some work on Wibu myself (actually its more of a theory verification project now), if you can fwd me the name of the target by private e-mail I'd appreciate it.

I apologise in advance to the 'management team' for this request, but I did read the FAQ and use the search facility and read the terms and conditions and throw a pinch of salt over my left shoulder ! ;-).

Thanks

CrackZ.

What about clicking your heels and saying three times: "There's no place like home; there's no place like home; there's no place like home"? You do have the ruby slippers, don't you?

Regards,

Hiya DongleGuru,

Many thanks for sending me your target.

This is really more a request for help or theory clarification rather than anything else since I unfortunately do not have a Wibu Key to test anything with. Hopefully others on the board have in the past or might care to send me one or can even satisfy my curiosity..... ;-).

Whilst researching the Wibu crypt function as used by the 'Wibu envelope', I found around the web a 'Reaktor Dongle Emulator', this is a wkwin32.dll replacement which actually implements the WkbCrypt function, theres a real caveat though, the one I found has 2 variables used in the crypt process (essentially 64-bits of data) which I am halfway confident is a FEAL key used on a per customer basis.

I don't know where this 64-bit key is obtained from, but 2 ideas seem probable :

i) It might simply be sat on board the dongle and can be 'read out' by looking at the Wibu communication protocols (this seems the least likely to me), or /

ii) The key is actually computed from the FirmCode and/or UserCode (on board), perhaps the algorithm that does this transformation can or has been recovered, I haven't looked since if they've done it halfway right, it ought not be visible.

Unless the 64-bit key can be recovered, I consider breaking the Wibu envelope as pretty much an impossibility.

Sorry to re-incarnate a fairly old thread.

Regards

CrackZ.

Hi ALL!

WIBU-KEY SDK includes text file Wkfirm.wbc which allows you to make "WIBU Envelope" not having a key. With FirmCode 10 or 250010.
I have WIBU key for FirmCode 10, ready to help you in un-enveloping.
PM me if need.

WBR

Hi.
Is this "Reaktor Dongle Emulator" a tool for emulating a Wibu Key or just a crack for a program called "reaktor"?
I think this dll replacement is exactly what i need but i did not find in the net. Because my interest is to emulate the wkbcrypt function without a dongle! Please can you give me more information about place for download?

For the Envelope:
You need original key otherwise forget it. If you have original key you can debug or use an own function after finding firmcode and so on to decrypt exe.

try with dis hint...

... Zone's Reaktor 3.05 emu for Reaktor 4
------------------------------------------
Take wkwin32.dll and drop it in c:\windows\system32 folder and overwrite
wkwin32.dll (136kb). This will allow you to load the old Reaktor3 ensembles as well as the new.

Found at:
umt.pl/?showtopic=658&view=getlastpost

Greets monguz

Thx, but not thas what i am exactly searching for.
The question is if the cryptalgorithm of wibu is already reversed and if you only need a *.wbc file to create an envelope without a dongle it seems that the algo (wibu offers fast algo = crypto on pc with key from box and slow algo = crypto in box) could be found in that dll.
crackz wrote that there can be add some firmdata in form of a special file to that dll so may be itīs already an emulation of the cryptosystem...
i do not need that for the program called Reaktor but itīs interesting if itīs solved in that way i am interested in...

regards,
friedo

Hi to all,
please i need a help info to recover the key in a new wibu version dongle driver protected software after the remove of the envelope.
I have problem in the query algo.
Please can anyone tell me advices/help?
Thanks and see ya!
NaSTy

Here's an advice: Read the FAQ

ok we take a look .......

wibu key.... fsb 99:12345 u need du burn 12345:nnnn dongels.

ps. my fsb has 99:99 and a good wkfirm .dat he he by Wibu (only dongels with type 4b)
the new 6 series dosnt go to burn

i have a error, but i don't what it means :

wkfirm: fatal error WK1111 - no authorization to use Firm Code xx

i have a FSB and wkfirm.wbc, but i don't know if they 're matched

And WHAT have YOU done to attempt to find the answer to YOUR question either HERE or on the NET???

Have you actually READ THE FAQ like it said in the BIG RED LETTERS and under your signature???

If you have, you didn't say you have.

Regards,

4Leo: Firm Sequence from wkfirm.wbc can be recovered It can be not match FC from you FSB. simply