View Full Version : [Question] Dongle Cracking Services
Perrin
June 5th, 2006, 09:10
Good morning,
I apologize for my first post being a question, however i am in a bit of a bind. I have to remove WIBU-KEY/WIBU-BOX protection from a product that i have legitly acquired (purchased it from a company that stopped developing it) however it was purchased as is, with no support. So ive gotta remove their protection myself to make it usable as i dont intend on using WIBU mainly cause i dont want to pay licensing fees. Although i have previous experience with the simpler dongles, securelock, hasp, etc, this is proving quite different. Im sure i could learn it, but i have a deadline to get this software running without the dongle.
I was wondering if anyone could recommend a legit dongle cracking service (as there are many similiar to www.nodongle.com) as there isnt exactly resellerratings in this business i dont feel like getting ripped off.
Here is the information on the product i have:
1) Protected with WIBU-BOX-U (the harder of the two protection methods
2) The license is time limited via the key (not software, there is an internal clock of some kind on the key itself)
3) I have wkdump files of an expired key, a dongle good for 92 days, and a dongle good for 370 days. I also have a .rtu file that renewed the expired key. (which then became the 92 day key after it was flashed).
4) I have all the program files for the protected program, naturally, but no source.
With the information i have above, could anyone recommend me a legit dongle cracking service or a course of action which i could take to meet my deadline. If this was a simpler, better documented dongle i would do it myself, but unfortunately there is very little documentation on Wibu other than the official stuff and a single analysis whitepaper by Snakebyte on an older version.
Thank you in advance
Perrin
Edit: i just noticed my message was appended with an admonition, and want to make it clear that i am not asking for a crack, nor asking for someone to send me anything. I have read the faq and am just looking for some advice so i dont get ripped off. Id love to learn to do it myself, but i dont have the resources unfortunately as ive only worked will well documented stuff prior to this.
You have what some may consider a fun project on your hands. You have a couple of options, to reverse engineer simply get the wibu signature file from crackz site. You will need only to patch out a few ret calls like ssrpo. So wkbinit , wkbopen etc just ret success. for wkbcrypt2 u can do a table since you have the original dongle. Just find the location, set a bpx, and run the same queries it asks for. In fact you can probably just patch the check crypts in the exe rather then full talbe emu if u wanted to. like cmp eax, staticval patch patch here. Your main focus is wkbreadmem or whatever its called. Here you just make a emulation similiar to ssspros SproRead() func. Or once again find the calls by xref in ida that go to the read and patch out each calls check like cmp reg, 0xdays make that mov reg, 0xFFFFFF (infinity days) left. Crackz also post a wibu manual. thats all you need to crack the bitch.
nodongle.biz. However i browsed the site and seen:
"Custom backup tools
These kind of keys are rare and require individual approach.
So, please contact our support team by e-mail:support@nodongle.biz.
Also, include short description of your key and software in message. "
for wibu, this is not actually completely true... Hence I find it a bit difficult to believe them. There is only 1 variant that is currently not emulated at the moemnt, and that is when the keyspace used is a bit larger in the newer memory versions. If you are looking for a true emulator (which you should if your paying) ask dongle.biz if it is a full emulation and not table emulation. If they say it is a full emulation, good. I cannot recommond you to them, but I can say I have worked with safe-key.com and they are great, but do not support wibu on their list immediately, furthermore, nodongle.biz has been around it seems on the web for longer then a few weeks, so it is probably legitimate. Whether its a true emulation i dont know. If they cannot help, you can contact me on this board again, i did a emu with some friends for this dongle maybe 5-6~ years ago (a full true emulation); did it for fun. Anyways good luck. I dont know how soon your deadline is, but im sure u can patch it in about 2 days time. See ya.
addedenum:
actually i noticed you said nodongle.com, now I really havent heard of this site but this looks more like some freelance crackers, and a bit less professional. i.e.
"We can make Emulators for any protection type, Hasp4, HaspHL, Sentinel Super Pro, Aladdin Hardlock, Eye, Etoken, Wibu, Eutron Smartkey, Proteq, serial, keygen, License file, FlexLm, any protection.
Our emulators are 100% perfect, 100% guaranteed. 100% private, we don´t sell your emulator to any other customer."
I can say with certainty they are lying 100% of the case (: What this company does is make cracks, not emulators. They might have a few products emulated, but judging by their layout and setup, its probably just taken from someone else anyways. Nodongle.biz at least had the dumpers posted. heh I wont want to send you to a bad business, but i would say nodongle.biz looks a little bit better ( :
Perrin
June 5th, 2006, 14:05
great guys, thanks. Ive contacted nodongle.biz and explained my situation, asking them what options they can offer me. Ill see what they say and go from there. I realize this is a relatively simple thing to patch out the wibu calls, unfortunately im ashamed to admit ive priorly only worked with premade emulators for hasp/securelock/etc where you just dump the key and patch it into the emu.
If it was personal satisfaction id dig in and start learning, but unfortunately ive got people on my back saying they need it done now.
Thanks again, and ill keep you guys updated
CrackZ
June 5th, 2006, 16:03
Without prejudice to anyone, all of the dongle cracking sites out there (even those with the commercial looking fronts) are all run by enterprising Russian guys from the cracking scene, in fact I'm pretty sure I know who runs all of them ;-).
As Sab says, the quality of the emulation is the key, most of these guys are happy to sell you scene cracks (if they exist) or they might even turn their hand to some cracking of their own, the best will offer you a full emulator, and a trial version to test, Wibu itself can be fully emulated algorithmically with a table (not to be confused with just looking up responses in a table ;-)).
2 guys I can definitely recommend are Sp0Raw & meteo (www.sporaw.com & www.dongle.ru) respectively, these guys are reputable. Expect to shell out $500+ for their services though. If your in a hurry you'll pay it, else you'll DIY.
Regards
CrackZ.
Perrin
June 5th, 2006, 19:14
Much thanks, yeah, as to the people selling scened stuff ive seen em. Thats really lame, but this app is something thats never been seen outside corporate so its definately not scened and i would know if it was. I honestly dont care if they just crack it, i just want to be done with wibu and have it out of there. Its gonne be degui'd and synergized with a couple other products we have
We'll see what the nodongle.biz guys tell me, then ill look into sporaw and dongle.ru. 500 dollars is reasonable for a full emulation solution, however for a simple crack i would expect to pay less.
saber
June 6th, 2006, 07:31
Dude if i were you, i would do it myself. Infact there is one tutorial at tutorials.accessroot.com on wibu dongle key. If you go stepwise i dont think you should have any problem. By the way have you uploaded your software somewhere. I would like to take a loot at it while i am free.
Perrin
June 6th, 2006, 08:39
Id love to do it myself, then i could apply that knowledge in the future if needbe, but as i priorly said i am somewhat new to this business, i just worked off tutorials and premade emu's for securelock and hasp. I do know my way around olly and IDA however, and if theres a tutorial (although im not seeing it) that would be amazing. Ill dig around tutorials.accessroot.com, maybe their search just isnt very good cause nothing comes up for wibu. Ill also be upping the program to you guys if you care to take a look.
Once again, thanks for your extreme helpfulness, id love to be able to do this myself and with a tutorial im pretty sure i could.
Perrin
June 6th, 2006, 09:05
Okay, i have the program folder (just the straight files, no wibu drivers or anything else) zipped up (yeah, i know zips suck, but i was using a random anonymous hosting service that wouldnt handle anything else) and if anyone is interested ill send it upon request. I also have the wkdumps of various wibukeys, one good for 92 days, one for 370, and one thats expired as well as an .rtu update file. The priorly expired key was flashed with this RTU to become the 92day key Just drop me a pm if youd like to take a look
Perhaps if you went to tutorials.accessroot.com and visited the tutorial page and did something really crazy, such as putting "dongle" (without the quotes) in the "searchbox," you "might" just find a tut discussing the subject your are looking for.
Just a thought.
Regards,
Perrin
June 6th, 2006, 09:22
Craziness indeed JMI, however thats not wibu specific, the only result that comes up is something called Cracking_KEY-LOK_USB_Dongle_by_MaDMAn_H3rCuL3s.rar which is relatively generic. Im afraid wibu is a bit different, that sort of thing would work with securelock or hasp, but in my experience (albeit limited) it doesnt work with wibu
once upon a time i submitted a wibu dongle tutorial to them, i guess it never surfaced. Needed some revisions though , i wrote it like 4 years ago. If you just run the wibu signature file throught the exe thats protected, im also certain you can crack it (unless its wrapped). If its wrapped its even easier, just dump it and most of it is gone, just patchout api. Im going to try something out on a theory here, lets see if it works.
if you post it, they will come (:
::what cracker can resist a challenge posted::
"Im going to try something out on a theory here...if you post it, they will come."
Let me make this VERY CLEAR! IF YOU POST IT HERE, THIS THREAD WILL BE DELETED.
While this type of activity may be carried on in "private" by PM,
OUR RULES EXPRESSLY FORBID THE POSTING OF COMMERCIAL SOFTWARE ON THIS SITE!
Enough said. There will be NO further warning on this issue!
Regards,
Perrin
June 7th, 2006, 11:33
im not posting anything, nor is it commercial software
He was reffering to me as I made a potential gesture against the rules of the board by, suggesting to post the soft somewhere. I forgot that rule (: I thought of it as posting a challenge not a soft. But yes do not post it; a new theory has risen, if you post it deletion will come
Indeed, my comments were focused at sab's statements. And for sab I would say that "deletion will follow" is "way past theory" and is sufficiently established to constitute "Law"!
But, as I said, you are free to do whatever you want in "Private."
Perrin, a small technical correction of your statement. Your first post states: "I have to remove WIBU-KEY/WIBU-BOX protection from a product that
i have legitly acquired (purchased it from a company that stopped developing it). Now, since you didn't suggest that they are "giving it away," that would certainly suggest that it is, indeed, "commercial." If they were, in fact,
giving it away, it would have been relatively simply for THEM to re-compile it without the WIBU-KEY/WIBU-BOX protection so that the donee recipients had "no need for a dongle."
Since I suspect, but could always be mistaken, that they are "still"
selling the "no-longer being developed" product, I suspect they would not appreciate having the method of removing the protection splashed all over this site. If they objected, they might complain to our ISP and we might have a problem, and THAT is WHY we prohibit the Posting of commercial products, or identifable code from them on these Forums. We've already had to move our Server a couple of times because of such issues. This is WHY we require that such parts of a project remain in the Private domain, rather than the Public.

And, AGAIN, YOU have not transgressed this prohibition.
Regards,
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.