i read some threads in this forum about emulator R4,but didnt find any info to solve,if anybody here know something about emulate R4 can give me some ideas about this key (tools, and how to solve...as well).

thankx so much to Bros.
regard !

If you can access the KEY and the application accessing the driver using RYDLL32.dll, it's quite easy.. though it's still a software specific solution. We can emulate the KEY by creating a FAKE RYDLL32.dll.

First of all we must collect all the Question(from App) & Answer (from KEY) data by creating a DLL that "sniffing" between App and RYDLL32.dll.

1. Build RYDLL32.dll
http://rapidshare.com/files/313270837/R4_LOGGER_DLL.rar.html
pass: reteam.org
2. Rename original RYDLL32.dll to RYDLL321.dll
3. Put FAKE RYDLL32.dll to the same folder with the original one
4. Run the App and execute all function in the App to make sure we get all the needed data. There will be a log file created (AppName.LOG)
5. Create an Emulator DLL based on the Logger DLL.

I hope this can help.

> 5. Create an Emulator DLL based on the Logger DLL.

How does this stage work then?.

Git

@kontolimansyah
WOW.......
men loe serius itu bisa.....
Bisa kasih tau tutorialnya.

feitian = rockey
so if somebody can solve the feitian, that would help to solve the rockey dongle too.

@kontolimansyah

Thanks, nice info

@kontolimansyah
I'm laughing at your nick, what with the kontol thing?
BTW thanks for the info!

If you can access the KEY and the application accessing the driver using RYDLL32.dll, it's quite easy.. though it's still a software specific solution. We can emulate the KEY by creating a FAKE RYDLL32.dll.

First of all we must collect all the Question(from App) & Answer (from KEY) data by creating a DLL that "sniffing" between App and RYDLL32.dll.

1. Build RYDLL32.dll
http://rapidshare.com/files/312159232/R4_LOGGER_DLL.rar.html
pass: reteam.org
.....
5. Create an Emulator DLL based on the Logger DLL.

I hope this can help.

thankz kontolimansyah for help, i cant download with the link above,anylink else

as Git said...what next after step 5, use which tools?

and ofcourse any new ideas are helpful for me

@kontolimansyah
WOW.......
men loe serius itu bisa.....
Bisa kasih tau tutorialnya.

feitian = rockey
so if somebody can solve the feitian, that would help to solve the rockey dongle too.


in this forum there one member (i knew) is softcrck seems he know how to emulate R4, and i PM him and he gave me a solution : He will help me with 300$...oh my,why the last reason is MONEY,:eek: if i have much money i bought the copyright not need help here...

He's already banned from this forum.

the link has been del,can u upload again?

Does anybody knows, how can i make emulator dll based on logger?

Thanks

[don't quote large amounts, it is not necessary as you well know]

> 5. Create an Emulator DLL based on the Logger DLL.

How does this stage work then?.

Git

The idea is simple, we just give a correct answer to the App based on Q/A data.
ex:
LOGGER:

...
...
...
switch (function)
{
case RY_FIND:
Log("%-20s p1=%04x, p2=%04x, p3=%04x, p4=%04x\r\n", FunctionName[function], *p1, *p2, *p3, *p4);
break;
...
...
case RY_SEED:
Log("%-20s handle=%04x, SeedCode=%08x\r\n", FunctionName[function], *handle, *lp2);
break;
...
...


EMULATOR:

...
...
...
switch (function)
{
case RY_FIND:
*lp1 = 0x12345; // Your HardwareID
return ERR_SUCCESS;
...
...
case RY_SEED:
if (*lp2 = 0x667788) // SeedCode
{
*p1=0x1111; // Seed1
*p2=0x2222; // Seed2
*p3=0x3333; // Seed3
*p4=0x4444; // Seed4
}
...
...
return ERR_SUCCESS;
...
...


It's so simple and it WORK :)

@ kontolimansyah
1.how to build RYDLL32.DLL after download your R4_LOGGER_DLL.rar and unrar
i see there are 7 files in this folder :
log.c ; log.h ;
rydll32.c ; rydll32.h
rydll32.def ; rydll32.dsw ; rydll32.dsp
....can you tell clearly
2. Rename original RYDLL32.dll to RYDLL321.dll
3. Put FAKE RYDLL32.dll (where i get it) to the same folder (where this folder)with the original one
4. Run the App and execute all function in the App to make sure we get all the needed data. There will be a log file created (AppName.LOG)
5. Create an Emulator DLL based on the Logger DLL....how to do???tools

i'm trying to emul my key,need your help, plz

I think kontolimansyah post all necesaarry info, now it is only on you.
Build by MSVC and if you need emulation option just modify source code like kontolimansyah said.

@benito

He's absolutely a newbie, so it's really hard for him.

@quocviet84

1. I have updated my first post with a compiled DLL download link.
3. Just use windows search.
5. Upload your LOG file and I will make the emulator for you.

@benito

He's absolutely a newbie, so it's really hard for him.

And why newbie start with reversing the dongle??? Because he doesnt want learn, only wait for ready made solution for his ilegal activities...

@kontolimansyah
thanks for usefull info

@benito

That's true.
Register at the forum and create a new thread.
They don't even search for their problem.

That's true.
Register at the forum and create a new thread.
They don't even search for their problem.

why you can say that,if i search and find out the solution i dont need to creat a new thread,and wait.
i know the feeling when we can solve a difficult problem by ourself,its really great!and ofcourse i want too.but it really difficult for me, a newbie.
how many years you can get your knowledge at now?and if as you said,kontolimansyah no need to share his knowledge and you have to find the method by yourself.
sorry if i make you sad.
i dont need all your knowledge :p just a little to solve my problem,i really happy for your help,i think you too.
i think the knowledge created to share together, so it makes the world develop, did you get knowledge from your teacher or you learn at home by yourself my friend:rolleyes: ~~~thinking
if anybody can help me,i really thank.dont spam plz!

In my country people says that "Give away is recieving !"

Finally,say thank to kontolimansyah for your help.i will try it again,:)

@quocviet84

I'm sorry if my word is to harsh for you.
Are you a Vietnamese?

@kontolimansyah

--step 3 :i searched in my PC and there is any file with name "RYDLL32.DLL" so i dont know where the folder contain RYDLL32.DLL:( i did this before you tell me use windows search,the same result!
what can i do now??

@gnerogeem

yes,i'm vietnamese.what problem with my english? sorry if it happens.how can you know that i'm vetnamese.
in Vietnam there is a crack team too,REA Team,i think you' ve ever heard before,but reaonline.net havent permitted register for a long time?must be invited to register. no registeration is the same meaning with cant reading any posts in their forum,cant access to their forum.as a newbie i have a big problem to understand all everybody said here.
regard !

From your nickname.

If you can access the KEY and the application accessing the driver using RYDLL32.dll...

Well.. if you can't find it then it means your App doesn't using RYDLL32.dll to comunicate to the driver.

If you would point me the download link of the App I will try to help you analyze and find a solution for it.

@ kontolimansyah
here my friend :)

http://www.mediafire.com/download.php?hhjn3kzltjy

Regard !

Rdw.v7.0 CONSTRUCTION STRUCTURE - (KẾT CẤU XÂY DỰNG - SOFTWARE VN) :-))

The App is enveloped.
We still can make a Logger and Emulator using Global hook for CreateFileA() and DeviceIoControl(). The problem is.. the data sent to driver is encrypted, i'm working on it.

0103C161 call Rockey

0103C930 call Encode

@ asus
sw vietnam thi sao?ở vietnam koai bẻ khóa được thì mình fải tìm ở nước ngoài chứ. asus biết cách xử lí mấy cái khóa của cic ko,mình tìm tòi cả năm rồi mà chẳng đến đâu :)

reagard !


@ kontolimansyah

Thankz so much :) you are whole-hearted

i wish i can help you something ,hope you find out the solution soon!

waiting...
regard !

If you can access the KEY and the application accessing the driver using RYDLL32.dll, it's quite easy.. though it's still a software specific solution. We can emulate the KEY by creating a FAKE RYDLL32.dll.

First of all we must collect all the Question(from App) & Answer (from KEY) data by creating a DLL that "sniffing" between App and RYDLL32.dll.

1. Build RYDLL32.dll
http://rapidshare.com/files/313270837/R4_LOGGER_DLL.rar.html
pass: reteam.org
2. Rename original RYDLL32.dll to RYDLL321.dll
3. Put FAKE RYDLL32.dll to the same folder with the original one
4. Run the App and execute all function in the App to make sure we get all the needed data. There will be a log file created (AppName.LOG)
5. Create an Emulator DLL based on the Logger DLL.

I hope this can help.

sir, your link is dead, can you provide a new one? i am newbie in this forum. i got one software which is communicating using rydll32.dll, i would like to try. Thanks

--step 3 :i searched in my PC and there is any file with name "RYDLL32.DLL" so i dont know where the folder contain RYDLL32.DLL:( i did this before you tell me use windows search,the same result!
what can i do now??


you have the linked api (obj method)/ only .sys emulator possible
also the target can used other dll with linked api

The link to http://rapidshare.com/files/31327083...R_DLL.rar.html
is invaild.Where can I download this file?

@Any: it is demo dongle dll... and still vmprotected

The link had died.Who can upload it again?
thx

[DO NOT quote whole messages]


upload again pls

Who can kindly re-upload this file:
http://rapidshare.com/files/313270837/R4_LOGGER_DLL.rar.html
Link has been dead.

Upload to www.mediafire.com or other hostings

BR//

@Any_Who_Cant_Read_Prevision_Post: it is demo dongle dll... and still vmprotected

I look foward “I look foward “R4_LOGGER_DLL” but the link isn't good.
Could you upload it again or to send it to me a PM.

thanks.

This Is A Demo Emulator.

Thanks for your answer Gnerogeem.
I knew that ii was a demo version but i will try to reverse it.
i think that a easy way vs the original dll.

Gnerogeem, could you send to me the Demo DLL

> will try to reverse it.
he is vmprotected =)

if you known theme ;)

BFOX with all respect which I owe you.

If somebody asks about file "R4_LOGGER_DLL" , always your answer is: it's not possible because it is vmprotected protected.

All of us here, wants to learn any type of protection and I think that the motivation of the participant should not be stopped by discouraging them.

Please, If you have the file share it.

well, read here before learning process =)
http://vmprotect.ru/index.php?lang=en

VMprotect it is not simple but I don't think that the file is protected with the 2.0 upper version, and the previous versions several methods exist that I know.

• Search the API Holder Address
• Search the OEP / SubRoutine Address
• And others

But to to our subject, my wish is to find "R4_LOGGER_DLL " that's why I ask here to share it.