Any Senior in the forum knows how to unprotect data files protect using rockey 4 ND protection?.... without using emulator?..

HID dongle Montior tools :

http://rapidshare.com/files/395588478/Rockey4nd_dongle_Monitor.rar

1. Sopy HID.dll to you Program directory
2. Example:C:\Program Files\xxxx
3. Running you program(*.exe)

PS: HIDMonitor.log in C:\Program Files\xxxx

But i have not solution how to make the .log file to reg or Virtul Dongle. Pls need help.

this hid monitor is provided by softcrk. I m asking for how to unprotect data without using emulator.?....

log also ciphered...

@erali: for R4/R4ND shell use 3DES cipher. for other data can be used rockey4 hardware algo, imho. or any other.

I have Rockey 4ND Dongle , And need to Emulation . Can Any Body here help me please ? I make USBTRACE Log .

Please inform me if there are any body can help me to upload the log file .

thank you

tell us a software name...

software name is : PAD System V 4.8 .

I Upload the USDtrace Log here : http://www.4shared.com/document/wjSDPtiX/Rockey_Log.html

Please advise me this 2 question :
1 - How can Find PW1 & PW2 in the log ?
2 - How can Make Emulator of this dongle and Clone .

Your Advise and help will be very Appreicate ,

thanks again .

1 0x5665 0xA569
2 by self or with help any other...

SN 0x720A056D

PAD System V 4.8 have R4 shell on some executable/dll's

BfoX . I don't Know how much I have to say thanks for your help .

By the way , I'm looking to learn how to do Clone of this dongle . Rockey4nd Editor can do this ?

And how to do emulator , which tools can do Rockey4nd Emulator and how ?

Accept my appreciate and respect to your good-self .

thanks

Any Body else Know how to Emulator Rockey4ND here in this forum ?

If you will do nothing nobody help you for free.

Could someone re-upload Rockey4nd_dongle_Monitor.rar, link is dead .

PIVASIK : What Should I do ?
I upload the log . what can I use also ?

I was think this forum is no-commercial site , I received many message which ask me for money .

anybody can help without money ?

As I wrote if you want to get it for free - do something by yourself.
Load software to IDA and start debugging.

I have attach the usbtrace log file. How to find the p1 p2 basic passwords from it.

my usbtrace log file:- http://hotfile.com/dl/121133493/a3c8e1b/UTL.txt.html

@pdbh
P1: 160B, P2: 1A26

Promob Studio 2010 (.NET app) is using this dongle, successfully bypass the checks, program loadeds, but after about 10secs it crashes, any hint pls?

tracy:

make usbtrace log.

@robin1044: Rockey4nd_dongle_Monitor is hid level monitor...

@BFox: I could not get it finally :) could you please send me a link .
Anyway, USBTrace log is fairly good enough for Rockey4ND.

@robin1044: im not use/have this instruments. as i remember - he make log from hid level api and log is ciphered...

i have a HID Dongle Monitor tool & it's making my software log (HIDMonitor.log) but what is the next steep.

Bfox says the log is ciphered, so:
you need to:
1- decipher the log
2- make your own Emu
3- inject the log to Emu (reg or ...)

Seems totally useless tool, but would be appreciated if would be shred again :)

@robin1044

Thank you very much. The passwords are working. But I want to learn that in which section we should find them.I have software which is protected by Rockey4nd. The Software exe saves a *.epj file which is encrypted. Can we decrypt all encrypted saved *.epj files back to narmal *.epj format which will open with Normal Software Exe using p1 and p2? If yes how?

Thank you very much,
You are great..great.. and great

pdbhi

@pdbhi: you can upload the target software and cipher/decipher pair of the file?

@Bfox

May i upload software exe only? because the setup is above 3 GB. And it is difficult to upload from here through dial-up 128 kbps. I am attaching ciphered exe and pair of ciphered and deciphered pair of file. I have 400 ciphered files.So i want to learn how to deciphered it. Then I will deciphered all files myself.

ciphered ONLY Software EXE:- http://hotfile.com/dl/121579941/0759e68/FX5_NEW.zip.html

Ciphered/Deciphered files:- http://hotfile.com/dl/121580416/a6ee019/CiphDiciphFiles.zip.html

if you need Setup links,they are here, copy the above ciphered exe "FX5_NEW.exe" in "Program files/Edius 5/" folder.

Setup Links:-http://uploading.com/files/48ce2818/Canopus%2BEdius%2B5.12.part1.rar/

http://uploading.com/files/284a2faa/Canopus%2BEdius%2B5.12.part2.rar/

http://uploading.com/files/219dadb7/Canopus%2BEdius%2B5.12.part3.rar/

http://uploading.com/files/ma5c7627/Canopus%2BEdius%2B5.12.part4.rar/

http://uploading.com/files/2eb13md3/Canopus%2BEdius%2B5.12.part5.rar/

http://uploading.com/files/36m299ea/Canopus%2BEdius%2B5.12.part6.rar/



Thanks a lot.
Thanks for your support.

Unpacking it wasn't that hard...

OEP = 000024A0
RVA = 00544000
SIZE = 0000138C

- load FX5 in OllyDbg
- go to 004024A0 (CTRL + G => 004024A0)
- set a hardware BP on execution on 004024A0
- insert Rockey4ND dongle
- press F9 and it should break at the OEP
- go to memory map (ALT + M)
- right click on all sections of FX5 and click on Set Access > Full Access
- dump with OllyDbg PE Dumper By FKMA (delete last 2 sections & don't rebuild imports)
- now run ImportREC and attach to FX5 process
- specify OEP 000024A0, RVA 00544000 & SIZE 0000138C
- click on Get Imports (don't click on AutoSearch)
- click on Show Invalid
- right click on selected thunks and select Cut Thunk(s)
- click on Fix Dump and select earlier dumped FX5 executable
- execute new created file and enjoy the show...

Regards,
[PaWaa]

@pawaa

Thank u very much. I have unpacked ciphered exe. And it is working. But my problem is the project file *.ezp saved by ciphered exe can not open with the exe that we unpacked. The data files saved by ciphered exe are also ciphered.And Main part is to open ciphered *.ezp files with our unpacked EXE.

One more question for this exe how did you find OEP,RVA and size?

Is it possible to unpack *.ezp file while opend by ciphered exe from dumping memory?

Thanks once more.

Canopus%2BEdius%2B5.12.part3.rar deleted?

@Bfox

second links

http://rapidshare.com/files/283333300/Canopus_Edius_5.12.part01.rar

http://rapidshare.com/files/283342703/Canopus_Edius_5.12.part02.rar

http://rapidshare.com/files/283352340/Canopus_Edius_5.12.part03.rar

http://rapidshare.com/files/283361702/Canopus_Edius_5.12.part04.rar

http://rapidshare.com/files/283374967/Canopus_Edius_5.12.part05.rar

http://rapidshare.com/files/283385232/Canopus_Edius_5.12.part06.rar

Canopus_Edius_5.12.part06.rar 100M ? previsions one is 73.7 M

Please use 2nd upload. Both are totally different.Sorry for it.

@pdbhi,

Actually, what FX5_NEW.exe is ? it's a packed Edius.exe with Rockey4ND envelope... right? so OEP,RVA & Size were taken from Edius.exe...

my conclusion is .... you don't need to unpack exe or decrypt 400 project files, just emulate the dongle and you are done...

First open the *.ezp project files in hex editor and you see that the original ezp has PK header (used by edious to zip compress project files) and encrypted ezp has scrambled header because its ciphered by R4nd envelope... Now what you do is open Protected FX5 exe in hex editor and search for ezp and change it to xxx or some other extension.. What this dose is that while you open the encrypted project with dongle and save as the project you get .xxx extension for saving.. and when you save as to a new file edious dose not go into the ezp routine which ciphers the project again but simply saves it in PKzip format...After save project and close edious change the extension xxx back to ezp and its good to load the project with original edious exe ...
But thats only half done....
The X3D effect files are also enveloped and for that you need to make clone dongle or emulation or somewhere bfox mentioned by using some hardware algo with passwords to unpack files if he can put some light on it...

Canopus_Edius_5.12.part07.rar is lost...

@flasher97

Thank u very much.You are right. I had deciphered the ezp projects by changing the exe and extension to xxx and its working but the problem with X3D effects. Any sollution for deciphere X3D files?
I have some normal deciphered X3D files and also the same ciphered X3D files. Is there any way to deciphere by comparing both files?

Thanks...

@pawaa

THank u for reply.

I know basic passwords p1 p2 of my ro_key4nd dongle. But i don't know how to emulate? Should anyone teach me to emulate ro_key4nd dongle?

Another info....Why i want to decipher the ezp files? Because the ciphered exe was version 5.12 and today the latest version of edius is running EDIUS 6.xx. so i want to use it with new version. we are using with it. The ciphered X3D and FX5 are working only with Windows XP 32bit so we can't take advantage the power of Windows 7 Ultimate 64 Bit.

Thanks for Reply.

@BfoX

Sorry...Sorry...Sorry...

Very sorry for the problem.Because i cant't upload it from here with 128Kbps dial-up slower connection.



Sorry once again..your support is very important for me.

to decipher the project file you dont need to hex-edit fx5.exe... follow the following instructions:

- open your desired project in fx5
- click on save as
- change file type to all files
- specify the file name with any extention other then ezp
- click on save and your project is deciphered

thanks pawaa


I have done it. But one more problem one more file type *.x3d is also ciphered and we don't have its ciphered exe that create it. So now we have to emulate it. How to emulate Ro_key4nd using Password p1,p2. I know the passwords p1,p2.

the x3d files are used as plugin for edius. but it is also ciphered and no creater of those files we have.

Thanks again

How to emulate rockey4nd using password p1 p2?

@pdbhi: remove the dongle shell, next patch api inside your target, recovery user algo (if used), make table for hardware algo, etc.

or use any other service outside retBB...

when it comes to the emulation, i don't think that your desire will be entertained properly, because some people are making living out of it, not me but there are some professional dongle replicators around, who willl never tell you their trade secret.

But you can always patch original fx5_new.exe's stub or envelope to fool it, but it requires a lot of study of codes and intensive patching...

The main secret is knowledge, you don't want to learn. 99.5% of just registered users here want to get a tool with one "Make it working" button.
Be fair and get off the pink glasses from your eyes. All that people want free or cheap software to earn money. Even so-called "students", who ask software for free, want to get extra experience with that software to earn more money in the future.

Finally, want to get something free - do it by yourself. And only if you spent few days in analysis and debugging, break your mind but can't solve the problem - ask here, and I am sure you will get reply.

@pivasik

I am searching for emulating it since April 2010.I have no other way to do it. So i asked here.

Thanks

you can upload part7 ?

April 2011? Man, most of seniors here researching single protections over the years just to improve solutions and fix bugs.
Did you download dongle SDK, reverse protocol, make filter or vusbus stub to monitor requests?
What did you do from April 2011?

my arguments were already in your favor, because I am the one who is helping, not seeking help...

I am one of those 10.5% of just registered users who has enough knowledge to help others but still learning.

Back to technical talk please or the thread will be closed. If you want to argue go to one of the social networking sites.

Git

@Git:

my apologies for going off topic, but i think this thread is already been SOLVED...

The topic was "how to unpack Rockey4ND data files" and I have demonstrated even how to unpack R4nd exe along with the data files, for emulation experiments a new thread can be started anytime...

Thanks for the advice, but we'll carry on doing things they way we always have if that's OK with you.

Git

haha, you are the boss...

EMULATION WORKS! :-)

Many thanks to narciszu & G3n1us for the wonderful help!

Just for my own knowledge, could someone point me to any material on unpacking the HASP-HL envelope? (if it is at all possible);)

@BfoX


Sorry for delay in dowanload


Totally New upload of EDIUS

http://ugotfile.com/file/714346/Canopus_Edius_5.12.part01.rar
http://ugotfile.com/file/714345/Canopus_Edius_5.12.part02.rar
http://ugotfile.com/file/714348/Canopus_Edius_5.12.part03.rar
http://ugotfile.com/file/714347/Canopus_Edius_5.12.part04.rar
http://ugotfile.com/file/714349/Canopus_Edius_5.12.part05.rar
http://ugotfile.com/file/714350/Canopus_Edius_5.12.part06.rar

thanks

@ pdbhi
Edious .exe has no effect on the X3D files
When you install magic Key setup ..it extracts 2 modified plugins TscSTD61.TPI & TscSTD65.TPI in explode plugin folder,those control the loading of X3D files in edious xplode...And the TPI files are dongle protected to..Basically the TPI files are C++ Dlls..The Problem is the TPI files have modified headers or some antiolly trick and do not load into ollydbg ..infact they load but no sections loads...Maybe you can share those files here alone for someone to figure out the header issue ...

@pdbhi: upload Canopus_Edius_5.12.part07

@flasher97

both of these files are also packed with R4nd envelope, unpacking these files will not solve the problem because all the effects are also ciphered...

unpacked TscSTD61.TPI & TscSTD65.TPI can be downloaded from the following link: Xplode.tpi.zip (368KB) (http://www.mediafire.com/?dg4oo9pukimizeo)

Those are not unpacked files...
you have just uploaded original explode TPI files

that's what it means, unpacked/unprotected/untouched...

you miss-understood...

Any Idea to decipher files for comparing ciphered/deciphered sample files and recover cipher algoritham?

thanks

as a key clone rockey4nd