ROCKEY4 Dongle Shell Emulator

http://rapidshare.de/files/38038038/R4_Emulator_2007.12.10.rar.html

Msn:Softcrk@hotmail.com

hmm..dos this R4 shell emul support RY_SEED api in full or just uses table-based method?

hmm..dos this R4 shell emul support RY_SEED api in full or just uses table-based method?




i can calculate rockey4 RY_seed...I only need dongle BAs1 and BAS2 AND hardware ID

I write rockey4 emulator can emulator all api:D

i can calculate rockey4 RY_seed...I only need dongle BAs1 and BAS2 AND hardware ID..
hmm, good for you; feitin says that their hardware algo depends on both of bas & adv passwords, I do possess RY_seed algo for a sample dongle, can see p1 & p2 explicitly but not p3 or p4; also there is a constant which I guess is calculated from p3 & p4; any idea?

..I write rockey4 emulator can emulator all api:D

even user algo ? ;)

hmm, good for you; feitin says that their hardware algo depends on both of bas & adv passwords, I do possess RY_seed algo for a sample dongle, can see p1 & p2 explicitly but not p3 or p4; also there is a constant which I guess is calculated from p3 & p4; any idea?

Have p1 and p2 always can emulator it,but very disamenity.

even user algo ? ;)

YES..........

hmm, good for you; feitin says that their hardware algo depends on both of bas & adv passwords, I do possess RY_seed algo for a sample dongle, can see p1 & p2 explicitly but not p3 or p4; also there is a constant which I guess is calculated from p3 & p4; any idea?



even user algo ? ;)

Have p1 and p2 always can emulator it,but very disamenity.
I can calculated algo

Have p1 and p2 always can emulator it,but very disamenity...
I can calculated algo
maybe RY_SEED=f(P1, P2)..I'll have try my algo with another r4 to check it...

PS can you post/PM any tool for dumping user algo zone?

very good Softcrk, can you post/PM any tool for dumping user algo zone?

I don,t write any DUMP tools,you can From www.nodongle.biz download dmp tools

I don,t write any DUMP tools,you can From www.nodongle.biz download dmp tools

BWAHAHHAHAHA..nodongle.biz..HEHEEE...so you are here just to advertise nodongle...;)

well, my apology for saying this, I don't think you possess r4 hardware algo or anything you just claimed...:p :D

PS I'm 100% sure that www.nodongle.biz team do not have full emul for Rockey4%..contact me if you desire and I can prove;

BWAHAHHAHAHA..nodongle.biz..HEHEEE...so you are here just to advertise nodongle...;)

well, my apology for saying this, I don't think you possess r4 hardware algo or anything you just claimed...:p :D

PS I'm 100% sure that www.nodongle.biz team do not have full emul for Rockey4%..contact me if you desire and I can prove;

I emulator r4 shell,only need p1 and p2,and ID..
I can form p1,p2,id find shell algo.....
I know nodongle trem do not emulator r4 all api and not emulator shell....
you want emu r4 shell,nodongle.biz tools always enough
If you want emu r4 shell,I can help you...

As I know, softcrk was real Rockey4 expert. He can emu this dongle better than nodongle.biz team.
Actually, RY_seed function just depend on the HID and Basic PW1&PW2. the Advanced PW3&PW4 is used for user algo function.;)

BWAHAHHAHAHA..nodongle.biz..HEHEEE...so you are here just to advertise nodongle...;)

PS I'm 100% sure that www.nodongle.biz team do not have full emul for Rockey4%..contact me if you desire and I can prove;
I don't think that he want advertise nodongle.
Also, I confirm that nd.biz team never had or proposed universal (full) solution for Rockey 3/4/5/6 dongles. All solutions were software-specific.

He can emu this dongle better than nodongle.biz team.
Don't want to flame here, but LOL... Solution should be so simple as possible, but not simpler. It means if you want solution for specific software - you can make and use it, not depends of it's internals or implementation. It can be bithack, loader, emulation, etc. Universal vs specific solutions like atomic bomb vs gun.

p.s. (special for cEngenEEr) exactly, nd.biz team not exists at all in common sense of "team" word. And... thanks for good releases on the scene.

well, after a long time an interesting thread has began and hopefully it won't die so soon...:cool:

As I know, softcrk was real Rockey4 expert....
hmmm....well, the emul itself is totally VMProtected and there is no chance for direct analysis, so I coded a simple filter driver for monitoring R4 api call; I run "E4_NOTEPAD_SHELL_TEST.EXE" 3 times and found the following output in the logger...

RY_Find | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:9ACC,P2:139A,P3:2FD7,P4:DFA0 - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0016EAB3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0016FE3B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:001711C3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0017254B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:001738D3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00174C5B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00175FE3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0017736B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:001786F3 -> Ret:0000

RY_Find | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:9ACC,P2:139A,P3:2FD7,P4:DFA0 - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00022C36 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00023FCE -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00025356 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:000266ED -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00027A75 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00028DFD -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0002A185 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0002B50D -> Ret:0000

RY_Find | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:9ACC,P2:139A,P3:2FD7,P4:DFA0 - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00040905 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00041C8D -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00043024 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:000443BC -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00045744 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00046ACC -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00047E54 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:000491DC -> Ret:0000
Here I can see that each time the first call to RY_SEED returns correct answers, using this value R4SELL calculates a 192-bit DES key and decrypts the software itself; for the rest of RY_SEED calls which are perform for envelope background checks, the emulator simply return the basic passwords which are totally useless; I know that neither envelope nor the software itself doesn't use them and SW successfully starts, what I was saying is that this can't be universal solution but a custom emul;

@Softcrk: if this you really have hardware algo of R4, then why your emul doesn't calculate simply the right answer for all of RY_SEED request?

...Actually, RY_seed function just depend on the HID and Basic PW1&PW2...
I disagree..you have missed Adv.P3, Adv.P4; ;)

...the Advanced PW3&PW4 is used for user algo function.;)
user algoes are defined by user and their result\calculation has nothing to do advanced passwords. you need PW3&PW4 just for writing the algoes on dongle...

....Universal vs specific solutions like atomic bomb vs gun....
me thinks exactly the same.

Regards
___________
cEnginEEr

well, after a long time an interesting thread has began and hopefully it won't die so soon...:cool:


hmmm....well, the emul itself is totally VMProtected and there is no chance for direct analysis, so I coded a simple filter driver for monitoring R4 api call; I run "E4_NOTEPAD_SHELL_TEST.EXE" 3 times and found the following output in the logger...

RY_Find | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:9ACC,P2:139A,P3:2FD7,P4:DFA0 - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0016EAB3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0016FE3B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:001711C3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0017254B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:001738D3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00174C5B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00175FE3 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0017736B -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:001786F3 -> Ret:0000

RY_Find | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:9ACC,P2:139A,P3:2FD7,P4:DFA0 - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00022C36 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00023FCE -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00025356 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:000266ED -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00027A75 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00028DFD -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0002A185 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:0002B50D -> Ret:0000

RY_Find | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:1111,P2:2222,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:9ACC,P2:139A,P3:2FD7,P4:DFA0 - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00040905 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00041C8D -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00043024 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:000443BC -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00045744 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00046ACC -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:00047E54 -> Ret:0000
RY_Seed | P1:1111,P2:2222,P3:0000,P4:0000 - LP2:000491DC -> Ret:0000
Here I can see that each time the first call to RY_SEED returns correct answers, using this value R4SELL calculates a 192-bit DES key and decrypts the software itself; for the rest of RY_SEED calls which are perform for envelope background checks, the emulator simply return the basic passwords which are totally useless; I know that neither envelope nor the software itself doesn't use them and SW successfully starts, what I was saying is that this can't be universal solution but a custom emul;

@Softcrk: if this you really have hardware algo of R4, then why your emul doesn't calculate simply the right answer for all of RY_SEED request?


I disagree..you have missed Adv.P3, Adv.P4; ;)


user algoes are defined by user and their result\calculation has nothing to do advanced passwords. you need PW3&PW4 just for writing the algoes on dongle...


me thinks exactly the same.

Regards
___________
cEnginEEr


You are the master:) ..................
You too were formidable.............

You are the master:) ..................
You too were formidable.............

Don't get me wrong Softcrk, I'm not trying to prove anything about myself at all...your work is very good and no one can deny, I just ask some questions to clarify state of the emulator.

Don't get me wrong Softcrk, I'm not trying to prove anything about myself at all...your work is very good and no one can deny, I just ask some questions to clarify state of the emulator.



you are the best one that i have ever seen about analysis debug.
my driver is made myself.
this is a DEMO.publish.
i can emul all of api .
the driver , i can do the univeral publish ,but i do not want to do the univeral publish .
there is something is personal,so i do not talk on internet.
for the results , wong or right , i just know
and i think that you know,too
all of dongle shell is the most difficult : algo or uses table-based method
i can do anything to approach the right result .
i come from Taiwan.
i am not good at ENGLISH.
this paper is someone writen for me.
give me your e-lmail address , i want to talk you more.
:D

RY_seed function depend on the Basic PW1&PW2 ONLY.

Old shell can be removed without dongle. New shell used 3DES cipher and need knowledge algo or make table for removing it.

RY_seed function depend on the Basic PW1&PW2 ONLY.

Old shell can be removed without dongle. New shell used 3DES cipher and need knowledge algo or make table for removing it.



New shell always success

:D

New shell always success :D

Show it here :P

Show it here :P


Can you emulator new shell ?
Give me you shell software and monitoring data or debug dongle data.....I make it

please mail to softcrk@gmail.com or softcrk@hotmail.com

Can you emulator new shell ?


yes, sure. my table emule is passed old and new shell.

yes, sure. my table emule is passed old and new shell.



p1:BB39 P2:B4B4 Rockey 1.0 emulator:D


http://rapidshare.de/files/38055963/BB39-B4B4-R4-emul.rar.html

Yes, work. Only for ONE seed=0x00001000. Universal has work with 2^32.

p1:BB39 P2:B4B4 Rockey 1.0 emulator:D
a custom solution like the previous one....

... Universal has work with 2^32.

..and I think you don't have it ;)

[QUOTE=cEnginEEr;4854]a custom solution like the previous one....



PW1 BB39 BW2 B4B4

Seed Handle:0000 LP2:00000000 P1:77E8 P2:0857 P3:2BB3 P4:2273 Ret:0000
Seed Handle:0000 LP2:00000100 P1:FE1C P2:7B40 P3:03F1 P4:59AC Ret:0000
Seed Handle:0000 LP2:00000200 P1:D84E P2:E82D P3:AA04 P4:8B0A Ret:0000
Seed Handle:0000 LP2:00000300 P1:2576 P2:E380 P3:4D84 P4:9BD0 Ret:0000


Seed Handle:0000 LP2:00000011 P1:BA02 P2:FDFC P3:3C1A P4:74C1 Ret:0000
Seed Handle:0000 LP2:00000012 P1:12C5 P2:30FE P3:6E43 P4:E61E Ret:0000
Seed Handle:0000 LP2:00000013 P1:D910 P2:5B14 P3:A496 P4:7567 Ret:0000
Seed Handle:0000 LP2:00000014 P1:BC3A P2:5E8B P3:3757 P4:7607 Ret:0000


Seed Handle:0000 LP2:00001001 P1:EE0E P2:7546 P3:8D93 P4:8601 Ret:0000
Seed Handle:0000 LP2:00001002 P1:F2E4 P2:FB20 P3:849C P4:09D6 Ret:0000
Seed Handle:0000 LP2:00001003 P1:DD33 P2:D5D2 P3:1C06 P4:61A2 Ret:0000
Seed Handle:0000 LP2:00001004 P1:B4A1 P2:289F P3:A77A P4:1461 Ret:0000

Softcrk, do you think that adding some more entries to RY_SEED emulation table makes it universal? ;) see my log output:

RY_Find | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:2EC6,P2:3546,P3:499B,P4:BB0E - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00018269 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:000195F1 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0001A979 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0001BD01 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0001D089 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0001E411 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0001F799 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00020B21 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00021EA9 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00023231 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:000245B9 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00025941 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00026CC9 -> Ret:0000


RY_Find | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP1:00000001 -> Ret:0000
RY_Open | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP1:00000001,LP2:00000001,Handle:0000 -> Ret:0000
RY_Seed | P1:2EC6,P2:3546,P3:499B,P4:BB0E - LP2:00001000 -> Ret:0000
RY_Close | Handle:0000 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0002ED92 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003011A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:000314A2 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003282A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00033BB2 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00034F4A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:000362D2 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003764A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:000389D2 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00039D5A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003B0E2 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003C46A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003D802 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003EB7A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0003FF12 -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:0004128A -> Ret:0000
RY_Seed | P1:BB39,P2:B4B4,P3:0000,P4:0000 - LP2:00042622 -> Ret:0000

not a good trick, you R4Guru :D :D :D

hi all
user algo of a rockey4 dongle can be emulate via a well defined neural netwrok, just see input/output values and count ,and note that rockey4 chip is a famouse 8 bit cypress chip, so all operations must be done via 8 bit operators ,mostly add and xor, i did such exam long time ago successfully on my rockey4 dongle.
btw, trojan algo is a good idea and i know one of my friends successfully implimented on a rockey5.
and one more important info is rockey is a good dongle, its design logic is better than hasp and sentinel, but becuase of its bad interface which is hard to work, i do not like it. may of developers so not use in same reason. so we ca not see many sofwtares which protected with rockey,so as a reverser i prefer to work on more famouse dongles.:D

rockey4 expert Softcrk,please emulate one which,the data is available at http://reteam.ys168.com
thanks

Hi Softcrk,
I've read your post in RCE board about R4 emulator.
You can make R4 Shell emuator.I've a problem and want our advice from you how to make R4 emulator.
I 've dump Rockey4 dongle in file 12FB4.txt by R4Monitor.exe.But i don't know how to make and R4 shell emulator ( sys file)?
Can you help me or advice me what tools to make it?
I upload dumpfile in R4Monitor&dongledump.rar and Software Easy Pro for you to test.
I'waitting for your help.
Link of this ....
http://rapidshare.com/files/90833608/EasyPro.rar
http://rapidshare.com/files/93708904/Rockey4monitor_dongledump.rar.html
TIA
tale

@tale: all in you .txt file... :D

@tale: all in you .txt file... :D

I can't make from .txt file.
Can you help me? Sir.
TIA
tale

Hi Softcrk,
I've read your post in RCE board about R4 emulator.
You can make R4 Shell emuator.I've a problem and want our advice from you how to make R4 emulator.
I 've dump Rockey4 dongle in file 12FB4.txt by R4Monitor.exe.But i don't know how to make and R4 shell emulator ( sys file)?
Can you help me or advice me what tools to make it?
I upload dumpfile in R4Monitor&dongledump.rar and Software Easy Pro for you to test.
I'waitting for your help.
Link of this ....
http://rapidshare.com/files/90833608/EasyPro.rar
http://rapidshare.com/files/93708904/Rockey4monitor_dongledump.rar.html
TIA
tale


Trojan/win32.agent.abj kill

Trojan/win32.agent.abj kill


i dont think so...maybe stupid nod32 :))

i dont think so...maybe stupid nod32 :))

bit defender detect it as trojan.agent.pw :D

It is also detected as a trojan using kaspersky 6.0.

many antivirus say about almost all cracking tools that it is trojan :) , but who knows :)

many tools witch do hooking gets detected as trojans by antivirus.

It simply OLD Rockey4 Shell...

@tale: check PM pls. :D

Hi Bfox,
Thanks very much for help.
I esteem you.
tale.