Dumping Hasp HL keys

How can be emulated hasp HL max http://www.aladdin.com/hasp/max.aspx (http://www.aladdin.com/hasp/max.aspx). It works of course for Pro and Time.

What we need:

a key
dumper – i used h5dmp.exe
TORO hasp monitor
Sataron’s UniDMP2reg convertor
emulator – i used Chingachguk vusb emulator


1. So at first, install dongle drivers, connect a dongle, run Toro monitor.
2. start your protected application and used it.
3. in TORO monitor you will see password for your key and memory of your dump. So use your protected software as usual, try to open all menus and dialogs, use every function …
4. Save log file, and save log file.
5. use dumper and dump the key. Result will be – two files hasp.dmp (about 790 B in my case) and hhl_mem.dmp (about 4 KB).
6. then use Sataron’s Unidump2reg and make a reg file (use vUSB Hasp HL option). You can edit this regfile and change licensing of your program (if it uses – hl max can be used for 112 programs)
7. And now the most important thing. Hasp HL uses enveloping technology with 128-bit AES symmetric encryption engine on key.

In TORO log we will find pairs. They can be found in the pairs window too.

Instructions can look like this one:

HaspHL In:> Hasphl_decrypt, Length=32
Data:
4284 ... ... ... 84ADA4 – It is a question for hash key
HaspHL Out:> Hasphl_decrypt Status=0 (0x0)
Response:
8222 ... ... ... 84ADA4 – And the key respond – it is his answer

(I remove part of code)
So what we will do with it? We will do Q/A table. This is Questions and Answers table in reg file. I added it on the end of file.

Data or question of IN – write in Qtable
Response or answer or OUT – write in Atable
Data shoul be write in pairs like these: 4284 ... ... ... 84ADA4 should be write: 42,84, ... ... ... 84,AD,A4

The end of regfile shoul look:

... regfile

"QTable"=hex:\
42,84,... 84,AD,A4,\


"ATable"=hex:\
82,22,C2 ... 84,AD,A4,\

Your program can use only one Q/A or too many. You must add them all. Then you can save your regfile.


8. Add reg file into registry
9. unplug your dongle
10. Install Chingachguk & Denger emulator, vusbbus.sys must be 0.15 or above. If all went fine, new device Hasp HL was found.
11. Your program should run


I hope, this text will help.

Vusb 0.15.1.4 can handle encrypt function too.

For a large Q/A pairs from Toro Emulator, you can use splitter.

Hm, but what will you do if the program generate in each run another Q/A pairs ?

i never saw application that uses one query/response

i have one haspHL protected soft that have about 1200 pairs :))

so its almost imposible to construct table manualy

Hm, but what will you do if the program generate in each run another Q/A pairs ?

dump program on the first AES request & find QA tables, but public emulator is not fully correct works

i never saw application that uses one query/response

i have one haspHL protected soft that have about 1200 pairs :))

so its almost imposible to construct table manualy

you can always make some program to solve this problem automaticaly.

Hm, but what will you do if the program generate in each run another Q/A pairs ?

this problem Q/A table probably will not solve.

this problem Q/A table probably will not solve.


i dont know that is this right ??:confused:

program generate random q\r :confused:

dump program on the first AES request & find QA tables, but public emulator is not fully correct works

I thought that also commercial emulators support only table emulation, so in this case if program generates at each start different Q/A pairs you cant emulate it...?! Or i am wrong and there are full solutions?

I Have Seen Full solutions ;)

HERE IS TABLE BASED EMULATOR WITH THE SAMPLE REG FILE
suitable with what fejkus said :)

I Have Seen Full solutions ;)

HERE IS TABLE BASED EMULATOR WITH THE SAMPLE REG FILE
suitable with what fejkus said :)

HASP HL have 2 AES funcz - AES Encode & AES Decode [0x013F/0x0140]
but its emulator supports only one function

you must extract pair tables from .protect section of envelope, envelope use these tables to make randome query check.
there are 5 tables at max, each contain 256 pair, then add those pairs with pairs from log file and then construct hasp hl emulator, it will work

I Have Seen Full solutions ;)

HERE IS TABLE BASED EMULATOR WITH THE SAMPLE REG FILE
suitable with what fejkus said :)
Toro, foffa attached the one vusbbus emulator for hasphl, and tyrus says this things (HASP HL have 2 AES funcz - AES Encode & AES Decode [0x013F/0x0140] but its emulator supports only one function), what comments about it?

you must extract pair tables from .protect section of envelope, envelope use these tables to make randome query check.
there are 5 tables at max, each contain 256 pair, then add those pairs with pairs from log file and then construct hasp hl emulator, it will work

can you tell us, what method can we use to extract pair tables from .protect section?

and any example?

Thank you TORO.

Toro, foffa attached the one vusbbus emulator for hasphl, and tyrus says this things (HASP HL have 2 AES funcz - AES Encode & AES Decode [0x013F/0x0140] but its emulator supports only one function), what comments about it?

there is tiny small trick in the emulator which enables the mixing of reg files ;)

@foffa

so does this mean that we can use the pairs from toro's monitor directly in QTable/ATable
for example
first pair from toro's monitor = aaaaaaaaaa,bbbbbbbbbb
second = ccccccccc,ddddddddd

QTable:\
bb,bb,bb,bb,bb,bb,bb,\
dd,dd,dd,dd,dd,dd,dd,

ATable:\
aa,aa,aa,aa,aa,aa,aa,\
cc,cc,cc,cc,cc,cc,cc,

i mean is this enought
or we need to extract from protect section also

regards

you must extract pair tables from .protect section of envelope, envelope use these tables to make randome query check.

toro was clear in that
you need that when envelope use random check

right toro ??

I think tyrus mean this is missing on reg files?
REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\57FD245C]
"Name"=""
"Copyright"=""
"Created"=""
"Type"=dword:00000000
"Memory"=dword:00000000
"SN"=dword:00000000
"Data"=hex:AA,BB,CC....
"Option"=hex:AA,BB,CC....
"SecTable"=hex:AA,BB,CC....
"QTable"=hex:AA,BB,CC....
"ATable"=hex:AA,BB,CC....
"NetMemory"=hex:AA,BB,CC....
"ColumnMask"=dword:00000000
"CryptInitVect"=dword:00000000
"TimeShift"=hex:00,00,00,00,00,00,00,00
"HaspTimeMemory"=hex:00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 ,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF

I think tyrus mean this is missing on reg files?

Tyrus was real HASPHL expert, don't doubt whether he clear know what's the simply usage. He just mean the publiced emulator only support one of AES Encode/Decode [0x013F/0x0140] function so it's only work with part of HASPHL protected software.;)

Tyrus was real HASPHL expert, don't doubt whether he clear know what's the simply usage. He just mean the publiced emulator only support one of AES Encode/Decode [0x013F/0x0140] function so it's only work with part of HASPHL protected software.;)
humm!
its mean our discussion about the hasphl for (Chingachkug) emulator is tottally wronge, Its mean chingachkug emulator is tottaly fake.

humm!
its mean our discussion about the hasphl for (Chingachkug) emulator is tottally wronge, Its mean chingachkug emulator is tottaly fake.
No. Chingachkug HASP open source emulator is totally perfect solution for almost all dongles. But the publiced HASPHL emulator just can solve less than 50% of your requirement. It's not mean it's wrong, just mean it's not full.

No. Chingachkug HASP open source emulator is totally perfect solution for almost all dongles. But the publiced HASPHL emulator just can solve less than 50% of your requirement. It's not mean it's wrong, just mean it's not full.
Ok, Tyrus can you tell us details about the hasphl dongle (AES) Functions?

Ok, Tyrus can you tell us details about the hasphl dongle (AES) Functions?
souze you only waist your time, basically (Tyrus and Toro) Professional cracker, If you want good solution then purchase the resource with him.

souze you only waist your time, basically (Tyrus and Toro) Professional cracker, If you want good solution then purchase the resource with him.

hmm, if any one need a ready to work solution, you are true and such guys must buy, btw i left enough information to make a solution for hasp hl by yourselves, using my logger and manual or automatic extraction of pair tables from .protect section of envelope file, and using hasp hl usb emulator ( there are some variations) you can simply emulate hasp hl enveloped files

hmm, if any one need a ready to work solution, you are true and such guys must buy, btw i left enough information to make a solution for hasp hl by yourselves, using my logger and manual or automatic extraction of pair tables from .protect section of envelope file, and using hasp hl usb emulator ( there are some variations) you can simply emulate hasp hl enveloped files
:D Toro, we know u r good teach us about hasphl & give us good IDA about the cracking but here is main problem in (chingachkug hasphl emulator) he is support hasp hl or not, bcz tyrus say he have not complete? Or you have complete vusbbus.sys file for hasphl then share it?

hmm, if any one need a ready to work solution, you are true and such guys must buy, btw i left enough information to make a solution for hasp hl by yourselves, using my logger and manual or automatic extraction of pair tables from .protect section of envelope file, and using hasp hl usb emulator ( there are some variations) you can simply emulate hasp hl enveloped files TORO - take my 100% agree with youre words!


tyrus say he have not complete?
Tyrus say right. If some one want - make another emulator - by youreself :)

Or you have complete vusbbus.sys file for hasphl then share it? - why WE must share anything? What useful tools U share? or souze_villy share? or other???

P.S. souze_villy - don`t write in my PM pls... its allready full :)

mum_96
this vusbbus.sys does not support hasphl_encrypt
only hasphl_decrypt is supported

humm!
sataron its mean u make a wrong (vusbbus.sys) 4 HaspHL then y you share it to public? What purposes of its use, its mean you make fool to every body or what?

humm!
sataron its mean u make a wrong (vusbbus.sys) 4 HaspHL then y you share it to public? What purposes of its use, its mean you make fool to every body or what?
mum_96 pls don't use the wronge talking.
Sataron is good senior member.
Sataron Sir, I have any thing new then I must share still I don't have any thing for sharing, you don't share this is your rights.

mum_96 pls don't use the wronge talking.
Sataron is good senior member.
Sataron Sir, I have any thing new then I must share still I don't have any thing for sharing, you don't share this is your rights.
I don't use the wrong talking I only ask about some fair, basically hasphl for (chingachkug based emulator), we are discussion about it many times ago I look many comments people are write then sataron (I don't know who he is) he is not write the any comments about it who write today. I don't ask any think with sataron, I ask with toro, I don't know why he write that you share any things there, If I have good solution then I don't ask about it with you I must share every think.

humm!
sataron its mean u make a wrong (vusbbus.sys) 4 HaspHL then y you share it to public? What purposes of its use, its mean you make fool to every body or what?

pls... show me WHERE im share any emulator?????
if im give some files to somewere - its not mean that im make it!!!

All that im make and share is - UniConverter and Logger (in 1/2 part of me).

And... what comment will be next??? :cool:

pls... show me WHERE im share any emulator?????
if im give some files to somewere - its not mean that im make it!!!
All that im make and share is - UniConverter and Logger (in 1/2 part of me).

And... what comment will be next??? :cool:
Sataron! u r look above mention? what you wrote (- why WE must share anything?) what do u mean about this phrase? It's mean u r share some fake emulator or perfection solution u take in hand.

Actually, I am looking in (www.cracklab.ru), some people r discussion ur emulator, there is u write some comments on public about (Q/A Table), but u r not tell to any body that ur emulator is not complete, here is every one need 100% good solution. Which person share ur emulator u must tell every body that this is not completed. but u r not tell, every one understand that this is 100% good and try to discuss with it then (Tyrus) tell this is not full for hasphl, I don't know about u what is ur link with this emulator bcz emulator in write (chingachkug & Danger2k). So I discuss with toro.
However, forget all, u clear every one mind that this emulator is not perfect for hasphl this is not full, every one make good mind that this emulator as fake security bcz not use full for HaspHL. Every one is clear, u also look here every one close discussion. So better this is we r not try to discuss on it. This is good with u and I we r not try to discuss in fake security.

Sataron, I asking question about knowledge, If anybody make (Dumper + Emulator + Convertor) make then why he hide the (Emulator + Convertor)? I think (Dumper + Emulator) is public bcz, If anybody make the solution then he will must give the (Dumper + Emulator) with solution, Or crack is understand that my emulator is get any other then he also get benefit, but I think he also make the emulator too.

i never saw application that uses one query/response

i have one haspHL protected soft that have about 1200 pairs :))

so its almost imposible to construct table manualy

the program for large .pair files is done. it can open .pair file from Toro hasp monitor and create txt files for Q/A table - separated with ",".

it is in testing, if anyone want to try, then PM me.
later i will upload it on Alisa site.

and other thing, program can filter out identical q/a.

Sataron, I asking question about knowledge, If anybody make (Dumper + Emulator + Convertor) make then why he hide the (Emulator + Convertor)? I think (Dumper + Emulator) is public bcz, If anybody make the solution then he will must give the (Dumper + Emulator) with solution, Or crack is understand that my emulator is get any other then he also get benefit, but I think he also make the emulator too.

I don't see any reason, why anyone who programmed any dumper or emu or conv must share anything of that. it is his programm(s).

If dumper is available, mostly it is mean only, that emulator will be sent to you when you buy a solution.

Sataron! u r look above mention? what you wrote (- why WE must share anything?) what do u mean about this phrase? It's mean u r share some fake emulator or perfection solution u take in hand.

Actually, I am looking in (www.cracklab.ru), some people r discussion ur emulator, there is u write some comments on public about (Q/A Table), but u r not tell to any body that ur emulator is not complete, here is every one need 100% good solution. Which person share ur emulator u must tell every body that this is not completed. but u r not tell, every one understand that this is 100% good and try to discuss with it then (Tyrus) tell this is not full for hasphl, I don't know about u what is ur link with this emulator bcz emulator in write (chingachkug & Danger2k). So I discuss with toro.
However, forget all, u clear every one mind that this emulator is not perfect for hasphl this is not full, every one make good mind that this emulator as fake security bcz not use full for HaspHL. Every one is clear, u also look here every one close discussion. So better this is we r not try to discuss on it. This is good with u and I we r not try to discuss in fake security.


SO, IF YOU NEED 100% SOLUTION, MAKE IT YOURSELVES.

and on the other side, version of emulator linked in this thread is 0.15, so when it was wrote, may be decrypt function was all that programmer has needed. Or he didn't want to share full solution.

and don't be vulgar in this thread, specially to professionals (Sataron, Toro, Tyrus ... and others).

Btw, Sataron and Toro, thank you so much for your work, and for sharing your work.

the program for large .pair files is done.

i made my program for this puropse.anyway thanks for infos

only remaining problem is extraction of random query tables form protect section of envelope.

i made my program for this puropse.anyway thanks for infos

only remaining problem is extraction of random query tables form protect section of envelope.

yes, this problem remains. but i have one programm, that use random q/a, but i make q/a from first run of program, and it works ... so i don't know, how it is possible, but ... it works ...

can we exchange programms? only for my interest?

I know wich person make the emulator, he is not share any think, but here are discuss with one emulator he is righ or wrong, if sataron is make fake emulator then he must tell every member this is not good.

I know wich person make the emulator, he is not share any think, but here are discuss with one emulator he is righ or wrong, if sataron is make fake emulator then he must tell every member this is not good.
Who author of this emulator????? Tell !!!
Im tell again - im not author of this emulator. If im can explain something - is mean that im know something about technology of making Q/A. Im know author of this emul - im was betatester.
Then... Show me.... what programm is nor run whis this emul? For why u need FULL solution. Im agree with fejkus IF YOU NEED 100% SOLUTION, MAKE IT YOURSELVES.
And im not understand why - Im must tell anything for any, or personal for U - WHU ARE U?????


SO, IF YOU NEED 100% SOLUTION, MAKE IT YOURSELVES.
and on the other side, ... , so when it was wrote, may be decrypt function was all that programmer has needed. ...
and don't be vulgar in this thread, specially to professionals (Sataron, Toro, Tyrus ... and others).
Btw, Sataron and Toro, thank you so much for your work, and for sharing your work.
Agree on 100%!!! Thank!!!

I know wich person make the emulator, he is not share any think, but here are discuss with one emulator he is righ or wrong, if sataron is make fake emulator then he must tell every member this is not good.
MUM_96
why r u crying here?
i think SARATON already shared too much for us.
who are you and what u did for people here?
i am seeing you are just crying here and saying nonsense things.
please stop writing anything about our seniors like TORO,SARATON,TYRUS and ..so so.

@sataron
your work is great and you share alot also like others who get tired for this work

@alisa >> you only collect tools

is that clear for every one

also all of this os off topic

@foffa
i know i collect some tools from web and share it too
not like you, at least i am not self-fish.
if i share tools and it hurts you, so sorry.
you always comment some different things and not trying to help anyone heartly.go and check you post by yourself.
at least, prople know it here.

hehe @alisa

did i shared any tool with password ?????? :mad:

or asked people who want tools to contact me to get pass :mad:

or sayed wait for me 3 or 4 days just to share useless tool :p

i just hate people who dont know what the do and what for
or those who collect tools and dont know how to use it or how it work and i proved that to you

see u :D

hehe @alisa

did i shared any tool with password ?????? :mad:

or asked people who want tools to contact me to get pass :mad:

or sayed wait for me 3 or 4 days just to share useless tool :p

i just hate people who dont know what the do and what for
or those who collect tools and dont know how to use it or how it work and i proved that to you

see u :D
◎foffa
of course,i am not a expert like you.
but whatever i know, i have share to others,i can proved it to you.
i have helped some people here and given all the password who have PM me (if i know someone wants to make money from here,i havent sent password anymore.)
you needed that vusbbus for superpro (full), i not given to you, so you are writing such things.
i dont want to fight here,if you have anything to say, you can talk with me in msn.

loooooool @alisa i dont fight because i know i win

send me dump then i will send you vusbbus and working reg for the dump
i can prove that for you i proved to you befor that i can fill reg manually

also i have it befor you :p i just asked for it may you have different one (that s allll)

also i am not expert :D i mean it :p

loooooool @alisa i dont fight because i know i win

send me dump then i will send you vusbbus and working reg for the dump
i can prove that for you i proved to you befor that i can fill reg manually

also i have it befor you :p i just asked for it may you have different one (that s allll)

also i am not expert :D i mean it :p
Can any one share the source of hasphl vusbbus.sys encrypt/decrypt formula how to manage it?

Souz - do you mean the Cipher? ("Chiper") or the AES encryption routines?. If the former, you can reverse them from the table based emul earlier in the thread. If the latter, then like all good encryption, there is nothing secret about AES encryption. I believe it's the key that's the problem...

Git

Souz - do you mean the Cipher? ("Chiper") or the AES encryption routines?. If the former, you can reverse them from the table based emul earlier in the thread. If the latter, then like all good encryption, there is nothing secret about AES encryption. I believe it's the key that's the problem...

Git
Git, I ask about this problem, AES Encode & AES Decode [0x013F/0x0140]

Git, I ask about this problem, AES Encode & AES Decode [0x013F/0x0140] Sataron, Tyrus, cEnginEEr and Toro and all the senior who is knowledge about this problem, I many try to solved but not success. Pls help me and tell about this error. I guest the error of [0x013F] this is not found.

from what program is this output, willy?

Sataron, Tyrus, cEnginEEr and Toro and all the senior who is knowledge about this problem, I many try to solved but not success. Pls help me and tell about this error. I guest the error of [0x013F] this is not found.

villy target is wilcome es 2006 hasp_hl

from what program is this output, willy?
PE Explorer 1.99 open this HaspHL 0.15 emulator and there u easy look with disassambler.

villy target is wilcome es 2006 hasp_hl
Foffa, why u chage the way of problem? If u have knowledge about this problem then give me comments and u don't understand it so Please don't tell about wilcom or other softwares, Pls.

i dont change any thing
fejkus was asking about the target i told him what is the target

for me i dont have any ideas i toldd u that befor

because i saw alot of my friends in my town have emulator for it

also u have emulator for it

what is the problem , learning ok

you need to add encode func. to this emulator to make it work with this hasp_hl sw that is all
can you make it ??!!!

i dont change any thing
fejkus was asking about the target i told him what is the target

for me i dont have any ideas i toldd u that befor

because i saw alot of my friends in my town have emulator for it

also u have emulator for it

what is the problem , learning ok

you need to add encode func. to this emulator to make it work with this hasp_hl sw that is all
can you make it ??!!!
Yes I want to include the (encode) function but unfortunatelly I get this problem but not any senior help me Minimum give me some Idea.

I can't read anything of your attached picture to see what your problem is. Can you post it in higher reesolution please?

Git

Hi,
I attached some resource of HaspHL. If good helping in build new Drivers.

hello can someone help me with my problem?

i have the program Hasp Emulator PE V2.33. and i can not get it registered on my laptop. on my pc i can get it registered.

i do the same things on both pc's.

wat coul'd be the problem?
please can someone help me thanks

@bllizzard,

Try to uninstall emulator and hasp driver, then install hasp driver first and then emulator

i did that. first the HASP driver then the emulator and it still did not work

could het be that my laptop have usb 1.1 the only difference between the laptop and my pc is the usb.. my pc got usb 2.0 and my laptop 1.1

No.
1. Don't leave same post on two threads.
2. It can be that your Win is damaged, so you can to reinstall win or install VM and run emulation there.

i already installed windows five times so that could not be it

Run it in VM

what do you mean whit VM?

@bllizzard

Google it.

what do you mean whit VM?

virtual machine

Souz - you *trust* Hex-Rays?!?!?!!!!!?. Wow. That's the QA Table vusb emulator for HASP HL, isn't it?. If it is, I can't see how it helps at all in building new drivers.

Git

Hello.
It works in VM. What is the cause then that is not work on my normal windows.

for now thanks.

@fejkus

Do I need to add the Q/A table in the reg file? What part, it should be next to CrptInitVect? Please see file below.

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\xxxxxx]
"Name"=""
"Copyright"="Copyright (C) 2008 Tiburcio"
"Created"="17/02/2008 12:20:56"
"SN"=dword:2044455F
"Type"=dword:000000EA
"Memory"=dword:00000020
"SecTable"=hex:D1,D7,8E,8E,71,77,2E,2E
"NetMemory"=hex:00,00,00,00,00,00,00,00,00,00,FF,FF
"Option"=hex:00,01,02,4A,1F,01,11,01,08,01,04,15,13,00
"Data"=hex:\
04,00,00,40,00,00,00,00,00,00,00,00,00,00,00,00,\
0.......
"ColumnMask"=dword:000000AB
"CryptInitVect"=dword:0000003C
"QTable"=hex:\
01,4F,99,CB,FE,33,DC,25,05,E6,73,60,ED,16,F2,36,\
20,58,C8,37,AA,4C,54,CF,F7,34,60,10,5F,0B,A7,EB,\
C3,D0,F8,CD,18,9A,4F,CA,00,C5,B3,F4,DF,1F,81,02,\
.....
"ATable"=hex:\
B1,C7,FD,28,8F,57,56,7C,F2,0D,B3,5E,6C,8A,B3,49,\
2B,55,61,EE,7E,1B,BF,11,EF,C3,D4,12,94,09,16,C6,\
33,3E,14,F1,5E,FD,B6,31,90,59,D9,BE,A8,DC,4C,62,\
E1,B9,89,0A,4B,3E,F7,41,DB,34,FB,19,DD,61,17,4C,\
....

it is not important where Qtable and Atable will be in reg file, it's only server to save these values in registry.

the example below is correct.

@fejkus

Do I need to add the Q/A table in the reg file? What part, it should be next to CrptInitVect? Please see file below.

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\xxxxxx]
"Name"=""
"Copyright"="Copyright (C) 2008 Tiburcio"
"Created"="17/02/2008 12:20:56"
"SN"=dword:2044455F
"Type"=dword:000000EA
"Memory"=dword:00000020
"SecTable"=hex:D1,D7,8E,8E,71,77,2E,2E
"NetMemory"=hex:00,00,00,00,00,00,00,00,00,00,FF,FF
"Option"=hex:00,01,02,4A,1F,01,11,01,08,01,04,15,13,00
"Data"=hex:\
04,00,00,40,00,00,00,00,00,00,00,00,00,00,00,00,\
0.......
"ColumnMask"=dword:000000AB
"CryptInitVect"=dword:0000003C
"QTable"=hex:\
01,4F,99,CB,FE,33,DC,25,05,E6,73,60,ED,16,F2,36,\
20,58,C8,37,AA,4C,54,CF,F7,34,60,10,5F,0B,A7,EB,\
C3,D0,F8,CD,18,9A,4F,CA,00,C5,B3,F4,DF,1F,81,02,\
.....
"ATable"=hex:\
B1,C7,FD,28,8F,57,56,7C,F2,0D,B3,5E,6C,8A,B3,49,\
2B,55,61,EE,7E,1B,BF,11,EF,C3,D4,12,94,09,16,C6,\
33,3E,14,F1,5E,FD,B6,31,90,59,D9,BE,A8,DC,4C,62,\
E1,B9,89,0A,4B,3E,F7,41,DB,34,FB,19,DD,61,17,4C,\
....

it is not important where Qtable and Atable will be in reg file, it's only server to save these values in registry.

the example below is correct.
:D
Pls Don't Use (Chingachkug 0.15) HASPHL, his emulator is faked. Software not working. Only waist time. No Seniors wrote the solution he is selfish, because only make money, (Tyrus, Sataron, Toro).

@mum_96

go waist your time and make (full hasp hl) emulator for yourself :D

then dont be selfish and share it :p

@mum_96

Sir, there's a complete VUsbus.sys( 184kb) of mastergr but I don't know how to use it. I replaced the VUsbus.sys(18kb) of Chingachuk but it did not work. Actually Chingachuk VUsbus 0.15 willl run but only some of the module not all.

I believe Chiingachuk will release a VUsbus.sys complete version. As what Souzy_villy says it is not complete yet.

Thanks.

@foffa

Sir do you know how to use mastergr VUsbsys.sys?

Did you notice it uses a different path in the registry to store the dump?. Have a look at the example registry dump file that mastergr uploaded last.

Git

Sir Git,

I cannot understand what you mean. Last uploaded by mastergr "
Emulator İs Make To Vusbbus.sys" was a reg file of hardlock.

What I did was I replaced the VUsbus 0.15 of chingachuk to mastergr VUsbus in the emulator folder then install but it will not work.

If manually installed, what is the detail process?

You must edit *.reg file.
You must import *.reg to Registry again.

chingachuk :
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Servic es\Emulator\HASP\Dump\xxxxxxxx]

mastergr:
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Emulat or\Dump\xxxxxxxx]


Git

Sir Git,

I cannot understand what you mean. Last uploaded by mastergr "
Emulator İs Make To Vusbbus.sys" was a reg file of hardlock.

What I did was I replaced the VUsbus 0.15 of chingachuk to mastergr VUsbus in the emulator folder then install but it will not work.

If manually installed, what is the detail process?

(mastergr of Vusbbus.sys) is not use able for HaspHL he is only for Hasp4. I think No body have HaspHL good solution, and even our seniors not knowledge have about it fully, I think if he have good knowledge then must clear our problems, but still no body have solution. Wait for some times.

(mastergr of Vusbbus.sys) is not use able for HaspHL he is only for Hasp4. I think No body have HaspHL good solution, and even our seniors not knowledge have about it fully, I think if he have good knowledge then must clear our problems, but still no body have solution. Wait for some times.

souze_villy you are wrong. There are emulators that support table hasphl_encrypt, but they are private.

I agree with Tyrus, I send my dump to Glasha for the emulator but he ask $$$. Therefore, there is really a solution but we need to pay :)

Tyrus is one of hasphl master, :).

Then lets ask the help of HASpHL master Tyrus :)

@ Tyrus

Sir ,we need your solution or revised Vusbus for chingachuk :)

Any help, hint, idea or source code for us to play with. :)

http://www.reteam.org/board/attachment.php?attachmentid=36&stc=1&d=1203914267

Therefore, there is really a solution but we need to pay :)

There is really a **TABLE** solution. There is not YET a full Algorithmic solution to HASP HL AES Encryption and Decryption routines. Anywhere. Period.

Git

Dumping Hasp HL keys

How can be emulated hasp HL max http://www.aladdin.com/hasp/max.aspx (http://www.aladdin.com/hasp/max.aspx). It works of course for Pro and Time.

What we need:

a key
dumper – i used h5dmp.exe
TORO hasp monitor
Sataron’s UniDMP2reg convertor
emulator – i used Chingachguk vusb emulator


1. So at first, connect a dongle, run Toro monitor.
2. start your protected application and used it.
3. in TORO monitor you will see password for your key and memory of your dump. So use your protected software as usual, try to open all menus and dialogs, use every function …
4. Save log file, and save log file.
5. use dumper and dump the key. Result will be – two files hasp.dmp (about 790 B in my case) and hhl_mem.dmp (about 4 KB).
6. then use Sataron’s Unidump2reg and make a reg file (use vUSB Hasp HL option). You can edit this regfile and change licensing of your program (if it uses – hl max can be used for 112 programs)
7. And now the most important thing. Hasp HL uses enveloping technology with 128-bit AES symmetric encryption engine on key.

In TORO log we will find pairs. They can be found in the pairs window too.

Instructions can look like this one:

HaspHL In:> Hasphl_decrypt, Length=32
Data:
4284 ... ... ... 84ADA4 – It is a question for hash key
HaspHL Out:> Hasphl_decrypt Status=0 (0x0)
Response:
8222 ... ... ... 84ADA4 – And the key respond – it is his answer

(I remove part of code)
So what we will do with it? We will do Q/A table. This is Questions and Answers table in reg file. I added it on the end of file.

Data or question of IN – write in Qtable
Response or answer or OUT – write in Atable
Data shoul be write in pairs like these: 4284 ... ... ... 84ADA4 should be write: 42,84, ... ... ... 84,AD,A4

The end of regfile shoul look:

... regfile

"QTable"=hex:\
42,84,... 84,AD,A4,\


"ATable"=hex:\
82,22,C2 ... 84,AD,A4,\

Your program can use only one Q/A or too many. You must add them all. Then you can save your regfile.


8. Add reg file into registry
9. unplug your dongle
10. Install Chingachguk & Denger emulator, vusbbus.sys must be 0.15 or above. If all went fine, new device Hasp HL was found.
11. Your program should run


I hope, this text will help.


For a large Q/A pairs from Toro Emulator, you can use splitter.

When I monitor my dongle with Toro, I get what appears to be answeres but no questions. when I say no questions, I mean the output would say: "memory: 4D8E .... .. . so on, in this case what should I put into the questions part of the Reg file as this information does not seem to be shown in the Toro log file.

place somewhere log file from toro.

When I monitor my dongle with Toro, I get what appears to be answeres but no questions. when I say no questions, I mean the output would say: "memory: 4D8E .... .. . so on, in this case what should I put into the questions part of the Reg file as this information does not seem to be shown in the Toro log file.

place somewhere log file from toro.

Hello and thank you for your tutorial Fejkus, I actually got a little confused, everything happened as you said it would and I managed to emulate my dongle last night, without a single problem.

When I monitor my dongle using toro, during software operation (going in and out of all the programs features) the dongle was not giving me any Encrypt or Decrypt information as I thought it would as per your tutorial for some or other reason

Eventually I got irritated and started doing a little exploring, around the time I made my last post. When I discovered that using Toro there is a "File" drop down menu giving you the option of "read hasp dongle memory", instantly after clicking on that I was given all of my Q's and A's.

THANK YOU FOR YOUR HELP....you rock.

hello i installed the usbfilter however i cannot monitor anything with TORO... Moreover the application does not start and says license not found... when i have toro running. I got the passwords with another programm... So i tried dumping with h5dmp with success... What can i do now?

hello i installed the usbfilter however i cannot monitor anything with TORO... Moreover the application does not start and says license not found... when i have toro running. I got the passwords with another programm... So i tried dumping with h5dmp with success... What can i do now?

Have you converted the Dump file with DumpToReg?

if not that would be the next step.

hello i installed the usbfilter however i cannot monitor anything with TORO... Moreover the application does not start and says license not found... when i have toro running. I got the passwords with another programm... So i tried dumping with h5dmp with success... What can i do now?
may be your SW "see" monitor? try Xyrurg&sataron logger.

Hi all I'm new here.

Have read through this thread. Where do you find the TORO monitor for Hasp HL? I only find it for other devices.

Thanks!

Hi all I'm new here.

Have read through this thread. Where do you find the TORO monitor for Hasp HL? I only find it for other devices.

Thanks!
"Merlin" why don't you be a real wizard and get off your ass, either you cannot spell or you are Merlin's stupid twin Mernot

Google it like everybody else

Have you converted the Dump file with DumpToReg?

if not that would be the next step.

yes with unidmp2reg and i got a 14kb 3xxxxxxB.reg
by selecting "vusb hasp hl"
but there are no Q&A tables inside...

q/a table you have to make yourself ;p , unidmp2reg make only reg file from static dongle data

i couldn't find unidmp2reg 1.b5 can anyone give the link?

how can i create a Q/A table if i am unable to log with toro?

@iassael,

Try to use Xyrurg & sataron monitor.

yes, y8y8y8y is right.
But maybe your dongle/app dont produce any q/a table. I have one dongle hasphl max without used q/a function :)

hi
i did all the thing you say now SW doesn't give the envirement unknown warning but now the SW crashes and doesn't open i watch it on toro's monitor and emu. works Q/A tables ok but at the and of Q/A's SW crashes any one have any idea about this?

"Merlin" why don't you be a real wizard and get off your ass, either you cannot spell or you are Merlin's stupid twin Mernot

Google it like everybody else

Thank you for helping out!

Best regards Mernot.

How do you google...?

SMF

First post here...

I have the same problem. I start the monitor and then my software. It starts to read the table keys and then software gives an error and monitor stops. I tried both Toro and Xyrurg&Sataron. It gives me less than 100 table keys. I save log file and convert to dump file. Then convert to registry. I add the Q/A tables to registry file. I add file to registry and then try to run my software. It gives me error "Unknown Envelope". I think that SW detects monitor and stops the table generation. Is there a way to hide the monitor from SW?

I was able to get the dump files from the dongle and the passwords. Is it possible to emulate a dongle without getting the Q/A tables?

(Using Hasp HL 2.16)

Hasp HL 2.16 can be emulated with HaspHL2007 perfectly... I did It ... and get the .dng with edge tool... Try it.... This dongle don't need Q/A tables... this is for HL Max.... it's very hard

ok

bye

Hasp HL 2.16 can be emulated with HaspHL2007 perfectly... I did It ... and get the .dng with edge tool... Try it.... This dongle don't need Q/A tables... this is for HL Max.... it's very hard

ok

bye

It is just hasp hl in hasp4 mode... "HASP HL 2.16" show windows if install drivers for device

Thank you for helping out!

Best regards Mernot.

How do you google...?

SMF

Oh no problem Merlin.....Googling is a very simple process....firstly you need to find the highest building you can, then leap from it, now this only works when you are at least 6 floors up.....

So for the sake that you are really a technocriple who has been living in a hole for the past 20years and by accident stumbled on this forum without the help of ANY search engine.....

http:\\www.google.com........

First post here...

I have the same problem. I start the monitor and then my software. It starts to read the table keys and then software gives an error and monitor stops. I tried both Toro and Xyrurg&Sataron. It gives me less than 100 table keys. I save log file and convert to dump file. Then convert to registry. I add the Q/A tables to registry file. I add file to registry and then try to run my software. It gives me error "Unknown Envelope". I think that SW detects monitor and stops the table generation. Is there a way to hide the monitor from SW?

I was able to get the dump files from the dongle and the passwords. Is it possible to emulate a dongle without getting the Q/A tables?

(Using Hasp HL 2.16)

Did you try install the usb filter that comes with the monitor, I had similar problems and after right clicking on the *.inf file and selecting install then restarting. This seemed to solve my problems. give it a try

Did you try install the usb filter that comes with the monitor, I had similar problems and after right clicking on the *.inf file and selecting install then restarting. This seemed to solve my problems. give it a try

Oh yes, are you using the latest dongle drivers, I think I used 5.22? something like that.

i have installed the AladdinUsbFilter. the monitor wont do anything at all without that installed. I installed it, restarted, and it gives me about 100 keys. But I think the software scans the system to check for debuggers and loggers. It detects the monitor and stops operation. I cant complete the logging unless I can hide the monitor from the software. I have the latest drivers installed (5.22).

I tried using HaspHL2008 but it didnt work. It would read the dongle passwords and then when I try to get the dump it would give me error-19. I will try HaspHL2007 today. I'm ASSuMEing that the "Edge Tool" is something inside HaspHL2007?

EDIT: Just tried HaspHL2007... i get error -19 when i try to dump. What is this error?

"It is just hasp hl in hasp4 mode... "HASP HL 2.16" show windows if install drivers for
device"

I'm sorry but I don't follow.

From what I understand this is a multilingual forum so please have patience with me.


EDIT : Ive been working on this for 10 hours straight... 2 days in a row. Its still not working. I tried the "How to crack Hasp HL" pdf file and use OllyDbg and ImpRec but THAT didn't work. I don't know what else to try.

EDIT: I FINALLY got HaspHL2007 to dump. I used edge tool to convert to *.dng file and then load with HaspHL2007. It doesnt work. Should I convert on Hasp tab or Hasp HL tab?

Hi friends.... I have maked all that this post say to emulate a Hasp HL Max dongle... But the soft don't run...

I run toro monitor... and extract the TORO_LOG.txt file, I builld the .REG file and got the vusb 0.15 emulator.... And nothing... Why ?

I runned the toro with two dongles for the same soft and saw that the Qtable and Atable are similar... this soft don't generate diferent Q/A codes... But don't run... I runned the hasphl2007.exe and get the .DMP file and got the .DNG with edge tool but nothing, don't run... I runned the hasphl2008.exe and got the .DMP but the similar case to hasphl2007.... I read the key with H5API but... and got the .DNG with edge tool... but nothing... What do I must to do ?

Thanks

eng-ars

Anyone have experience with OllyDbg?

To use OllyDbg successfully... you have to "harden" it... which means to open it with a hex editor and replace all "OllyDbg" strings with something else of the same length.

This is done to ensure that OllyDbg is not detected as a debugger...

Is there any way this can be done with TORO monitor? (TORO is detected as debugger by my software)

What string needs to be replaced?

Has anyone tried this?

i have installed the AladdinUsbFilter. the monitor wont do anything at all without that installed. I installed it, restarted, and it gives me about 100 keys. But I think the software scans the system to check for debuggers and loggers. It detects the monitor and stops operation. I cant complete the logging unless I can hide the monitor from the software. I have the latest drivers installed (5.22).

I tried using HaspHL2008 but it didnt work. It would read the dongle passwords and then when I try to get the dump it would give me error-19. I will try HaspHL2007 today. I'm ASSuMEing that the "Edge Tool" is something inside HaspHL2007?

EDIT: Just tried HaspHL2007... i get error -19 when i try to dump. What is this error?

"It is just hasp hl in hasp4 mode... "HASP HL 2.16" show windows if install drivers for
device"

I'm sorry but I don't follow.

From what I understand this is a multilingual forum so please have patience with me.


EDIT : Ive been working on this for 10 hours straight... 2 days in a row. Its still not working. I tried the "How to crack Hasp HL" pdf file and use OllyDbg and ImpRec but THAT didn't work. I don't know what else to try.

EDIT: I FINALLY got HaspHL2007 to dump. I used edge tool to convert to *.dng file and then load with HaspHL2007. It doesnt work. Should I convert on Hasp tab or Hasp HL tab?

What is the name of the software you are trying to emulate?
some softwares have a dongle checking app, some checking apps even tell you what features your dongle enables on the specific software, check your installation directory for something like that. It will say something like View LOK or similar.

If it is present, you do not need to go into the software to get the details. Simply run toros monitor and then get the lock checking app to see if you have a dongle present. Toro should then pick up all the codes you need. After that you will find an option in toro under file>scan memory or something similar.

that will give you all the Q's and A's you asked for.

but this only works on some softwares

I also got the error 19 from HASP HL 2007 edge....no solutions to date

Hi friends.... I have maked all that this post say to emulate a Hasp HL Max dongle... But the soft don't run...

I run toro monitor... and extract the TORO_LOG.txt file, I builld the .REG file and got the vusb 0.15 emulator.... And nothing... Why ?

I runned the toro with two dongles for the same soft and saw that the Qtable and Atable are similar... this soft don't generate diferent Q/A codes... But don't run... I runned the hasphl2007.exe and get the .DMP file and got the .DNG with edge tool but nothing, don't run... I runned the hasphl2008.exe and got the .DMP but the similar case to hasphl2007.... I read the key with H5API but... and got the .DNG with edge tool... but nothing... What do I must to do ?

Thanks

eng-ars

remember, after you get the hasp.dmp file, the hhl_mem.dmp file, then the registry file that you got from unidmptoreg and you have added the q's and a's correctly to that file which you extracted using toro. Copy all of them into the same folder as your emulator. Then click on the install.bat file (ensure you have the latest drivers installed first). That should work.

You need to find the emulator similar to the one posted quoted in the first post....google it.

remember, after you get the hasp.dmp file, the hhl_mem.dmp file, then the registry file that you got from unidmptoreg and you have added the q's and a's correctly to that file which you extracted using toro. Copy all of them into the same folder as your emulator. Then click on the install.bat file (ensure you have the latest drivers installed first). That should work.

You need to find the emulator similar to the one posted quoted in the first post....google it.

I must add that the vusb seems to be the right emulator. so just copy the files into the same folder as your emulator.

What is the name of the software you are trying to emulate?
some softwares have a dongle checking app, some checking apps even tell you what features your dongle enables on the specific software, check your installation directory for something like that. It will say something like View LOK or similar.

If it is present, you do not need to go into the software to get the details. Simply run toros monitor and then get the lock checking app to see if you have a dongle present. Toro should then pick up all the codes you need. After that you will find an option in toro under file>scan memory or something similar.

that will give you all the Q's and A's you asked for.

but this only works on some softwares

I also got the error 19 from HASP HL 2007 edge....no solutions to date

Ive already tried this. In my previous post I stated that my software detects the Toro monitor and wont give me all the Q/A tables. I'm looking for a way to disguise it from my software.

Hello, I have a little problem with a key hasp hl, have followed the process that you have indicated to me and all it goes well but if use the emulatore I obtain as answer "error 1031 envelope error". I have understood that when the function hasp_decrypt sends the code to the key the emulatore answers mistaking, that is always the same answer to every question. I think this the reason for which we put the table with query/answer

but

there damned key every time sendes a different code and I never have them all!

I have tried start the programm many times with Toro monitor and have collected more than 300 codes but every time i need one more! never not to complete them all!

what can be do? Thanks

Tom, if it is sending a random string to be decrypted then your only recourse is to reverse engineer the application and defeat the check on the decrypted response there.

Git

Tom, if it is sending a random string to be decrypted then your only recourse is to reverse engineer the application and defeat the check on the decrypted response there.

Git

hi git
i have collected more than 1200 codes and now SW doesn't give envelope unknown error but now the Sw crashes, i couldn't understand the problem do you have any idea

Hi friends... I have looking for the way to emulate the Hasp HL Max, but everything have been uselees... The dongle and soft comunication is in random way... the Q/A are diferent alway... I believe that the TORO post must be ok...

Originally Posted by TORO
you must extract pair tables from .protect section of envelope, envelope use these tables to make randome query check.
there are 5 tables at max, each contain 256 pair, then add those pairs with pairs from log file and then construct hasp hl emulator, it will work

Try to get the pair in .protect section and add to reg file... But this is Debuggin techniques no emulate and is more dificult... I have tried with IDA pro and PEid and I see perfectly this section but what do I do ? Have very much hex data.... and not 256 pairs exactly....

Ok I believe that Hasp HL Max had won to us... Is very hard to emulate...

and.. I believe that are a omission in the original post ... say unplug you dongle and install vusbbus emulator.... Not is necesary have plugged the dongle, install the vusb emulator and efter unplug the dongle... Is only a coment

Thanks for read me

regards

eng-ars

hi git
i have collected more than 1200 codes and now SW doesn't give envelope unknown error but now the Sw crashes, i couldn't understand the problem do you have any idea

Run your prog with monitor (TORO or any other) and try to see what happen at the moment of the crash.

Run your prog with monitor (TORO or any other) and try to see what happen at the moment of the crash.

i do it before, the emulator response like Dongle, it gives all the answers but at the end (the time to open SW) it crashes

what are the last requests/responses.

what are the last requests/responses.

FF,FF,3A,65,F6,08,20,CF,7F,21,B8,76,D6,19,E5,78 A

AB,E0,2C,95,70,C0,F1,10,D5,0A,85,D1,9A,85,6E,42 Q

these are the last one

post last 20 lines of your log as it seen in TORO

ok i will post that, but there are some 00 10 20 30 40 ... on the table i mean some unknown Q's but SW jump's these and ask the new one, if the 00 10 20 30 are more than 3 it gives envelope unknown error
i add 1200 pairs to the Q/A table and i watch toro table for about 50 times i get only 2-3 envelope unknown error on the others SW crashes at the and of the responses

ok i will post that, but there are some 00 10 20 30 40 ... on the table i mean some unknown Q's but SW jump's these and ask the new one, if the 00 10 20 30 are more than 3 it gives envelope unknown error
i add 1200 pairs to the Q/A table and i watch toro table for about 50 times i get only 2-3 envelope unknown error on the others SW crashes at the and of the responses

Hasp HL, AES Need 4 functions, If any can make the (QTable /ATable) then how to make its (AEncTable/QEncTable)? Here is some details Flow it.

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\1122AABB]
...

"QTable"=hex:\
11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,\
22,11,11,11,11,11,11,11,11,11,11,11,11,11,11,22,\
22,22,22,22,22,22,22,22,22,22,22,22,22,22,22,22

"ATable"=hex:\
43,24,57,D4,75,F4,90,50,23,A2,B4,F4,D2,E4,2D,90,\
A9,F4,CF,DF,F1,01,AE,68,0E,A6,CE,D5,BF,59,47,35,\
83,3E,B6,17,B3,45,6F,8B,BD,88,CF,62,66,1F,A9,0C

"QEncTable"=hex:\
11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,\
22,11,11,11,11,11,11,11,11,11,11,11,11,11,11,22,\
22,22,22,22,22,22,22,22,22,22,22,22,22,22,22,22

"AEncTable"=hex:\
55,24,57,D4,75,F4,90,50,23,A2,B4,F4,D2,E4,2D,55,\
66,F4,CF,DF,F1,01,AE,68,0E,A6,CE,D5,BF,59,47,66,\
77,3E,B6,17,B3,45,6F,8B,BD,88,CF,62,66,1F,A9,77

HaspHL Vusbbus.sys emulator ver. 0.15.0.0 is not have (QEncTable/AEncTable)? because it is Public. But Private Emulator have this functions.

souze you mean the reason of crashing is aenctable and qenctable is missing?
and i wanna ask that is toro's monitor showing these tables

...HaspHL Vusbbus.sys emulator ver. 0.15.0.0 is not have (QEncTable/AEncTable)? because it is Public. But Private Emulator have this functions.it's mistake. you talking about public emu with 4's tables. some private ver (may be 0.1.0.0) HL emul's have only two tables, but work fine (Encrypt\Decrypt) ;)

souze you mean the reason of crashing is aenctable and qenctable is missing?
and i wanna ask that is toro's monitor showing these tables
Toro Monitor 3.2 and sataron is same get the log Enc/Dec, but 0.15.0.0 vusbbus.sys is not have the (AEncTable/QEncTable).

souze_villy
its not private mull
link from ru-board
_http://rapidshare.com/files/106966671/15_1_4.rar.html

gamebit0
+1

tyrus do u know password of the file?

4Siromar,

pass:ru-board

:) :) :)

tyrus do u know password of the file?
Ok
Tyrus
If
Qtable:\ 0001020304050607080900A0B0C0D0E0F
Atable:\ 0F0E0D0C0B0A090807060504030201000
how to make his
QEncTable:\
AEncTable:\
Please explain some?

souze_villy
wow )))
look:

Qtable:\ 0001020304050607080900A0B0C0D0E0F
Atable:\ 0F0E0D0C0B0A090807060504030201000

QEncTable:\ 0F0E0D0C0B0A090807060504030201000
AEncTable:\ 0001020304050607080900A0B0C0D0E0F

souze_villy
wow )))
look:

Qtable:\ 0001020304050607080900A0B0C0D0E0F
Atable:\ 0F0E0D0C0B0A090807060504030201000

QEncTable:\ 0F0E0D0C0B0A090807060504030201000
AEncTable:\ 0001020304050607080900A0B0C0D0E0F

i made as you say tyrus but still SW crashes at the and of the Q's and A's
do you have any idea

4Siromar,

pass:ru-board

:) :) :)

thank you salem :D

i made as you say tyrus but still SW crashes at the and of the Q's and A's
do you have any idea

You did not understand me

You did not understand me

can u help me to understand then please:confused:

@Tyrus
If this sw use encryptions, shouldn't siromar see in monitor
HaspHL In:> Hasphl_encrypt
and
HaspHL Out:> Hasphl_encrypt ?

souze_villy
wow )))
look:

Qtable:\ 0001020304050607080900A0B0C0D0E0F
Atable:\ 0F0E0D0C0B0A090807060504030201000

QEncTable:\ 0F0E0D0C0B0A090807060504030201000
AEncTable:\ 0001020304050607080900A0B0C0D0E0F

Tyrus you some thing wronge here?

Qtable:\ 0001020304050607080900A0B0C0D0E0F
Atable:\ 0F0E0D0C0B0A090807060504030201000

QEncTable:\ 0001020304050607080900A0B0C0D0E0F
AEncTable:\ 5501020304050607080900A0B0C0D0E55

This is write way must manage (AEncTable) manually as above I give example. Qtable and QEncTable will be same.

You don't understand what Tyrus mean at all. And your post just let all newbie more confusion.

Tyrus you some thing wronge here?

Qtable:\ 0001020304050607080900A0B0C0D0E0F
Atable:\ 0F0E0D0C0B0A090807060504030201000

QEncTable:\ 0001020304050607080900A0B0C0D0E0F
AEncTable:\ 5501020304050607080900A0B0C0D0E55

This is write way must manage (AEncTable) manually as above I give example. Qtable and QEncTable will be same.

You don't understand what Tyrus mean at all. And your post just let all newbie more confusion.
I think u better understand this, please explain.

souze_villy
YAHOOEU

souze_villy
YAHOOEU
:D Tyrus my software is read only one log file, and how to link with another?

E0720B2D2102991E5F6F34953E2EE533
0102030405060708090A0B0C0D0E0F10
C81BAD9CE2A8E7C29B261522D888F308
0102030405060708090A0B0C0D0E0F10
5B5071F36A0784507E9A0C75637B5A756C39CB41AF58A81670 820CE9443EC24B
1877D7F3C824E1339F5F24DE79E6BF996C39CB41AF58A81670 820CE9443EC24B
5B5071F36A0784507E9A0C75637B5A756C39CB41AF58A81670 820CE9443EC24BE02C93F6D1569D4A5D11B5E994F954E5
E812A150C6CCF27A478B4424045068E06C39CB41AF58A81670 820CE9443EC24BE02C93F6D1569D4A5D11B5E994F954E5
4A7B35783704CFF076C88319ADD2E4CE
0102030405060708090A0B0C0D0E0F10
11DBF2C8A06671215BEEE164D1D574C4

how to another eveloped how to linke?

3182308A95C8A50A7343C31B8B62D2E7
31DCCE1459494CF4B0FEA51F8A65ACE7
19424270A66ED06417B97046609CEF0B
0102030405060708090A0B0C0D0E0F10
34CB56222CA08D9F21CE83C153330496E6B040D3FE76CC3B5C E7D95253AFBDA7
0F356A4A4102BEC40C751487F8A867BFE6B040D3FE76CC3B5C E7D95253AFBDA7
34CB56222CA08D9F21CE83C153330496E6B040D3FE76CC3B5C E7D95253AFBDA7510BD8E1B6A3B7822AE64B91BD7AA0A3
0E6936A911069687CFDD5C242CE85E27E6B040D3FE76CC3B5C E7D95253AFBDA7510BD8E1B6A3B7822AE64B91BD7AA0A3
262857EE0532DB43042187C0669CD2C2
FB2320B96A4F568124D169639903E332
600222DD3502C92BEB6000DE50F30432
0102030405060708090A0B0C0D0E0F10
:D

can anyone clearly explane that QEncTable:AEncTable:\
please?

When an hl_decode function is issued, the emulator will search in QTable until it finds a match for its input string (16, 32 or 48 bytes long). It will then go to the same offset from the start of the table, but in the ATable, and take it's answer from there and send it back.

When an hl_encode function is issued, the emulator will search in QEncTable until it finds a match for its input string (16, 32 or 48 bytes long). It will then go to the same offset from the start of the table, but in the AEncTable, and take it's answer from there and send it back.

So, for a Sataron log, the following applies :

HaspHL_decrypt: Input Data -> QTable
HaspHL_decrypt: Output Data -> ATable

HaspHL_encrypt: Input Data -> QEncTable
HaspHL_encrypt: Output Data -> AEncTable

Git

When an hl_decode function is issued, the emulator will search in QTable until it finds a match for its input string (16, 32 or 48 bytes long). It will then go to the same offset from the start of the table, but in the ATable, and take it's answer from there and send it back.

When an hl_encode function is issued, the emulator will search in QEncTable until it finds a match for its input string (16, 32 or 48 bytes long). It will then go to the same offset from the start of the table, but in the AEncTable, and take it's answer from there and send it back.

So, for a Sataron log, the following applies :

HaspHL_decrypt: Input Data -> QTable
HaspHL_decrypt: Output Data -> ATable

HaspHL_encrypt: Input Data -> QEncTable
HaspHL_encrypt: Output Data -> AEncTable

Git

Is it possible from decryption tables manually create encryption tables (with out logs)?

> Is it possible from decryption tables
> manually create encryption tables
> (with out logs)?

It is symmetrical encryption, so if hl_encode converts ABC to XYZ, then hl_decode will convert XYZ to ABC. So, you could copy ATable to QEncTable and copy QTable to AEncTable, but that will only give you a few Q/A's and the chance of them being exactly the ones your program needs and only the ones your program needs is almost ZERO.

Git

> Is it possible from decryption tables
> manually create encryption tables
> (with out logs)?

It is symmetrical encryption, so if hl_encode converts ABC to XYZ, then hl_decode will convert XYZ to ABC. So, you could copy ATable to QEncTable and copy QTable to AEncTable, but that will only give you a few Q/A's and the chance of them being exactly the ones your program needs and only the ones your program needs is almost ZERO.

Git
really thanks git, now it's clear:D
i watch it with toro's monitor again but my hasp hl pro uses only dec. as i saw, i save dongle info and i wanna send it and reg file to you, please help me about why SW crashes at the end of the Q's and A's

@siromar

as we understanded i suppose that your q/a table dont satsfy sw needs :cool:

@foffa
you may be right foffa; because it makes random q/a, but i get near 4000 pairs and when i watch toro's monitor i see no 00102030's and all the Q's have A's, i can send the log file here, if you wanna see

The software can send a different Q 1000 times a second for the next thousand years and the A's from the real dongle will always be correct. To simplify, that is because the real dongle has an algorithm that can convert any Q to an A. Emulator makers do not know that algorithm and it is effectively different for every dongle customer, so the emulator EMULATES the algorithm by playing back a recording of pairs of Q/A's. You tell it which A goes with which Q.

In actual fact, the algorithm is known, it is 256bit AES encryption. What is not known is the Key which is used to do the encryption.

Until some clever sod finds a way of discovering the encryption key for a given dongle so we can have a proper algorithmic emulator, your only recourse is to reverse engineer the application.

Git

Has anyone noticed that the order of the Q/A key pairs can affect whether or not the vusb driver returns the correct results?

The results of using splitter on the haspmon pairs gave me the following:

"QTable"=hex:\
41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,\
9A,CC,D1,B2,CC,DB,00,77,08,F0,33,E3,D4,90,65,C3,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,04,A D,C5,EF,3D,E8,A6,A5,46,26,65,D0,46,60,11,12,\
B2,51,55,93,F9,EC,E2,CA,16,ED,8A,56,13,E6,18,CA,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,\
B2,51,55,93,F9,EC,E2,CA,16,ED,8A,56,13,E6,18,CA,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,6C,B D,64,77,06,0F,62,46,94,50,60,C6,05,8C,69,97,\
9A,CC,D1,B2,CC,DB,00,77,08,F0,33,E3,D4,90,65,C3,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,\
"ATable"=hex:\
40,A5,22,03,AC,BF,69,F9,30,31,DD,40,91,08,F1,78,\
84,1E,86,5B,BE,65,46,27,01,00,00,00,49,1E,48,76,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,04,A D,C5,EF,3D,E8,A6,A5,46,26,65,D0,46,60,11,12,\
86,78,30,98,77,AF,00,C2,36,57,CB,71,C3,39,FB,E3,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,\
B2,95,D3,0D,5D,1B,87,52,01,00,00,00,A2,79,BE,17,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,6C,B D,64,77,06,0F,62,46,94,50,60,C6,05,8C,69,97,\
F9,04,D4,06,0F,A0,C6,F5,4A,FE,0A,AF,8E,59,51,0F,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,\

This did not work, as the answer for the length=48 line starting 9A (Qtable line 2) did NOT correspond with the answer on Atable line2. I re-ordered the table as follows, and it now works.

"QTable"=hex:\
41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,41,\
9A,CC,D1,B2,CC,DB,00,77,08,F0,33,E3,D4,90,65,C3,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,\
9A,CC,D1,B2,CC,DB,00,77,08,F0,33,E3,D4,90,65,C3,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,04,A D,C5,EF,3D,E8,A6,A5,46,26,65,D0,46,60,11,12,\
B2,51,55,93,F9,EC,E2,CA,16,ED,8A,56,13,E6,18,CA,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,\
B2,51,55,93,F9,EC,E2,CA,16,ED,8A,56,13,E6,18,CA,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,6C,B D,64,77,06,0F,62,46,94,50,60,C6,05,8C,69,97
"ATable"=hex:\
40,A5,22,03,AC,BF,69,F9,30,31,DD,40,91,08,F1,78,\
F9,04,D4,06,0F,A0,C6,F5,4A,FE,0A,AF,8E,59,51,0F,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,\
84,1E,86,5B,BE,65,46,27,01,00,00,00,49,1E,48,76,02 ,D4,BA,41,B4,E2,C5,F6,83,C6,A4,D7,E6,59,B5,FE,04,A D,C5,EF,3D,E8,A6,A5,46,26,65,D0,46,60,11,12,\
86,78,30,98,77,AF,00,C2,36,57,CB,71,C3,39,FB,E3,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,\
B2,95,D3,0D,5D,1B,87,52,01,00,00,00,A2,79,BE,17,E5 ,D3,3F,B2,26,D8,26,EA,CF,65,4D,DE,78,C7,16,59,6C,B D,64,77,06,0F,62,46,94,50,60,C6,05,8C,69,97

Seems like a bug in the vusb driver. Or am I missing something obvious?

-Swift

mmmm Only moved the order in the list.... the correspondency exist.... What is the order that the table must to follow ?

the first table have:

Hasphl_decrypt, Length=16
Hasphl_decrypt, Length=48
Hasphl_decrypt, Length=32

You modify :

Hasphl_decrypt, Length=16
Hasphl_decrypt, Length=32
Hasphl_decrypt, Length=48

OR only make pairs subsecuents

9A, CC,D1,B2..... LENGTH=32
9A,CC,D1,B2....... LENGHT=48



This is your idea ? You detect this omision in spliter results ? Then is necesary check the LOG with the pair generated...

This action work for you soft ? this eliminate the 1031 error "Unknow Envelope " ?

Thanks

@Swift-AU
Yes it may be a glitch, make some order in Q table. 16 bits, 32,48. Remember as you move Q values, you will need to move A as well to the same offset.

@eng-ars
easy....easy... you will have a stroke;)
If you have envelop error, try to use monitor to understand why.

Thanks for the reassurance -- just wanted to make sure I wasn't going crazy and overlooking something obvious.

Now if only I had a solution for software that uses (seemingly) random encrypt requests. Does such a solution exist? And what does it cost?!?

-Swift

Ok here is a wierd problem. I am having a software which uses hasp hl 2.6 when i try using hasp loger by sataron i get an error Automatic data protection. Is there any way out of this one ??

Thanks

Ok here is a wierd problem. I am having a software which uses hasp hl 2.6 when i try using hasp loger by sataron i get an error Automatic data protection. Is there any way out of this one ??

Thanksu can use USB-sniffer, like USB-Trace, Bus Hound. but for log convertion u must ask somebody, who can understand it.

Does anyone have any clues on decrypting individual files that have been encrypted using Aladdins DATAHASP encryption process? Once the decrypt keys have been gained using a dongle monitor, would it not be a straight forward enough process?

They thought of that :). The key is never exposed in plaintext.

Git

Hello, I a completely new to this type of thing but have found it interesting reading the posts on this site the last week or so. I am attempting to emulate a dongle for a piece of software used at work. I would like to have the ability of using it at home. After reading many post on this site I am still not sure what I am doing. I have attempted to follow the instructions so nicely outlined in post #1 of this thread. I used TORO monitor to get the password and the h5dmp to dump the file and unidmp2reg to make the reg file but I think there is something wrong. The hhl_mem.dmp is rejected by the unidmp2reg software stating it is the wrong size. So I just used the hasp.dmp to get the reg file. Toro did not find any tables either. I am not sure what to do next. Here is the format of my reg file perhaps an expert can tell me where I went wrong.

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\0xxxx0xx]
"Name"=""
"Copyright""
"Created"="23/04/2008 17:08:55"
"SN"=dword:xxxxxxxx
"Type"=dword:000000xx
"Memory"=dword:0000000x
"SecTable"=hex:0x,0x,x0,xx,xx,xx,x0,xx
"NetMemory"=hex:00,00,00,00,00,00,00,00,00,00,xx,xx
"Option"=hex:00,0x,0x,xx,xx,0x,xx,0x,0x,0x,00,0x,0x,00
"Data"=hex:\
0x,xx,x0,xx,xx,xx,xx,0x,xx,xx,xx,xx,xx,xx,x0,xx,\
x0,xx,0x,0x,x0,xx,xx,xx,x0,xx,0x,00,x0,xx,xx,xx,\
00,0x,xx,xx,x0,x0,x0,xx,xx,xx,0x,xx,xx,xx,xx,xx,\
xx,xx,0xx,xx,0x,xx,x0,xx,0x,xx,x0,xx,0x,0x,xx,xx,\
x0,xx,x0,xx,xx,xx,xx,xx,x0,xx,00,0x,xx,xx,xx,x0,\
xx,xx,0x,0x,xx,xx,xx,xx,xx,xx,xx,xx,xx,xx,x0,xx,\
x0,xx,0x,0x,xx,xx,xx,xx,xx,x,0x,0x,xx,xx,xx,xx,\
xx,xx,x0,xx,0x,00,00,00,x0,00,00,00,00,00,xx,xx,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ColumnMask"=dword:000000xx
"CryptInitVect"=dword:000000xx

I didn't know if there was certain information that shouldn't be posted so I changed all non 0's to x. In the unlikely event this is correct would someone be so kind to advise my of my next step?
Thanks in advance for any help you are willing to provide.

I just noticed looking at the log that there are in fact some tables, they just didnt show up in the top right panel in Toro or in the log file. They arent named exactly the same as your example, this will give you an idea:

Hasp In:> HaspDecrypt Length=8
Data:
0x 0x xx xx xx xx xx xx
Hasp Out:> HaspDecrypt Status=0 (0x0)
Response:
0x 0x xx xx xx xx xx xx

So it doesnt say HaspHL as is your example, dont know if it matters

Hello, I a completely new to this type of thing but have found it interesting reading the posts on this site the last week or so. I am attempting to emulate a dongle for a piece of software used at work. I would like to have the ability of using it at home. After reading many post on this site I am still not sure what I am doing. I have attempted to follow the instructions so nicely outlined in post #1 of this thread. I used TORO monitor to get the password and the h5dmp to dump the file and unidmp2reg to make the reg file but I think there is something wrong. The hhl_mem.dmp is rejected by the unidmp2reg software stating it is the wrong size. So I just used the hasp.dmp to get the reg file. Toro did not find any tables either. I am not sure what to do next. Here is the format of my reg file perhaps an expert can tell me where I went wrong.

REGEDIT4
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\NEWHAS P\Services\Emulator\HASP\Dump\0xxxx0xx]
"Name"=""
"Copyright""
"Created"="23/04/2008 17:08:55"
"SN"=dword:xxxxxxxx
"Type"=dword:000000xx
"Memory"=dword:0000000x
"SecTable"=hex:0x,0x,x0,xx,xx,xx,x0,xx
"NetMemory"=hex:00,00,00,00,00,00,00,00,00,00,xx,xx
"Option"=hex:00,0x,0x,xx,xx,0x,xx,0x,0x,0x,00,0x,0x,00
"Data"=hex:\
0x,xx,x0,xx,xx,xx,xx,0x,xx,xx,xx,xx,xx,xx,x0,xx,\
x0,xx,0x,0x,x0,xx,xx,xx,x0,xx,0x,00,x0,xx,xx,xx,\
00,0x,xx,xx,x0,x0,x0,xx,xx,xx,0x,xx,xx,xx,xx,xx,\
xx,xx,0xx,xx,0x,xx,x0,xx,0x,xx,x0,xx,0x,0x,xx,xx,\
x0,xx,x0,xx,xx,xx,xx,xx,x0,xx,00,0x,xx,xx,xx,x0,\
xx,xx,0x,0x,xx,xx,xx,xx,xx,xx,xx,xx,xx,xx,x0,xx,\
x0,xx,0x,0x,xx,xx,xx,xx,xx,x,0x,0x,xx,xx,xx,xx,\
xx,xx,x0,xx,0x,00,00,00,x0,00,00,00,00,00,xx,xx,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00
"ColumnMask"=dword:000000xx
"CryptInitVect"=dword:000000xx

I didn't know if there was certain information that shouldn't be posted so I changed all non 0's to x. In the unlikely event this is correct would someone be so kind to advise my of my next step?
Thanks in advance for any help you are willing to provide.

I just noticed looking at the log that there are in fact some tables, they just didnt show up in the top right panel in Toro or in the log file. They arent named exactly the same as your example, this will give you an idea:

Hasp In:> HaspDecrypt Length=8
Data:
0x 0x xx xx xx xx xx xx
Hasp Out:> HaspDecrypt Status=0 (0x0)
Response:
0x 0x xx xx xx xx xx xx

So it doesnt say HaspHL as is your example, dont know if it matters
ur security is not hasphl 2.16 so toro monitor is not show table.

Nice quoting souze.

Git

Thanks for your reply.... brings up some more question:

1. What type of protection is it so I can do some more reading?

2. Can it be emulated? If yes, which is the best choice for an emulator?

3. Are you able to tell if I actually got a good dump and have all info to emu by what I posted?


Thanks

@kalhua
In dump folder after dump do you even see the hhl_mem.dmp file?

@kalhua
In dump folder after dump do you even see the hhl_mem.dmp file?

I did get that file with the dump however when I tried to use it an error came up saying it was the wrong size. There were no errors with h5dmp.exe when it created the file.

Thanks

Hi... I have been trying to emulate the HASP HL Max.... But is dificult.... In a session with vsub emulator, HaspLoger and my soft... The error 1031 Unknown Envelope is displayed... And reviewing the hasploger monitor... Then I saw that the soft send a Question diferent everytime that I try to run... Ok this isn't new... The Random performance is know... But the strange is the Response that vusb emulator send... It isn't similar to any response that add in .REG file... Always send the same response... And trying to understand why this response... Opened the HaspEditor_Hl by sataron, wrote the pass of dongle emulated and then pressed the "Make E\D Pairs" and the app generated 6 files in .txt with 258 pairs each, called OutLog16_Decode.txt, OutLog16_Encode.txt, OutLog32_Decode.txt, OutLog16_Encode.txt, OutLog48_Decode.txt, OutLog48_Encode.txt.... But all files have the same respond, obviusly, with diferent long... 16, 32 or 48 .... and this is the response that de vsub emul give to the soft for each question that do it.... I believe that some is missed in the emulation procces... Or the vusb emul is not prepared for this dongle type... Some have any idea ?

P.S. Some have ToroEmulatorUtility.exe... and tools to generate the .HASP file ?... Please... Help me with Hasp HL Max... It is win the game...

eng-ars

Try to check in registry do you see the Q/A tables you prepared?

Hi All,

Could anyone here please tell me why my h5dmp.exe not executing???? I am trying to dump my dongle with this software but when i double click the h5dmp.exe, a small black screen is visible for a very quick second, and then vanishes. Could anyone please guide me what wrong am i doing??? Any help will be highly appreciated from the core of my heart.

Hi All,

Could anyone here please tell me why my h5dmp.exe not executing???? I am trying to dump my dongle with this software but when i double click the h5dmp.exe, a small black screen is visible for a very quick second, and then vanishes. Could anyone please guide me what wrong am i doing??? Any help will be highly appreciated from the core of my heart.

Why do you make duplicate posts???

Hi All,

Could anyone here please tell me why my h5dmp.exe not executing???? I am trying to dump my dongle with this software but when i double click the h5dmp.exe, a small black screen is visible for a very quick second, and then vanishes. Could anyone please guide me what wrong am i doing??? Any help will be highly appreciated from the core of my heart.
open then notpad and wrote the here this instructions,
@Echo Off
h5dmp.exe 0xXXXX 0xXXXX
pause
and save as file name XXXX.bat
and then try.

0xXXXX 0xXXXX mean what u have donge ID 12345678, then same wroe, 0x1234 0x5678.

Thanks a lot souze --- i m going to try it right now.

just use "make dump.bat" as i already desrcibed

you can execute h5dmp.exe directly if you want but then you need to run it from "cmd.exe" (start>>run>>>cmd) and you need to specify pass1 pass2 manualy

better use "make dump.bat"
passwords that you need are already specified inside package that i sent you

Toro do you offer any source code to people looking to get into dongle coding.
Thanks

i have one question for toro,tyrus and all other hasphl experts

when first aes request occured did i need to dump only .protect section or i need to dump hole application

regards
justine

Hi to All,

First, I would thanks to everybody.
In past few months I was here and monitor every topic and read every post, and finally I am manage to emulate my dongle.
My dongle is HASP HL TIME, for emulation I used hl5dmp, TORO Monitor, UniDumpToReg and VUsbBus.

Second, I have two questions.

I have made Q/A table and puted in reg file, but my software make 1-10 new Q/A codes every day. I collected about 250 Q/A pairs up to day.
What would happend with software if he send a question code to hasp emulator who isn't in reg file and don't get a answer from emulator?
Will the software stop working and get a error message, or will send another question code to hasp?

I have HASP HL TIME why is expire 1.7.08, what will happend with software and emulator after 1.7.08?

In the reg file there is a line:
"HaspTimeMemory"=hex:00,00,00,00,00,00,00,00,\
00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 ,00,00,00,00,00,00,00,\
5D,30,39,2A,00,00,00,00,\
FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF,FF

I think that "5D,30,39,2A,00,00,00,00,\" is a date code for a 1.7.08. Am I right?

What is a date format for HASP and can I change it?

if you dont have answer for the current software request in your .reg you will get "unknown envelope error" or something like this

EdiTL
Try to play with you reg to see if you get any change in exp. date.
For the Q/A question, justine right if it's a envelop requests, if those requests embedded is source code of software you cannot know what it will do till:
1. You will get the request without proper answer.
2. You reverse the software.
If it's do envelop request and you are seeing new once you can try to extract the Q/A tables from your software envelop.

Dear all，
My dongle is hasp HL and I use h5dmp.exe to dump my dongle. However, h5dmp only product a hasp.dmp file without the hhl_mem.dmp file.
Without the hhl_mem.dmp file UniDumpToReg.exe can't product the reg flle appropriately with the optional Chingachguk based Hasp HL on.
Is there any person can give me a hand?
Any suggestion will be appreciated!
have a good day!!

so it is normal Hasp. HASP4/3. Not HaspHL

Hi all,
I have dump HASP HL dongle using h5dmp.exe using password PW1=435D PW2=45D7 (I'm using HASPHL2008 just to find the dongle password). Then I convert hasp.dmp and hhl_mem.dmp using Sataron’s UniDMP2reg convertor, so I get .reg file.
I used Chingachguk vusb emulator. But the software still didn't work. I didn't find Q/A section from TORO monitor.
The weird thing is when I open hasploger.exe or TORO monitor (after Installing vusbus). It shows different Pass1 and Pass2 in dongle info (Pass1=7F43 and Pass2=7257). So dongle Pass1 and Pass2 are different between original dongle and emulator Does anybody know what could be the problem ?
Here are the link for all needed data:
http://rapidshare.com/files/125103679/Dongle_Dump.rar

Can anyone share the pass1 & pass2 for this dumper

Can anyone share the pass1 & pass2 for this dumper

Heh, what? :D

Heh, what? :D

I have used the password of the dongle but no response ...may be the developer or anyone can help me

Moby

Dumper info


HASP HL Dumper 1.01 by Tyrus & Nail.

Dumper works with all HASP family keys.
For HASP HL keys VendorKey is not needed!

Dump file structure:
- HaspGeneration (6 bytes + null + null)
- Hasphl_get_size (6 bytes + null + null)
- SN + Net memory (16 bytes)
- Seeds (32 bytes)
- Hasp4Encrypt answer (8 bytes)
- HaspStatus (6 bytes + null + null)
- TimeMemory (16 bytes)(if it present)
- Dongle Memory

Useful features:
Dumper may receive answers tables from questions tables...

f.e:

in:
XXXXXXXX_10_140.BIN
out:
OUT_10_140.BIN

in:
XXXXXXXX_20_13F.BIN
out:
OUT_20_13F.BIN

where:
XXXXXXXX is dongle password
10,20,30 - length of question in HEX
140,13F - number of function


Copyrigth (C) 2007
Tyrus
Nail

So you have wrong passwords. How did you get them ?
Some apps use few different passwords (fake queries).

Hi,

where can I find HASP HL Dumper 1.01 by Tyrus & Nail?

could anyone send me, please?

thanks in advance

Hi,

where can I find HASP HL Dumper 1.01 by Tyrus & Nail?

could anyone send me, please?

thanks in advance

here is download this tool with convertor.

http://www.lavteam.com/uploads/files/HASP_HL_Dumper_1.01_converter.rar

thanks souze_villy

here is download this tool with convertor.

http://www.lavteam.com/uploads/files/HASP_HL_Dumper_1.01_converter.rar

which emulator can be used? does it can emu hl srm ?

which emulator can be used? does it can emu hl srm ?

You can use vusbbus based emulator, for SRM no. There is no public Hasp SRM emulators.

hi git
i have collected more than 1200 codes and now SW doesn't give envelope unknown error but now the Sw crashes, i couldn't understand the problem do you have any idea

Same problem.
HaspHL_decrypt function displayed,no HaspHL_ecrypt function.

here is last lines logs when SW crashed.(hasploger):
2008/07/16 01:51:50.347 ==> HaspHL_decrypt: Status = 0x00
================================================== ================
2008/07/16 01:51:50.378 <== Application: Pioneer.exe
2008/07/16 01:51:50.394 <== HaspHL_decrypt: Pass1 = 0x24F5 (9461), Pass2 = 0x2359 (9049)
2008/07/16 01:51:50.409 <== HaspHL_decrypt: Length = 0x30
2008/07/16 01:51:50.425 <== HaspHL_decrypt: Input Data =
2008/07/16 01:51:50.441
6A 4A 86 5B | FF 05 9C 44 | 3C DB 7D C3 | E2 21 5B 2E [jJ.[...D<.}..![.]
CD 9D 6A 1A | 7D 6E 85 30 | 14 5A 9D 1A | 6B F7 65 DB [..j.}n.0.Z..k.e.]
16 01 AC 6F | 04 10 47 54 | E7 1F 5A 1C | 26 C3 E8 58 [...o..GT..Z.&..X]

2008/07/16 01:51:50.456 ==> HaspHL_decrypt: Output Data =
2008/07/16 01:51:50.488
FC FD FB FD | F8 FF FB FD | FE F9 FC F9 | F8 FE FD FE [................]
CD 9D 6A 1A | 7D 6E 85 30 | 14 5A 9D 1A | 6B F7 65 DB [..j.}n.0.Z..k.e.]
16 01 AC 6F | 04 10 47 54 | E7 1F 5A 1C | 26 C3 E8 58 [...o..GT..Z.&..X]

2008/07/16 01:51:50.503 ==> HaspHL_decrypt: Status = 0x00

help me please!
Thanks in advance.

No status = 0x7,all HaspHL_decrypt: Status = 0x00 when sw crashes.
I have tried several times.

No status = 0x7,all HaspHL_decrypt: Status = 0x00 when sw crashes.
I have tried several times.
Status is not important for HaspHL cracking if have then explain?

Status is not important for HaspHL cracking if have then explain?
try to use the toro monitor.

when you see something like "FC FD FB FD | F8 FF FB FD | FE F9 FC F9 | F8 FE FD FE" it means that you dont have good answer for your current request in your table

when you see something like "FC FD FB FD | F8 FF FB FD | FE F9 FC F9 | F8 FE FD FE" it means that you dont have good answer for your current request in your table

why?

it's same as original dongle's reponse.

thanks for your reply.

no it's not
when emulator cannot find good response it push "FC FD FB FD | F8 FF FB FD | FE F9 FC F9 | F8 FE FD FE" as a good response

as i can see this pair is count 48 so it cannot be random
use sataron's or toro's monitor to log all pairs...execute every sigle option in aplicaton...i suggest you to start monitor and work 2-3 hours as usual....run every option that exist in software...then make final table...for random pairs you are on your own

That may have been true of one build of one emulator one time, but it is absolutely not true in general. Most emulators use a pseudo random number generator specifically when it fails to match so you can NOT tell when it has failed to find a match. It does this because it would be a very easy way for an app or the driver to know it was talking to an emulator and not a real dongle. The real dongle can never fail to produce a crypted reply - whatever gets thrown at it it just en|decrypts and throws back.

Git

git is right when we speak in general...some emulators will give answer same as question some other maybe something else
it's not general rule

in his case it is true..his table is not compleat

Thank you,justine.
i will try what you said,and provide results here for reference.

Damn, my eyes hurt from all this reading :)

Something is kynky here. everything seems so easy but nothing works, vusb does not work, some of the users don't know english well so their explanation is a bit confusing, the are 15 tools on this forum and every small tutorial mixes om at least 5 tools, then some say vusbbus is not working because it's the public version, then other tool does not show de MODAD string ...

I just want to emulate my Hasp HL 2.16 dongle (Aladdin). Toro monitor doesn't give me the MODAD code, HASPHL2007 is dumping different files with different filesizes (depending the hasp driver I use etc.)

Jeezas Christ can anyone help me ? At least to have multiple tutorials for multiple dongles.

I tell you .. nothing works.. NOTHING!

problem will be between PC and chair ;)

w8 ... now I have some info.

Last year when i bought the application HASPHL2007 was out from software-key. I wanted a trial so I made a dump with it and sent the dmp to them. After 1 day, I received a dng file. Well the file was loaded into HASPHL2007 and everything was OK until I run my protected application. When i run it a message appers:
Error 1031: Envelope unknown error.

I've talked to them and told me to send them the application. I refused. So now, I try again with the HASPHL2007 -EDGE version and the dng file loads correctly in HASPHL2007, it tells my it is fully licensed (for my HASP serial number). But when I run my app. it gives me the Error 1031. So I know for sure that I have HASP (don't know the version) and not hasp-HL (with MODAD).

What emulation you you recomand ?

What emulation you you recomand ?
You Must Extract Pair Table From .Protect.
And its need Software installation and Deluging experience.
As i know Sporaw Have Full Solution(Universal) for HL Max with envelope.

You Must Extract Pair Table From .Protect.

Exactly from where ? Toro Monitor ?

And its need Software installation and Deluging experience.

My software or what kind of software do you mean ? Can you explain in 2-3 words what is the "deluging experience" ?

As i know Sporaw Have Full Solution(Universal) for HL Max with envelope.

But is he willing to help me with his solution ?

debugging experiences...it dont need any other explanation.
If you still dont know what we are talking about: http://en.wikipedia.org/wiki/Debugging

BR

10x I started a new topic about my problem

First post here...

I have the same problem. I start the monitor and then my software. It starts to read the table keys and then software gives an error and monitor stops. I tried both Toro and Xyrurg&Sataron. It gives me less than 100 table keys. I save log file and convert to dump file. Then convert to registry. I add the Q/A tables to registry file. I add file to registry and then try to run my software. It gives me error "Unknown Envelope". I think that SW detects monitor and stops the table generation. Is there a way to hide the monitor from SW?

I was able to get the dump files from the dongle and the passwords. Is it possible to emulate a dongle without getting the Q/A tables?

(Using Hasp HL 2.16)

I think I am getting the same problem. I have dumped my dongle and converted it to .reg file. But my software detects the use of both TORO's and Sataron's dongle monitors. Since I have my reg file, I think all I need now is my Q/A tables but have not yet been able to log them yet. I was able to monitor the dongle during the installation of my software, and I did log some information. I also tried starting toro monitor after software startup. The result is my software begins to react strangely.
My log file says I have logged 109 pairs. Is this amount standard? These were logged during installation of software only, I have no Q/A pairs logged from operating the software. My next guess is to attempt to monitor with busTrace 6.0. Has anyone tried monitoring for Q/A pairs with this software? I have also logged the installation of my software with Sataron's logger.
If anyone is curious, I can post log files as well. Thanks for any info.

try to install the usb filter first

double post :)

Hi to everyone,

First, I would like to thanks all participant of this topic for great information and sources for HL Max dongle. :)

So, I need some help about a dongle, here's my questions.

I got a dongle from my work, it's an HL Max one (green USB).
The software protected with it seems to use random QA pairs.

My first question is about QA pairs, if I got something like that:

2008/08/25 17:43:06.812 ==> HaspHL_decrypt: Status = 0x00

================================================== ================

2008/08/25 17:43:06.875 <== Application: C2.EXE

2008/08/25 17:43:06.875 <== HaspHL_decrypt: Pass1 = 0x795F (31071), Pass2 = 0x1F82 (8066)

2008/08/25 17:43:06.875 <== HaspHL_decrypt: Length = 0x30

2008/08/25 17:43:06.875 <== HaspHL_decrypt: Input Data =

2008/08/25 17:43:06.875

4B BE E8 6D | 82 9D 42 CF | 8D 7A 49 35 | A4 5A 56 F0 [K..m..B..zI5.ZV.]

7F B3 B6 AE | 4D 05 09 A1 | 8F 6C 5B 70 | 30 AD C2 61 [...M....l[p0..a]

26 D3 DB FC | E5 6F 48 4B | 84 CE E2 EE | 56 0B 74 58 [&....oHK....V.tX]



2008/08/25 17:43:06.937 ==> HaspHL_decrypt: Output Data =

2008/08/25 17:43:06.937

A4 F4 6B 02 | 39 04 56 C6 | 48 00 64 A1 | 00 00 00 00 [..k.9.V.H.d.....]

7F B3 B6 AE | 4D 05 09 A1 | 8F 6C 5B 70 | 30 AD C2 61 [...M....l[p0..a]

26 D3 DB FC | E5 6F 48 4B | 84 CE E2 EE | 56 0B 74 58 [&....oHK....V.tX]

Am I right if I say it's a 48 bytes long key ?
If so, the question has to be encoded in 1 line on the QTable and 1 line in ATable, like follow ?

4B,BE,E8,6D,82,9D,42,CF,8D,7A,49,35,A4,5A,56,F0,7F ,B3,B6,AE,4D,05,09,A1,8F,6C,5B,70,30,AD,C2,61,26,D 3,DB,FC,E5,6F,48,4B,84,CE,E2,EE,56,0B,74,58,\

Secondly, it seems I got a 32 bytes long key then a 48 bytes one that is partially the same as the 32 bytes long, is it common from HL protected software to act like this ?
Here's an example to illustrate my word:


2008/08/25 17:43:07.000 <== HaspHL_decrypt: Input Data =

2008/08/25 17:43:07.000

6A 41 C3 DC | D2 2C F5 40 | 17 C2 BD 89 | C4 82 78 97 [jA...,.@......x.]

D2 40 99 BB | 8D E9 03 35 | 6F 75 32 79 | 55 A1 29 4D [.@.....5ou2yU.)M]



2008/08/25 17:43:07.062 ==> HaspHL_decrypt: Output Data =

2008/08/25 17:43:07.062

47 51 3F 7F | 2D 04 B3 C7 | 95 CD 36 EB | 7E 2B 0D 14 [GQ?-.....6.~+..]

D2 40 99 BB | 8D E9 03 35 | 6F 75 32 79 | 55 A1 29 4D [.@.....5ou2yU.)M]

2008/08/25 17:43:07.062 ==> HaspHL_decrypt: Status = 0x00

================================================== ================

2008/08/25 17:43:07.125 <== Application: C2.EXE

2008/08/25 17:43:07.125 <== HaspHL_decrypt: Pass1 = 0x795F (31071), Pass2 = 0x1F82 (8066)

2008/08/25 17:43:07.125 <== HaspHL_decrypt: Length = 0x30

2008/08/25 17:43:07.125 <== HaspHL_decrypt: Input Data =

2008/08/25 17:43:07.125

6A 41 C3 DC | D2 2C F5 40 | 17 C2 BD 89 | C4 82 78 97 [jA...,.@......x.]

D2 40 99 BB | 8D E9 03 35 | 6F 75 32 79 | 55 A1 29 4D [.@.....5ou2yU.)M]

1D 61 36 95 | E2 FA AC 11 | CC 37 91 13 | 46 6C F2 47 [.a6......7..Fl.G]



2008/08/25 17:43:07.187 ==> HaspHL_decrypt: Output Data =

2008/08/25 17:43:07.187

38 50 79 F3 | 2A 0A 19 09 | 8B 55 FC C7 | 82 00 02 00 [8Py.*....U......]

D2 40 99 BB | 8D E9 03 35 | 6F 75 32 79 | 55 A1 29 4D [.@.....5ou2yU.)M]

1D 61 36 95 | E2 FA AC 11 | CC 37 91 13 | 46 6C F2 47 [.a6......7..Fl.G]

Next, I would like to know if the 5 tables with 256 key for each is an true information, if so, my software can request 1280 keys wich are 16 bytes long ?
And it can request a lot more if mixing them to make 32 or 48 bytes long keys, right ?

Next, I would like to know why Toro monitor (version 3.2) didn't work at all with this dongle, could it be detected by the software and by any way be desactivated ?

Last question, I use Hasploger to log QA pairs but I think it can't help to generate QA pairs table, so is there any way to make it with an other software or do I have to build it manually ?
If it's the case, I think I'll try to write a little app' which will parse an output log file and make the QA Table automatically.
Sataron said he will implement such a fonction in his hasploger, but I think it doesn't exist yet.
For information, I use Hasploger 1.71, I think it's the last version available.

Thank you for your help and please, excuse me for my poor english, I did my best to be understandable, thanks again. :)

1) Q/R pairs can be 16, 32 or 48 bytes long between the driver and the dongle/emulator.

2) Yes, there often is repetition of 16 or 32 byte block in next 32 or 48 byte block. Record exactly what the monitor logs into the reg file. Do NOT try to reorder the data.

3) Not sure where your 5*256=1280 comes from. The Q data is input to the AES encryption algorithm and the R data is the Q data encrypted. It works on 16 byte blocks. So there are an almost infinite number of possible Q/R pairs. Well, OK, 2^128 -1 , not quite infinite but more than the number of Hydrogen atoms in the known Universe.

Git

2Sinaptik

The Hasp HL Envelop can contain up to 5 tables of Q/R. For envelop protection, you can extract the 16b Q/A tables for emulator.

Any developer that respect himself will implemented more Soft <-> Dongle communications and in this case like Git wrote the number can be ... well.

Ah envelope... I never think of that because I cannot believe anyone would be stupid enough to "protect" an app with it.

Git

2Sinaptik For envelop protection, you can extract the 16b Q/A tables for emulator.

So if I understand correctly, it's not necessary to add 32 and 48 bytes in the *.reg file for Vusbbus emulator ?

Thank you for your reply Git and y8y8y8y. :)

Ah envelope... I never think of that because I cannot believe anyone would be stupid enough to "protect" an app with it.

Git

There are still lot of developers who use only enveloped protection ;) It is just easier than full implementation into source code.

Hey boys,

I'm done with the coding of an application to be used with haSploGer.

haSploGer K-Di (Key Distiller) read haSploGer log files and extract QA key pairs, convert them to QTable / ATable reg format.

Start the software, open log file generated by haSploGer then extract keys.
Do this for all your log files (you can merge them with Notepad for example) then save the table extracted and copy / paste the resulting *.txt file content to the end of your *.reg file builded with UniDumpToReg and voila.

You can download it from here: http://www.megaupload.com/?d=UT3E1LF3

I stay tuned about your potential comments ! :)

Hope this app' could be of any help.

Excuse me... I try yet emul the HaspHL max... I have read very much about... And understand that there is a relation beetwen the LOG from Toro or HaspLoger and the soft.... Ok... I have the log fron hasploger, and with Ida Pro, I can to see the .PROTEC .iDATA .TEXT tables from my soft... they are 16 bytes long hex data... very good... Please say me

Is the . Protect table the data that must to add to my .REG file ? mmmm This table is Q or A ? The data from this table is very long and data from hasploger is little... What do I do ?

Please help me

eng-ars

I just want to remind everyone that this is a highly viewed topic :)

Seems like people are really searching for a way to emulate there Hasp HL dongles.

Probably more support from the users with knoledge is needed on this topic. Those who make a living by giving info only for money ... what could I say ... :)

Anywayz... just a reminder :)

> Seems like people are really searching

Yup, and finding the answers, so they don't need to remind folks of this thread.

Git

True .. True ... :)

Hi all i am new here but i have read all the posts and it seems there is not a good solution for hasp hl max. I didnt find enywhere something abouth hasphlrdr it is a dumper that creates 16k dump. I have found it on hxxp://dongleduplicate.nsys.by/#USB_INSTRUCTIONS MAYBE THERE IS A SOLUTION FOR Q/A TABLES. I have tried everything and my emul wont work. I have HASP HL BASIC 3.21 (blue one) driver that i use is 5.19. I was confused when HASP HL Dumper by Tyrus said that i have HASP 3. Have any one a clue why is that? Thanks!!!

Hi all i am new here but i have read all the posts and it seems there is not a good solution for hasp hl max. I didnt find enywhere something abouth hasphlrdr it is a dumper that creates 16k dump. I have found it on hxxp://dongleduplicate.nsys.by/#USB_INSTRUCTIONS MAYBE THERE IS A SOLUTION FOR Q/A TABLES. This dump can't help you for a table emulation.
I have tried everything and my emul wont work. I have HASP HL BASIC 3.21 (blue one) driver that i use is 5.19. I was confused when HASP HL Dumper by Tyrus said that i have HASP 3. Have any one a clue why is that? Thanks!!!
it's strange... seems u have SRM dongle in compatibility mode. Try vusb based emuls, see logs. or send me apps starting logs (any loger), i will try to help.

.


in vusb based emuls reg- files input to regedit
"Data"=hex:\...................................

how can keep data in regedit to only read Option for hasp hl vusb based emuls

in vusb based emuls reg- files input to regedit
"Data"=hex:\...................................

how can keep data in regedit to only read Option for hasp hl vusb based emuls
Sorry, i'm not sure what understood your question properly

Sorry, i'm not sure what understood your question properly

I means had bulid a reg files install the emulator
like this
...........
"Data"=hex:\01,20,10,09,28,07...........................
.........
when start the soft i found the data had change by hasp write Option

...........
"Data"=hex:\01,20,10,09,FF,07...........................
.................................................

I want keep the data not change .

This dump can't help you for a table emulation.

it's strange... seems u have SRM dongle in compatibility mode. Try vusb based emuls, see logs. or send me apps starting logs (any loger), i will try to help.

Dear gemebit0
thanks for your interest in this isue here is a link to dump & log for you.
http://rapidshare.com/files/153545362/dump_and_log.rar.html
please every help would bee great. Thanks again.

cghots - one of the emulators has a registry key to turn on/off writing to reg file. I cannot remember the details but it was discussed very recently, last few weeks.

Git

pedjabg

Your dongle is not Hasp SRM type.
Is it simply HL. :)

Any public emulator can emulate it.

pedjabg

Your dongle is not Hasp SRM type.
Is it simply HL. :)

Any public emulator can emulate it.

Nodongle can u help me in one thing: Why h5dmp.exe don't make hhl_mem.dmp I am not sure is it important? Tnx

cghots - one of the emulators has a registry key to turn on/off writing to reg file. I cannot remember the details but it was discussed very recently, last few weeks.

Git
for GIT
yes , gamebit0 build it. but no said can use for hasp hl .

Nodongle can u help me in one thing: Why h5dmp.exe don't make hhl_mem.dmp I am not sure is it important? Tnx

Because your key is "HASP HL Basic" type.
This key type don't have memory.

Your dongle is not Hasp SRM type.
Is it simply HL. :)

i think "Your dongle is SRM in HL compatibility mode" will be more correctly.
pedjabg, your sw enveloped... search in forum && public emuls must help you.
cghots, if u want use my emu, simply remove Option from reg.

i think "Your dongle is SRM in HL compatibility mode" will be more correctly.
pedjabg, your sw enveloped... search in forum && public emuls must help you.
cghots, if u want use my emu, simply remove Option from reg.
Gamebit thanx for helping me but i have made emul yesterday and its workin perfectly. Mine only prob was QA table above 1600 crypt pairs I had to make.

Gamebit thanx for helping me but i have made emul yesterday and its workin perfectly. Mine only prob was QA table above 1600 crypt pairs I had to make.
well, there are successes. otherwise, i still don't see any problems

Hi,

Can anyone help me in converting the log file (from TORO monitor 3.2)to get the complete list of Q/A table. I tried using splitter but it is not converting everything n there are a lot of mistakes. Also, the no. of records are very high in the log file n its very difficult to do it manually.

Thanks in advance.

Hi,

Can anyone help me in converting the log file (from TORO monitor 3.2)to get the complete list of Q/A table. I tried using splitter but it is not converting everything n there are a lot of mistakes. Also, the no. of records are very high in the log file n its very difficult to do it manually.

Thanks in advance.
Yes, send me I can solve it.

Hi to all. I just want to ask if there is a thread for the solution for HASP4 dongles.

Thanks and more power

hi to all, i tried using the toro monitor to dump my dongle key, however when i tried running the software that uses the key, it tells me that the dongle is unattached even if it was attached to the usb port. am i doing something wrong? i attached first the dongle, then run the toro monitor, then run the software that uses the key after. nothing happens to the toro monitor and the software warns me that the dongle was not recognized. can anybody enlighten me with this one. btw my dongle is an aladdin hasp4


Thanks and more power

hi to all, i tried using the toro monitor to dump my dongle key, however when i tried running the software that uses the key, it tells me that the dongle is unattached even if it was attached to the usb port. am i doing something wrong? i attached first the dongle, then run the toro monitor, then run the software that uses the key after. nothing happens to the toro monitor and the software warns me that the dongle was not recognized. can anybody enlighten me with this one. btw my dongle is an aladdin hasp4


Thanks and more power

Did you install usb filter driver ?

I think I am getting the same problem. I have dumped my dongle and converted it to .reg file. But my software detects the use of both TORO's and Sataron's dongle monitors. Since I have my reg file, I think all I need now is my Q/A tables but have not yet been able to log them yet. I was able to monitor the dongle during the installation of my software, and I did log some information. I also tried starting toro monitor after software startup. The result is my software begins to react strangely.
My log file says I have logged 109 pairs. Is this amount standard? These were logged during installation of software only, I have no Q/A pairs logged from operating the software. My next guess is to attempt to monitor with busTrace 6.0. Has anyone tried monitoring for Q/A pairs with this software? I have also logged the installation of my software with Sataron's logger.
If anyone is curious, I can post log files as well. Thanks for any info.

Where you able to successfully log Q/A pairs using busTrace 6.0?

@ Everyone

Is there a limit to how many Q/A pairs you can have in your tables? I would assume the more you can log and add to the reg, the better. Am I right? So if you were to log with one logger and add all the pairs to the reg and then log everything over again with a different logger and add all those pairs to the reg, would there be any problems with duplicate pairs?

You must have ALL the Q/A pairs, doesn't matter where they come from.

Git

But what about duplicate pairs? Would they cause problems?

Not at all, as long as the emulator is written correctly.

Git

u can use USB-sniffer, like USB-Trace, Bus Hound. but for log convertion u must ask somebody, who can understand it.

I have hasp hl srm key having a purple coloring, pass are 1175 0A6C, I

have HASPHL2008.exe, but I can not convert with edgehasp.exe dmp to dng cause it said Wrong filesize for a dump.
I use also h6dmp.exe result SRM.dmp the same wrong size

hasploger did not see anything at program protected running
only usbtrace sees o lot of input out

can I optain dng file without money?
Heeelp!

Did you install usb filter driver ?

yes, i installed the usb filter but the software still don't recognize the dongle even if it is attached

I've done all steps by the article, but when I try run protected program under emulator (without dongle) - I've get an error ""Feature not found". What does it mean?

This mean your HASP HL emulator is bad emulator :)

Seems HASP HL licenses memory emulated incorrectly.

please share the link for vusbus HASP HL !

Thanks in advance

I'm trying to emulate a HaspHL Basic (blue) dongle.

I've been able to log the crypt pairs using Toro and successfully dumped the key using h5dmp. I then used UniDumpToReg 1.1b3 GUI and converted the dmp file into a reg file to be used with Chingachguk's emulator (vusbbus.sys). After that I added the crypt pairs logged earlier and added them to the reg file and then added the file to the registry. I believe I've correctly installed Chinga's emul but how do I know? What do I do next? Is there something I need to activate in order to emulate the key and run the software?

How do I know if the emulator is running?

Would someone be willing to take a look at my reg file and see if I did it correctly?

Heres the link for any brave souls. (http://rapidshare.com/files/166122930/HaspHLBasic.rar.html)
I've also included the dmp file from h5dmp.

Any info will be appreciated.

All of my previous posted were in regards to a HaspHL Pro (purple) dongle.

I'm trying to emulate a HaspHL Basic (blue) dongle.

I've been able to log the crypt pairs using Toro and successfully dumped the key using h5dmp. I then used UniDumpToReg 1.1b3 GUI and converted the dmp file into a reg file to be used with Chingachguk's emulator (vusbbus.sys). After that I added the crypt pairs logged earlier and added them to the reg file and then added the file to the registry. I believe I've correctly installed Chinga's emul but how do I know? What do I do next? Is there something I need to activate in order to emulate the key and run the software?

How do I know if the emulator is running?

Would someone be willing to take a look at my reg file and see if I did it correctly?

Heres the link for any brave souls. (http://rapidshare.com/files/166122930/HaspHLBasic.rar.html)
I've also included the dmp file from h5dmp.

Any info will be appreciated.

All of my previous posted were in regards to a HaspHL Pro (purple) dongle.

Limit reach for downloads, upload again.

New link is here. (hxxp://rapidshare.com/files/167313818/Reg_and_Dmp.rar.html)

One thing I forgot to mention was that when I start the software it throws an error saying the usb key was not found. From what I understand, at some point after I install the vusbbus.sys file, a 'New hardware has been detected' box should pop up. This has not happened.