Dongles (CrackZ)
Well, this section houses a fair amount of theory but you should read it, when you first start
cracking, your competency will be tested and measured by others based upon your ability to
crack dongles, dongled programs are widely acknowledged to be one of the most difficult
programs to crack, it is the protection of choice for expensive programs such as Cubase,
SoftImage and 3D Studio Max as well as various plug-ins.
So what is a dongle?, well its usually a combination of hardware and software protection,
the hardware constituent is a small plug which usually connects to the parallel port of
your computer (although I believe Serial devices are also available), the 2 I've seen
most often are Sentinel and HASP, but there are others such as DesKEY etc., put simply
if you don't have the dongle the program doesn't run, often the program will periodically
check during its operation for the presence of the dongle as well.
It's actually a lot easier to crack dongles when you have the actual dongle itself, in
fact most tutorial authors probably possess the dongle in the first place, without the
dongle you are probably going to have to 'zen' a lot and maybe pray.
With dongles I can not stress how important it is to have information about the protection
you are dealing with, � of the challenge is establishing which flavour of dongle you are
dealing with, for the HASP check out ftp://ftp.hasp.com , just
use a regular search engine for other vendors, also during the installation watch for files
such as sentinel.vxd etc. You should try and understand exactly the 'dongle' it is you are
trying to crack and read my following tips.
|
1.
|
Remember that the weak part of the dongle is usually the software driving the hardware, for
the most part all the software wants is the 'answers' from the hardware, forget cracking
the dongle wrapper unless you are really wanting to sit down for a long session.
|
|
2.
|
Most dongle implementations are poor, the programmer will most likely write his own
functions to check responses from the dongle using silly function names which are obvious
under disassembly, if they used the dongle manufacturer's API the protection can be a lot
stronger.
|
|
3.
|
Most dongles have more than one beggar off/beggar on check, sometimes flags are set
discretely to trick you, tracking these down is fairly easy once you are sure that you are
actually looking at the protection scheme.
|
|
4.
|
Some dongle routines will attempt to confuse you with complex maths expressions which in
reality are very simple in operation, in assembler even simple mathematics can be
confusing, this isn't that big a problem in SoftICE because there's usually a beggar off
check at the end.
|
|
5.
|
For the most part, forget working out the dongles code or routines unless you really must
understand it in its entirety, its sometimes better to settle for less aesthetically
pleasing NOP's and brute force techniques.
|
|
6.
|
Don't despair when a dongle beats you, some programs can be literally uncrackable without
the dongle present, some dongles drive the programs they protect to an extent where patching
them is just impractical. I wish you Good luck and remember to use any information you have.
|
|
Useful Breakpoints for Dongle Cracking (+Aesculapius)
BPIO -h 278 R
BPIO -h 378 R
|
|
00. INDEX
06. Tips & Tricks for Cracking
2 Dongles