Pages

Friday, February 12, 2010

Emulating HASP HL Basic

About a month ago, I was asked to remove the protection of a software (it looks like the software is specially developed --not for public sale) which is using usb key to protect the unauthorized execution.

First of all, I would like to give credit to the reverse engineering team board, even though I never post any message there, but their board contains invaluable information to help me complete this task. Please notice that I share this information only for educational purpose and only as a note for myself. If you have trouble, please don't ask me. Go to the board instead. :)

Gladly, the usb key type is HASP HL Basic, which is simpler to emulate. Here is the step I've done to successfully emulate the usb key:
  1. Get the password-1 and password-2 of the usb key
    Tool required: hasploger
    Plug the usb key and run hasploger. Then, execute the protected software. Hasploger will be able to get the password-1 and password-2 of the usb key.
  2. Dump the usb key (password-1 and password-2 from step (1) are required)
    Tool required: h5dmp
    The size of the dump file is 719 bytes (hasp.dmp)
  3. Create dummy memory file
    Tool required: any, notepad text editor is also possible
    Since hasp HL Basic does not contain memory, create file with any content with size 112 bytes (hhl_mem.dmp)
  4. Convert the dump file from step (2) and (3) to registry file to be used by emulator
    Tool required: UniDumpToReg
  5. Install emulation
    Tool required: I am using multikey_19.0.2-x86 to emulate the key in vista (32bit). While in XP I am using vbus_0.15.4.
    By using the example of registry file from multikey/vbus, modify the registry file from step (4). Then, install the registry and the emulation tool.
  6. Done.

All of the tools are available freely in the internet, however, it takes time to find.

That's all :)

Update #1 (2010/11/03)
I've just realized that I miss-typed when I checked my files,the correct multikey file that I was using is multikey_18.0.2-x86. Probably there's a new update now since it had been months.

That's all :)