There are three methods to crack the dongle. One is to clone or copy the dongle through hardware, the other is to debug, track and decrypt the dongle through debug tools such as softice, and the other is to modify the communication between the software and the dongle by writing an interceptor program.
Hardware cloning and copying is mainly for domestic chip dongles. Because domestic dongle companies generally do not have the manufacturing capacity of focus encryption chips, some use chips commonly used in the market. After the cracker analyzes the chip circuit and the internal substantive meaning written in the chip, he can immediately copy or clone a purely identical dongle. However, foreign dongles cannot use such methods. Foreign dongle hardware uses chips with good security, which are researched and developed by ourselves, and it is usually difficult to copy. Now domestic dongles are also using imported smart card chips, so the decryption method of this kind of hardware is less and less useful.
For debug debugging and cracking, due to the increasing complexity of the software and more and more code generated by the compiler, the complexity of tracking mode cracking through disassembly and other methods has become higher and higher, and the cracking cost has become higher and higher. At present, few people are willing to spend a lot of energy on such a huge crack, but the cracked software has very high value.
At present, the decryption and cracking of encryption lock (dongle) mainly focuses on the communication interception between application and encryption dynamic library. This kind of method has low cost and is easy to implement. The encryption lock (encryption dog) focusing on single chip microcomputer and other chips has good decryption effect.
Because the application program interface (API) of the encryption lock (dongle) is basically open, it is easy to download the programming interface API, user manual and other relevant materials of the encryption dog from the Internet, and you can also understand the new progress of the encryption dog technology.
For example, all the programming data of a well-known American dongle provider can be obtained from the Internet. After analyzing these data, we know that the encryption lock (dongle) has 64 internal storage units, of which 56 can be used by users. Each of these units can be used as one of three types: algorithm Data values and counters.
The data value is easy to understand. The data value is the data stored in the read-write unit by the user. Just like the data stored in the hard disk, the user can use the read function to read out the data in the storage unit, or use the write function to save his own information to the storage unit.
A counter is such a unit. Software developers can reduce its value by one by using the increment function in their software. When the counter is in contact with an active algorithm, a zero counter will close the algorithm.
The algorithm unit is difficult to understand. The algorithm is a technology. You use the query (querydata) function to access it. Querydata is the query value. The above function has a return value. The encrypted program knows a set of such query value / return value pairs. Where encryption is needed, use the above function to check the existence and authenticity of dogs. The unit designated as the algorithm cannot be read and modified in software, even if you are a legitimate user. I understand that this kind of technology is mainly to deal with the cracking of simulator technology in addition to increasing the complexity of the program.
All API function misappropriation of this encryption lock (dongle) will have a return value. When the return value is 0, it indicates success.
Therefore, the thought of cracking comes out. We use our own tools (such as VB, VC, etc.) to rewrite and construct a DLL dynamic library file like the dongle API, which also includes the functions included in all APIs such as read and write. The parameters and return values used are the same as those of the original function, and all functions return zero. Then, punish the query and read functions and return the value required by the overriding software.
After the new DLL file is successfully written, it will directly replace the original DLL file. Then run the application software, and all the operations of the software accessing the dongle will be intercepted. The interceptor will always return good data to the software, so as to realize the operation of simulating the dongle.
The above are some common thoughts on cracking the software dongle (encryption lock). For this kind of cracking, software developers still have some countermeasures.
Undertake software dongle replication, provide services to crack various software and hardware dongles, various serial and parallel port dongles, USB dongles, micro dogs, watch dogs, smart dogs and FLEXlm licenses, and modify various commercial software and games.