From Collaborative RCE Tool Library

Jump to: navigation, search

Dongle Analysis Tools


Tool name: Codetective Analysis Tool
Rating: 5.0 (1 vote)
Author: Francisco Gama Tabanez Ribeiro                        
Website: https://github.com/blackthorne/Codetective
Current version: 0.8.2
Last updated: September 20, 2014
Direct D/L link: N/A
License type: GPL
Description: Sometimes we run into hashes and other artefacts and can't figure out where did they come from and how they were generated. This tool is able to recognise the output format of many different algorithms in many different possible encodings for analysis purposes. It also infers the levels of certainty for each finding based on traces of its representation .

This may be useful e.g. when you are testing systems from a security perspective and are able to grab a password file with hashed contents maybe from an exposed backup file or by dumping memory. This may also be useful as a part of a fingerprinting process or simply to verify valid implementations of different algorithms. You may also try running this tool against network traffic captures or large source code repositories to look out for interesting stuff.

You can either use a generic version or as a plugin for the Volatility framework. The usage is similar.
Currently supports:
web-cookie
mssql2000
md5
URL
md4
phone number
credit cards
mssql2005
lm hash
ntlm hash
MySQL4+
MySQL323
base64
SAM(*:ntlm)
SAM(lm:*)
SAM(lm:ntlm)
RipeMD320
sha1
sha224
sha256
sha384
sha512
whirpool
CRC
des-salt-unix
sha256-salt-django
sha256-django
sha384-salt-django
sha384-django
sha256-salt-unix
sha512-salt-unix
apr1-salt-unix
md5-salt-unix
md5-wordpress
md5-phpBB3
md5-joomla2
md5-salt-joomla2
md5-joomla1
md5-salt-joomla1
blowfish-salt-unix
uuid
Also listed in: Crypto Libraries, Data Extraction Tools, Data Search and Extraction Tools, Dongle Crypto Solver Tools, Memory Data Tracing Tools, Memory Search Tools, String Finders
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: DongleKnack
Rating: 5.0 (1 vote)
Author: H. Haftmann                        
Website: http://www-user.tu-chemnitz.de/~heha/
Current version: 2.00
Last updated:
Direct D/L link: Locally archived copy
License type: Freeware & Source (TASM, Pascal)
Description: This tools logs all traffic on the parallel port on ring 0 level by using a dynamic VxD.
Thus it works on all Win9x related Windows (Win3x, Win9x and Win2K).

The dynamic VxD either modifies the IOPM (IO Permission Map) or traps the port by setting a Debug Register on its address. To use the Debug Register method you need at least a Pentium processor.
If you have logged all port traffic, you can replay the log file port traffic and thus emulate the Dongle.
The log file is not compressed and it can be used to understand the dongle routines in the application you want to crack.

Be sure you check the source if you're interessted in Win9x system programming.
Also listed in: Dongle Dumper Tools, Dongle Emulation Tools, Parallel Comm Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: WibuEmu
Rating: 5.0 (1 vote)
Author: Sab, deepzone & xor37h                        
Website: N/A
Current version:
Last updated: June 29, 2008
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: 1. Run wkdumpers for cipher text.
2. Place into gk_feal.c in knCipher array.
3. Solve the key (it should say ok passed).
4. Place solved ciphertext into bruteforce solver. (could take up to 4 days).
5. Place brutesolver values into emulator.
6. Any decent coder can take this source and make it really nice and friendly. I hope some of the hasp guys on this forum update it for mass use.

Note: I suggest using test vectors already existing in sources. The .h file has them. Formz dumpdng. has sample vectors for gk_feal.c first for steps 1-5 to make sure you do it correctly. This code is borland, but easily ports. Source is old as dirt but too lazy to give you all the newer cleaner stuff. Have fun.

Code can be optimized plenty, especially the solver (we already did but you can do it for fun).

Newer wibus can be solved to with the extra 0xFF keysize. Thats for you guys to figure out.
Also listed in: Dongle Crypto Solver Tools, Dongle Emulation Tools, Wibu Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Bus Hound
Rating: 0.0 (0 votes)
Author: Perisoft                        
Website: http://www.perisoft.net/bushound/index.htm
Current version: 6.01
Last updated:
Direct D/L link: N/A
License type: Free + commercial version
Description: Bus Hound is the premier software bus analyzer for capturing I/O, protocol, and performance measurements. Bus Hound can also be used to build and submit commands to devices including bus resets, from a graphical interface.

Power User Features:
· Capture megabytes of I/O at a time
· View I/O on screen in real time
· Trigger on conditions
· Build and submit custom commands
· Issue bus and device resets
· Capture the system startup process
· View low level protocol including SCSI sense data and SMART commands
· View microsecond resolution timing
· Drag and drop captured data to other applications or save it to a zip file
· Capture isochronous and control transfers
· View IRPs and other device driver packets

Bus Support
USB 1.0 & 2.0
SCSI & ATAPI
IDE & SATA
FireWire, 1394a/b
Bluetooth
Fibre Channel
iSCSI, SAS
PC Card, PCMCIA
serial port
parallel port
ps/2 ports
...and more

OS Support
32-bit and 64-bit
Windows 2008
Windows Vista
Windows 2003
Windows XP
Windows XP Embedded
Windows 2000
Windows NT 4.0
Windows Me
Windows 98
Windows 95

Device Support
DVD, CD, Blu-ray
Hard drives, tape drives
Removable drives
Web Cams, Cameras
Mice, Keyboards, HID
Printers, Scanners
Speakers, Modems
...and everything else!
Also listed in: Bus Monitoring Tools, USB Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: busTRACE
Rating: 0.0 (0 votes)
Author: busTRACE Technologies                        
Website: http://www.bustrace.com
Current version: 8.0.047
Last updated: June 15, 2009
Direct D/L link: N/A
License type: Commercial
Description: busTRACE 8.0 is a comprehensive bus and device analysis tool in use by leading system OEMs, peripheral OEMs, software developers, USB developers, and storage developers all over the world. busTRACE 7.0 provides a suite of applications designed to help you perform advanced bus and device analysis.

* Capture I/O Activity
- Capture I/O activity on local or remote computers
- Allow remote busTRACE users to capture I/O activity

* Generate I/O Activity
- Send a single CDB to a storage device
- Send a sequence of CDBs to a storage device
- Perform a read/write/compare stress test
- View ATA/ATAPI Identify information

* Simulate Device Faults
- Simulate a failure on one or more specified devices

* Additional Tools
- View Device Command Descriptor Blocks
- View Device Sense Codes
- CD/DVD Exclusive Access Status
Also listed in: Bus Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: DESkey Analysis
Rating: 0.0 (0 votes)
Author: Sab & xor37h                        
Website: N/A
Current version:
Last updated:
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: Very good analysis / documentation of DESkey, its PRNGs and inner workings, including some code.
Also listed in: DESkey Dongle Tools, Dongle Crypto Solver Tools, Dongle Documentation
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Eutron Smartkey Reader
Rating: 0.0 (0 votes)
Author: cEnginEEr                        
Website: N/A
Current version:
Last updated: July 21, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: Here is a small utility I coded for reading some info of a smartkey dongle;

1. Type & Model
2. Label & Password
3. Serial number
4. IdCode (undocumented)
5. Scramble LFSR (undocumented)
6. Hidden signature (undocumented)
Also listed in: Dongle Dumper Tools, SmartKey Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: HASP SRM 5.0 build 24 Sep 2010 IDA signatures
Rating: 0.0 (0 votes)
Author: souz                        
Website: N/A
Current version: 1.0
Last updated: September 24, 2010
Direct D/L link: Locally archived copy
License type: Free
Description: Safenet HASP SRM 5.0 build 24-Sep-2010 IDA signature finder
Also listed in: Dongle IDA Signatures, Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: IDA Signature: Sentinel SuperPro VC++ library 64bit
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev1
Last updated: September 2, 2013
Direct D/L link: Locally archived copy
License type: free
Description: IDA Signature: Sentinel SuperPro VC++ library 64bit
version: rev1

2013.09.02 rev1:
Add Sentinel SuperPro v7.1
Add Sentinel SuperPro v7.0
Add Sentinel SuperPro v6.6.0
Add Sentinel SuperPro v6.5.0
Also listed in: Dongle IDA Signatures
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Key-lok II C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev1
Last updated: July 5, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: IDA Signature: Key-lok II C++ library
version: rev1
Also listed in: Dongle IDA Signatures, KEYLOK Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: KeyLok Dumper & Seed Calculator
Rating: 0.0 (0 votes)
Author: Sab                        
Website: http://www.woodmann.com/forum/showthread.php?t=10331
Current version:
Last updated: July 30, 2007
Direct D/L link: N/A
License type: Free / Open Source
Description: Here is some old hacked up code I found. I figured I would release it so I can be uber leet one day too. keylokdumper.cpp will dump memory contents, and klcalc will calculate codes for you. I included algo.txt which are the algos of the keylok dongle. Klcalc.exe if you're lazy (I think a bug in it?) and that should do it. I didn't bother making the code pretty, nice, user friendly, or even good. It is just some proof of concepts that can be modded into an elegant solution if you choose too. I do not care about bugs, suggestions, or alterations so don't bother me with them. I do take thanks, hellos and gifts though. Some people might find this useful, some might archive them since they are collectors. Anyways, I might release more stuff later on when bored.
Also listed in: Dongle Crypto Solver Tools, Dongle Dumper Tools, KEYLOK Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Matrix Dongle 2.6.0 IDA Signatures
Rating: 0.0 (0 votes)
Author: Sope                        
Website: N/A
Current version:
Last updated: September 13, 2008
Direct D/L link: Locally archived copy
License type:
Description: Recently, while RE an target I had to create IDA signature file for Matrix Dongle ver 2.6.0 hence uploaded here. It will help you to identify many fucntions.
Also listed in: Dongle IDA Signatures, Matrix Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Matrix Dongle C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev1
Last updated: August 5, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: IDA Signature: Matrix Dongle C++ library
version: rev1

2007.08.05 rev1:
Matrix SDK v2.60
Also listed in: Dongle IDA Signatures, Matrix Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: MicroGuard SDK
Rating: 0.0 (0 votes)
Author: Micro Macro Technologies LTD                        
Website: N/A
Current version: 3.01
Last updated: 1998
Direct D/L link: Locally archived copy
License type:
Description: SDK for the MicroGuard dongle
Also listed in: Dongle SDKs, MicroGuard Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Rockey4 2.x Dongle C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev1
Last updated: July 5, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: IDA Signature: Rockey4 v2.x C++ library
version: rev1

2007.07.05 rev1:
Add Rockey4 v2.05
Add Rockey4 v2.06
Also listed in: Dongle IDA Signatures, Rockey Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Rockey4ND 1.x Dongle C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev2
Last updated: October 11, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: IDA Signatures: Rockey4ND v1.x C++ library

2007.07.05 rev1:
Add Rockey4ND v1.20

2007.10.11 rev2:
Add Rockey4ND v1.15
Add Rockey4ND v1.16
Also listed in: Dongle IDA Signatures, Rockey Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Safenet Sentinel Hardware Keys 1.x C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev1
Last updated: November 15, 2006
Direct D/L link: Locally archived copy
License type: Free
Description: New sentinel dongle:
http://www.safenet-inc.com/products/sentinel/hardware_keys.asp

IDA Signature: Safenet Sentinel Hardware Keys v1.x C++ library
version: rev1

2006.11.15 rev1:
Sentinel Hardware Keys v1.0.2
Also listed in: Dongle IDA Signatures, Sentinel Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Sentinel SuperPro 6.x Dongle C/C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev7
Last updated: April 17, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: IDA Signature: Sentinel SuperPro v6.x C/C++ library
version: rev7

2007.04.11 rev7:
Fixed some Sentinel obfuscated functions. (Thanks to Meteo)

2007.03.01 rev6:
Fixed Sentinel obfuscated functions. (Thanks to Meteo)

2006.10.27 rev5:
Add Sentinel SuperPro v6.4.4
Add Sentinel SuperPro v6.4.3

2006.03.11 rev4:
Add Sentinel SuperPro v6.4.2
Add Sentinel SuperPro v6.4.1

2005.05.07 rev3:
Add Sentinel SuperPro v6.4

2004.12.31 rev2:
Add Sentinel SuperPro v6.3.1.9
Add Sentinel SuperPro v6.3.1.8
Add Sentinel SuperPro v6.3.1.2
Add Sentinel SuperPro v6.3.1.1

2004.12.09 rev1:
Add Sentinel SuperPro v6.3.1.10
Add Sentinel SuperPro v6.3.1.4
Add Sentinel SuperPro v6.3.1
Add Sentinel SuperPro v6.3
Add Sentinel SuperPro v6.2.1
Add Sentinel SuperPro v6.2
Add Sentinel SuperPro v6.1
Add Sentinel SuperPro v6.0
Also listed in: Dongle IDA Signatures, Sentinel Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: SentinelLM Dongle C/C++ library IDA Signatures
Rating: 0.0 (0 votes)
Author: prt                        
Website: N/A
Current version: rev2
Last updated: June 14, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: IDA Signature: SentinelLM C/C++ library
version: rev2

2007.06.14
Add SentinelLM v8.0
Add SentinelLM v8.0.2
Fixed some obfuscated functions.

2004.12.30 rev1:
inculde:
SentinelLM v7.0
SentinelLM v7.0 SP2
SentinelLM v7.1
SentinelLM v7.1.1
SentinelLM v7.1.2
SentinelLM v7.2
SentinelLM v7.2.0.1
SentinelLM v7.2.0.3
SentinelLM v7.2.0.4
SentinelLM v7.2.0.5
SentinelLM v7.2.0.6
SentinelLM v7.2.0.8
SentinelLM v7.2.0.9
SentinelLM v7.2.0.12
SentinelLM v7.2.0.18
SentinelLM v7.3.0
Also listed in: Dongle IDA Signatures, Sentinel Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: SniffUSB
Rating: 0.0 (0 votes)
Author: Thomas F. Divine / Benoit Papillault                        
Website: http://www.pcausa.com/Utilities/UsbSnoop
Current version: 2.0.0006
Last updated: February 23, 2007
Direct D/L link: Locally archived copy
License type: Free / Open Source
Description: Overview

SniffUSB 2.0 is a minor update to the predecessor SniffUSB 1.8 by Benoit Papillault.

The purpose of this release is actually to update Benoit's prior work to allow it to be built under newer development tools. In particular:
* The SniffUSB application is built under Microsoft Visual Studio 2005.
* The UsbSnoop driver is built under the Windows Vista Driver Kit (WDK 6000)

Benoit deserves quite a bit of credit because his V1.8 application and driver ported to these newer tools with very little effort.

Thanks, Benoit!

This release does not fix any bugs from Benoit's V1.8 release and does not offer any new functionality.

After making the initial port of the UsbSnoop driver to WDK 6000 (which went smoothly...) I did make additional modifications to the driver code. Most of these were to make the code more readable - at least to me.

The V2.0 UsbSnoop driver changes included:
* Fixed a small number of PreFast warnings.
* Replaced deprecated functions with newer preferred functions.
* Now use lookaside lists for repetitive fixed-size allocations.
* Removed dead code.
* Simplified some code paths.
* Reorganized code and renamed variables and functions to suit my tastes.
* Replaced driver core dispatch template with that of the WDK 6000 filter.cpp sample driver.

In addition I removed some functionality:
* SniffUSB 2.0 does NOT support Windows 98/ME
* SniffUSB 2.0 does NOT support Windows 2000

I did very little work on the SniffUSB MFC application. Changes that I did make include:
* Replaced some deprecated functions with newer preferred functions.
* Fixed some complier warnings.
* Revised the folder organization for compiler and linker output.
* Added x64 configurations.
* Fixed "Present" indication. (V2.0.0004)
* Improved display refresh control. (V2.0.0004)
* Control whether devices that are not present are listed. (V2.0.0004)
* Added "Uninstall All" button. (V2.0.0005)
* Added mechanism to pause/resume logging. (V2.0.0006)
* Added mechanism to allow the log file to be closed and deleted reliably. (V2.0.0006)

SniffUSB 2.0 now supports only Windows XP and higher.

Benoit's original SniffUSB V1.8 source and executables can be found at the URL:

http://benoit.papillault.free.fr/usbsnoop/
Also listed in: USB Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: USBTrace
Rating: 0.0 (0 votes)
Author: SysNucleus                        
Website: http://www.sysnucleus.com
Current version: 2.3.9
Last updated: June 11, 2009
Direct D/L link: N/A
License type: Commercial with trial
Description: USBTrace is an easy to use and powerful USB analyzer. USBTrace can monitor USB transactions at host controllers, hubs and devices. This is a 100% software product. USBTrace supports Windows 2000, Windows XP, Windows 2003 Server and Windows Vista operating systems and works with USB 1.x and 2.0 (low, full and high speed) host controllers, hubs and devices.

Supports Device Class Decoding. (New)
HID, Hub, Video, Audio, Mass Storage, Bluetooth,
Still Image Capture, Vendor Specific, WUSB HWA Printer, CDC, Smart Card (CCID)

Complete Enumeration Monitoring.
Monitors all USB requests exchanged during device enumeration. Does not use filter drivers.

Search / Filter / Trigger / Export.
Search captured data. Filter out unwanted data.
Set trigger points. Export captured data.

Background/Continuous capturing.
For high performance/non stop capture sessions.

Performance Statistics. (New)
Detailed performance analysis for your device/driver.

Detailed Device Information
USB descriptors (Device, Hub, Configuration, Interface, Endpoint, class specific, IAD, String), Windows enumeration info.
Also listed in: USB Monitoring Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)



Tool name: Universal HASP Dump to Reg converter
Rating: 0.0 (0 votes)
Author: Sataron                        
Website: http://www.woodmann.com/forum/showthread.php?t=9839
Current version: 1.1 b1
Last updated: February 27, 2007
Direct D/L link: Locally archived copy
License type: Free
Description: Support Dump size (in byte): 204, 220, 332, 693, 716, 719, 732.
Support Dump from HaspHL keys: 719 ("hasp.dmp")+4048,+128,+112 ("hhl_mem.dmp"). Files "hasp.dmp" and "hhl_mem.dmp"

should be in the same directory.
Support change in the number of network users.
Support for the user name (only for info in *.reg file).
Support for the time and date.
Support long EDS (for Glasha, HarmEr emulator).

Support emulator:
Chingachguk & Denger2k,
Glasha or HarmEr(0.8b),
HarmEr(0.9b)(test support),
TORO Hasp4 (test support),
Chingachguk based Hasp HL (table),
SafeKey Hasp4 emulator (*.SYD).
Also listed in: Dongle Dumper Tools, HASP Dongle Tools
More details: Click here for more details, screenshots, related URLs & comments for this tool! (or to update its entry)


RSS feed Feed containing all updates and additions for this category.

RSS feed Feed containing all updates and additions for this category, including sub-categories.


Subcategories

There are 7 subcategories to this category.





Views
Category Navigation Tree
   Needs New Category  (3)