首页
社区
课程
招聘
问答 CTF 排行榜 知识库 工具下载 看雪峰会 看雪商城 证书查询
  1. 社区
  2. 付费问答
    3. 发新帖
[旧帖] 『求助』dmp,dng转REG文件 0.00雪花
发表于: 2009-11-13 13:56 8120

[旧帖] 『求助』dmp,dng转REG文件 0.00雪花

zclw 活跃值
2009-11-13 13:56
8120
大家好,我用一些软件将一个狗的数据读成以下文件。
下载地址是
http://rapidshare.de/files/48674793/1.rar.html
请那位高手帮我转成REG注册表文件。希望能不用狗运行
谢谢
QQ:110806708

[培训]《安卓高级研修班(网课)》月薪三万计划,掌握调试、分析还原ollvm、vmp的方法,定制art虚拟机自动化脱壳的方法

收藏
免费 0
支持
分享
最新回复 (5)
zclw
雪    币: 30
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
2
有人能帮我看看这段注册吗的意思吗

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_'SENTEMU']
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_'SENTEMU'\0000]
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"ConfigFlags"=dword:00000000
"DeviceDesc"="'sentemu'"
"Legacy"=dword:00000001
"Service"="'sentemu'"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_'SENTEMU'\0000\Control]
"*NewlyCreated*"=dword:00000000
"ActiveService"="'sentemu'"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dongle]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dongle\Sentinel]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dongle\Sentinel\Dump]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dongle\Sentinel\Dump\3D9D]
"Algo"=hex:01,01,03,03,03,03,03,03,01,00,00,00,00,00,00,00,00,01,03,03,03,03,\
  03,03,03,03,03,03,03,03,03,03,03,03,00,02,03,03,03,03,03,03,03,03,03,03,03,\
  03,03,03,03,03,03,03,03,03,03,03,03,03,03,03,03,03
"Copyright"="(c)2007 by ngoksun"
"Created"="05.04.2007 12:22"
"Data"=hex:31,00,9D,3D,00,00,00,00,B9,0E,00,00,F0,7B,00,00,DB,FF,00,00,03,E2,\
  00,00,00,00,00,00,00,00,00,00,00,00,2E,01,32,FE,0E,E1,EB,75,EF,D4,DF,8E,49,\
  CF,6D,62,FA,D9,66,6D,8B,EF,02,46,6A,E6,62,70,04,F2,26,A0,6A,D5,00,00,FF,FF,\
  5D,60,17,F2,F5,47,96,FF,42,A2,36,D4,28,12,9E,C9,1F,56,D2,D5,CB,1A,8F,EA,5C,\
  59,96,DA,E7,92,1D,ED,B6,47,AC,D3,A6,1C,FA,E7,B9,77,64,F6,30,8B,9B,C5,05,36,\
  EF,F7,5B,6E,49,DD
"Name"="FYXH Dongle Emulator"
"Type"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\'sentemu']
"DisplayName"="'sentemu'"
"ErrorControl"=dword:00000001
"ImagePath"=hex(2):5C,00,53,00,79,00,73,00,74,00,65,00,6D,00,52,00,6F,00,6F,00,\
  74,00,5C,00,53,00,79,00,73,00,74,00,65,00,6D,00,33,00,32,00,5C,00,64,00,72,\
  00,69,00,76,00,65,00,72,00,73,00,5C,00,73,00,65,00,6E,00,74,00,65,00,6D,00,\
  75,00,2E,00,53,00,59,00,53,00,00,00
"Start"=dword:00000002
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\'sentemu'\Enum]
"0"="Root\\LEGACY_'SENTEMU'\\0000"
"Count"=dword:00000001
"NextInstance"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\'sentemu'\Security]
"Security"=hex:01,00,14,80,90,00,00,00,9C,00,00,00,14,00,00,00,30,00,00,00,02,\
  00,1C,00,01,00,00,00,02,80,14,00,FF,01,0F,00,01,01,00,00,00,00,00,01,00,00,\
  00,00,02,00,60,00,04,00,00,00,00,00,14,00,FD,01,02,00,01,01,00,00,00,00,00,\
  05,12,00,00,00,00,00,18,00,FF,01,0F,00,01,02,00,00,00,00,00,05,20,00,00,00,\
  20,02,00,00,00,00,14,00,8D,01,02,00,01,01,00,00,00,00,00,05,0B,00,00,00,00,\
  00,18,00,FD,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,23,02,00,00,01,01,\
  00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00
2009-11-14 12:50
0
kagayaki
雪    币: 189
活跃值: (4810)
能力值: ( LV3,RANK:20 )
在线值:
发帖
回帖
粉丝
私信
3
你说,将一个狗的数据读成以下文件(注册表)

这个注册表信息对你就没多大用处了!!!

创建、加载一个服务(以后有可以能为驱动加载)
是否创建设备,要看下面的类名有没写入到相对的键。

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_'SENTEMU'\0000]
"Class"="LegacyDriver"
"ClassGUID"="{8ECC055D-047F-11D1-A537-0000F8753ED1}"
"ConfigFlags"=dword:00000000
"DeviceDesc"="'sentemu'"
"Legacy"=dword:00000001
"Service"="'sentemu'"
2009-11-15 07:11
0
zclw
雪    币: 30
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
4
现在是我不知道这个REG文件是怎么来的,
有人能教教我吗
2009-11-15 14:47
0
老李发发
雪    币: 227
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
5
是用一系列的工具得到的:
1. Dump dongle with PVA 3.3 util with out "Brute WP" selected.
2. Solve the DMP file using "f1_nodongle" (10x to cEnginEEr) util, you should get XXXX.SSP file (~100kb).
3. Use "UniDumpToReg" util to convert the SSP to REG. Inside "UniDumpToReg" select your SSP file and then select "SafeKey ssp -> vUSB Sentinel" option and push "GO".
4. Open the REG file in Notepad or any other text editor and make  changes;
5. Run "install.bat" from "vusbus" folder
6. Your comp should found new hardware and install it by it self
7. Import your changed REG in to the REGISTRY
8. Reboot
Here is link to all utils that I mentioned above:
http://rapidshare.com/files/86877710...lator.zip.html

New converter from ssp to reg ver 1.11:
http://rapidshare.de/files/39593244/...g1.11.rar.html
2009-11-28 23:08
0
zclw
雪    币: 30
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
私信
6
谢谢大家的支持,
我个人认为能成功的模拟狗了
但问题又来了
问题如下:
这只硬狗加密了两个文件A和B
用硬狗的时候两个文件都能打开(也可以同时打开)
我用vusbus成功模拟狗后
只能打开文件A
但不能打开文件B(提示是没有找到狗)
可问题是,不模拟狗,和不插硬狗提示找不到狗的DI和我用模拟狗提示找不到狗的ID是不一样
例如:
我不模拟狗,不插硬狗提示是:  E003:  找不到狗
而我用模拟狗的时候提示是:    ED14:  找不到狗
请问这样有办法解决吗??
2009-12-1 00:30
0
游客
登录 | 注册 方可回帖
回帖 表情 雪币赚取及消费
高级回复
返回
//