Making Dongle (not cracking)

[learner38]

Hello all.we always talk about cracking dongles..
now i like to bulid my own dongle..
any one can help.
like Sechamtic..and programs
thanks alot
[email protected]
let's start talk

I believe making dongles is much more than asking in a forum.
Sorry for being discouraging but this is a serious topic and collecting 3,4,10 opinions or information here is just the 0,1% of the total progress.

[SOLAR]

Well .1% is a start.

[Hero]

Hi minawahib1
Perhaps we should make it clear first:
you want to make exactly a dongle or an smart card ?
1-If you want to make a dongle,it is not really that hard,because it is normally
only a ROM,with deterministic states.The simualtion of this is also too easy,you
need only a table for queries.
2-If you mean smart card,the answer will be deferent.In this case,you need some
knowledge for programming Microprocessor,FPGA,etc. And making it will be more
dificult,But then the simualtion will me more harder too.For example,implementing
AES on FPGA is one of the bests.
In addition,you should choice the port that you want to work first too.Implementing
something for USB is obviously harder than one for LPT!

sincerely yours

[dyn!o]

Quote:

[...]now i like to bulid my own dongle..[...]

You did not even precise the most important point: the purpose (dongle function). A dongle cand stand for a lot of different kind of hardware stuff (usually related to user authentication). My personal note based on own experience: you will not find any valuable help in the Internet (forums/mails) regarding dongle development topics. If not here then nowhere.


Hero: I will try to comment your post but please DO NOT get me wrong. I agree with your information in most of the points but just have to clarify few things to make sure ExeTools users receive correct information. It looks like you have experience regarding programmable logic and microprocessors (thus probably their description languages too). It is nice but people here use to talk mostly about software so they may get a little confused with so fast post concerning so many "alien" branches (if some other PLD maniac is here then she/he knows what I mean).

Quote:

1-If you want to make a dongle,it is not really that hard,because it is normally only a ROM,with deterministic states.

Uhm... the definition of "dongle" is not finished yet. I mean so far it's not precisely defined and in the real scientific community you can assume (extend the functionality) a own definition basing on the basic ones. We cannot say "it's a ROM only" since I have on my desk a selfmade CPLD dongle and as you know it's far from ROM device. For my own purposes it states as external virtual machine for the software.

Quote:

2-If you mean smart card,the answer will be deferent.In this case,you need some knowledge for programming Microprocessor,FPGA,etc. And making it will be more dificult,But then the simualtion will me more harder too.For example,implementing AES on FPGA is one of the bests.

Hmm... let me present my humble point of view in these few points.

First: A smart-card can state as a dongle too.
Assume a computer with built-in smartcard reader (a common case in various government agencies) and a smartcard itself, following ISO-7816 to obtain handy clean management stuff like file structures on the chip. Next, assume we have a software which communicates with the card and operates on a single smartcard word opcode 0x00B0 only (that is read binary command if anyone is interested in smartcards). So, we have a microprocessor inside the card which communicate via computer interface and checks the presence of some data. The microprocessor (card) can be (dis)connected at any time, even hot swapped. Wouldn't you agree it is a dongle?

Second: He does not need FPGA programming knowledge to program a smartcard.
FPGA use HDL (or VHDL if you like) but smartcards use microprocessor's specific language thus may be programmed on various ways, depending mostly on the microprocessor one chooses. It may be enough to communicate with the card and read a single byte; of course there are a lot of other security features like blocking the microprocessor with identification code in order to prevent reverses from reading that byte. One may use the common PIC assembly or many other already standarized solutions (like the above ISO-7816 example) for specifc circuits but he does not need HDL knowledge.

Third: Implementing AES on FPGA - the sense.
Your idea is good but nowadays common dongles (HASP, MARX, WIBU) use it already so it would not be optimal to repeat their job (well, ok. they do it on ASIC but it does not matter if we examine only AES feature being realized by the hardware). You can also order already manufactured "clean" dongles with programmer and API reference regarding built-in cryptography schemes (like AES). They all are cracked because software cracking has very little common with cryptography (you can always allow the dongle to decrypt the code, make dump of each decoded code block and rebuild the executable or inject calls to own dll in the places of crypted code). The point is to develop something new, like some sophisticated virtual machine engine located in the external unit... just an example.

Heroman: I hope you do not get me wrong. If you would not post your information then I would have been probably too lazy to post at this thread

Regards.

[learner38]

thanks for all who reply..
i will be more clear..
I want to protect EXE file with dongle ( lpt or USB) not smartcard caz it need a expensive programmer.. i have the normall programmer which want to program epprom..
so i want to make a small shell in the exe ..and this shell call some dtat from the epprom//and protect the epprom from reading like fues//so... i want to you how i can make it like sechamtic and how i add shell..any one can help..it is a great project..i know this dongle will be easy to crack.. but i like to do it..just to do it..
thanks alot all

[Hero]

Hi dyn!o
I see you are one of professionals in this way,intersting!

Quote:

First: A smart-card can state as a dongle too.

You're right in most cases of using smart-cards.
But Now I assume an hand made smart-card,that is used an microprocessor with
this suggestioned structure:
1-2 packet of 128 byte data will be send(a RISC microprocessor like MIPS is 128bit or using a normal microprocessor)
2-another sequence of bits will be send.This sequence will show an sequence of simple instructions.
For example:you can do "and,or,not,xor" using this sequence.
3-the result will be returned after doing this custom operations.
Know how about simulating this?Isn't it somehow hard?
I know that in theory we can simulate anything when it is available for us,
but we are know that this is not happening all the time,and as result the breaking
down an smart-card will be more harder than a dongle in general.

Quote:

Second: He does not need FPGA programming knowledge to program a smartcard.

FPGA is only a sample,but I suggest it because of it high speed.Normally for working
with USB it is easier(or should) to use FPGA or ASIC,if you need high speed.
in addition,programming FPGA is not necessary of knowing HDL or VHDL.another
fantastic choice is Verilog HDL,too similar to a simple C programming.

Quote:

Third: Implementing AES on FPGA - the sense.

Yes,you're right again.
For example Rainbow IKey series(If I rememered its name correctly) can perform
Asymetric RSA cryptography on datas,that can be more usefull than a simple AES.
But you see my suggestioned smart-card.It can do anything depending on instructions
that you defined for it.It can be a powerfull choice.
But we should know,that almost every Hardware dongle or smart-card can be
simualted when Cracker can buy one of it!!!!

Now minawahib1!
Because you want dongle,then first search for some EEPROM(e.g. 2716 )
The sechmatic will be too simple,because they normally has only power pins,
address bus and data bus.I'm not sure,But I think you will need a Latch too for storing
results.Then use LPT port because it is too easy tocomunicate(If you have a look
to any book about making Computer hardware interface you can see an example
for comunicating with Printer using LPT).
You need a little effort and reading for making a ROM-based dongle.

sincerely yours

Also have a look on this page with lot of resources:

hxxp://www.woodmann.com/crackz/Dongles.htm

[learner38]

i hear about egate dongle.. it use a smart card..any one can emulate it.. and how i can make like it

[.:hack3r2k:.]

True. Nice to see u here Z.

Br

hi,
about building your dongle it will be clone or can some bad guy extract the mcu inside smartcard is not expensive and you can try e-gate but you must use it powerfull (not like a stupid key authorize and (ask <> reply)

Quote:

Originally Posted by minawahib1

i hear about egate dongle.. it use a smart card..any one can emulate it.. and how i can make like it

about any one emulate ? i dont thing so but it working with java applets (build by you) if you use there a stupid ask-reply then can anyone patch the e-gate driver dll but if you use many decyrpt <> cyrpt i dont thing so can anyone easly patch dll and or build emulator for it...

[learner38]

hack3r2k:.
Hello sir...
the best in mobile and protection.i am sure u can help on that

[.:hack3r2k:.]

Quote:

Originally Posted by minawahib1

hack3r2k:.
Hello sir...
the best in mobile and protection.i am sure u can help on that

Maybe low in reply but if soft is really urs or at least have some sources get smartcard else whatever shell u use to protect exe it can be unpacked as usual.

Br