加密狗处理方法1

AnywhereUSB®REMOTE I/OCONCENTRATORInstallationGuideTable of Contents Introduction (2)Cabling AnywhereUSB (2)Installing the Drivers (2)Configuring AnywhereUSB (3)Configuring the PC to Connect to an AnywhereUSB (6)Discovering AnywhereUSBs on Other Networks (7)Configuring for Firewall Support (8)Uninstalling the Drivers (8)Interpreting the Status Lights (9)Using the Configuration Utility Program (10)AnywhereUSB Permitted Device List (16)Understanding Hubs (19)Regulatory and Other Information (20)IntroductionThe AnywhereUSB® Remote I/O Concentrator is the first remote networking solution to utilize USB Over IP® technology, breaking the traditional five meter distance limitation between USB device and host. Now USB devices may be located anywhere on a wired or wireless LAN – without a locally attached host PC. Since the host PC or server may be located remotely, AnywhereUSB enables devices to be deployed in harsh or non-secure environments, making it ideal for point-of-sale, kiosks, surveillance, industrial automation, or any mission-critical enterprise application. This Ethernet-attached solution provides five USB ports to connect peripheral devices such as bar-code scanners and receipt printers, as well as Digi’s Watchport® USB Cameras and Sensors.Cabling AnywhereUSBTo connect your AnywhereUSB to a network:1. Connect a standard Ethernet network cable to your AnywhereUSB. Then connect the otherend of the Ethernet cable to a 10/100/1000 BaseT switch or hub.2. Connect one end of the power supply* into the back of your AnywhereUSB and the otherend into an AC outlet.*Power to this product may be supplied by a UL Listed Direct Plug-In Power Unit marked “Class 2” or a UL listed power supply rated with a minimum rating of 5 V dc 2.5 A if used in the U.S. and Canada or a power supply with similar rating and approved by your local safety code if it is used elsewhere. For polarity, see the following:Installing the DriversFor Windows XP, 2000 and NT4.0 UsersYou must install the drivers using an account that has administrative privileges.1. Insert the ―AWUSB v2.00‖ CD into your CD drive. If the CD does not automatically start,then open the CD folder and double click on AwSplash.exe.A welcome screen allows you to view and print this guide, install the drivers, print theReadMe file, browse the CD, and check our web site for the latest information.2. Click the Install Drivers button to start the install process. Follow the on-screeninstructions to complete the installation of your AnywhereUSB.After installing the drivers, the AnywhereUSB Configuration Utility automatically starts so that you may configure your AnywhereUSB, as described in the next section.Configuring AnywhereUSBFor initial configuration, AnywhereUSB must be connected to the same local area network as the PC that will be used to configure it. In order to configure your AnywhereUSB:1. From the Start menu launch the AnywhereUSB Configuration Utility. The utility displaysa list of discovered AnywhereUSBs on your local subnet. The new AnywhereUSB will havea default IP address of 0.0.0.0. You must configure the AnywhereUSB before it can beused by the host PC. You can identify each AnywhereUSB by its IP Address. If theAnywhereUSB is unconfigured, then the serial number can be used for identification.Unconfigured AnywhereUSBs are listed separately. For example, the AnywhereUSB withserial number SV441F086A below has not yet been configured.2. Double click on the Unconfigured AnywhereUSB entry, or select it and press the Configurebutton.3. Enter a Device Name that easily identifies the AnywhereUSB.DHCP Enabled Configuration Static IP Address Configuration 4. DHCP can be configured by selecting the Enable button. When DHCP is enabled the IPAddress, Subnet Mask, and Default Gateway fields are grayed out. Note that if you enable DHCP, you MUST have a DHCP server on you network. When enabled, the AnywhereUSB will wait for up to four DHCP requests. If a DHCP response is not received, theAnywhereUSB will default to its initial unconfigured state. Also, AnywhereUSB will look for option 26 in order to determine the MTU size (with 1500 being the default).If you do not have a DHCP server or choose not to use it, select the Disable button. Enter the IP address and Subnet Mask. You may need to contact your Network Administrator for IP address assignment. Enter the Gateway for your network. (In a network using subnets, the Gateway is the router that forwards traffic to a destination outside the subnet of the AnywhereUSB.) The MTU size is configurable between 576 and 1500 bytes, with 1500 being the default. For the changes to take effect you must click the Update button, which resets the AnywhereUSB.5. Enabling a Configuration PasswordThe AnywhereUSB can be configured to have a Configuration Password. When aConfiguration Password is configured, subsequent configuration attempts via theAnywhereUSB Concentrator Configuration Utility will require a password to be entered prior to allowing the user to configure the unit.To enable the password for a given AnywhereUSB unit, click the Set Password button and enter the desired password into the following dialog box:Once the configuration password has been set and the AnywhereUSB unit has rebooted, the Configuration Utility will display the ―Unlock‖ button for the given unit as displayed below:To configure the AnywhereUSB with a Configuration Password enabled, click the Unlock button and enter the appropriate password.Configuring the PC to Connect to an AnywhereUSB1.From the Start menu launch the AnywhereUSB Configuration Utility. The utility displaysa list of all AnywhereUSBs on your local subnet and on any subnet configured in theDiscovery List.2. Select an AnywhereUSB and press the Connect button to add the AnywhereUSB’s IPaddress to the Connection List. The host computer then attempts to connect to theAnywhereUSB. For a list of the AnywhereUSBs to which you are currently configured toconnect, from the Edit menu select Connection List.3. The Found New Hardware Wizard prompts you to search for the drivers: one time for theRemote Hub and two times for the USB Host Controllers and the USB Root Hubs. Selectthe Install software automatically (Recommended) option and click the Next button. Ifyou get the warning message indicating that the drivers have not yet passed WindowsLogo Testing, click the Continue Anyway button. Follow the on-screen instructions tocomplete the installation of the drivers.Discovering AnywhereUSBs on Other Networks To discover AnywhereUSBs on other networks, you must add their network address to the Discovery list in the Discovery List Manager dialog box.1. From the Edit menu select Discovery List.2. Add the Subnet addresses or the IP address of the individual device to the Discovery ListManager. For example, to add the Class C network 192.168.2.x, you must enter192.168.2.255. Note that your routers must be configured to pass subnet broadcasts.3. When you have completed adding the subnet address to the Discovery List, click on theClose button to save the list. The screen will refresh within a few seconds.Configuring for Firewall SupportTo access an AnywhereUSB that is behind a firewall:Your firewall must have a well known static IP address (for example 10.52.48.37).The AnywhereUSB must have an IP address on the private subnet (for example192.168.1.10).Your firewall must be configured to allow TCP/IP and UDP/IP packets to pass through port3422.The firewall must be configured to send these TCP/IP and UDP/IP packets directed to theIP Address of the AnywhereUSB (in this example: 192.168.1.10).You must manually add the address of the firewall to the Connection List.Note that you can access only one AnywhereUSB through each firewall. For more information on how to configure your firewall, refer to your firewall manual.At this point the PC will attempt to connect to the AnywhereUSB.If you would like AnywhereUSB Information to be displayed in the discovery window of the configuration utility, you may add the address of the firewall into the Discovery List. Note that AnywhereUSBs behind firewalls, as displayed in the discovery window, show the IP address of their private network.Uninstalling the DriversTo uninstall the AnywhereUSB drivers:1. From the Start menu launch the AnywhereUSB Configuration Utility.2. From the File menu select Preferences and then click on the Uninstall button. You mustreboot your PC to complete the driver removal.Interpreting the Status LightsThe AnywhereUSB has six LEDs on the front panel, the System Status LED and five hub LEDs. Each LED is capable of displaying three colors: red, green, or orange.System Status LightsOn initial power up the system status LED is orange for two seconds while the system initializes and then blinks green. If DHCP is enabled and it is first coming up, the system status light will be orange while the AnywhereUSB searches for a DHCP server. If it cannot find a DHCP server, it will return to the default configuration to allow the Configuration Utility to assign a static IP address.Hub LightsGreen hunting pattern across all LEDs Not connected to a host.Orange alternating on ports 1-3-5 and 2-4 Updating image in Flash. Do not remove powerfrom AnywhereUSB while flash is being updated.Doing so will damage your AnywhereUSB.Solid Green Hub port is powered.Green over Red hunting pattern Please call customer service.Using the Configuration Utility ProgramThe AnywhereUSB Configuration Utility displays AnywhereUSBs grouped by their subnet. The Utility automatically discovers AnywhereUSBs on your local subnet. To discover AnywhereUSBs on other networks, you must add their network address to the Discovery list.Icon Color Legend:(Green) Available for Connection(Gray, Bold Text) Connected to this computer(Gray) In use by other Host PC(Red) Firmware is being updated.AnywhereUSB IP Address has not yet been configured.Note: After the AnywhereUSB Configuration Utility has been launched it will reside in your system tray. To open the utility, double click the AnywhereUSB icon (leftmost icon in the picture below) inthe system tray. If you try to start this utility from the Start menu and it does not launch, check the system tray.Menu OptionsFile Menu: PreferencesAllows you to configure how frequently the utility queries for AnywhereUSBs on the network. You can also enable the logging of driver events to the system event log and uninstall the drivers.Edit Menu: Connection ListDisplays the IP addresses of the AnywhereUSB to which the PC will try to connect. When an IP address is added to this list, the Host PC immediately tries to connect to the AnywhereUSB. If an IP address in this list is deleted, all USB devices attached to this AnywhereUSB will be removed from this Host PC.Edit Menu: Discovery ListThis command displays a list of subnet addresses of remote networks or IP addresses of individual units where the configuration utility will search for AnywhereUSB.This command allows configuration of the TCP/IP parameters in the AnywhereUSB. In a static IP address configuration the MTU size is configurable between 576 and 1500 bytes, with 1500 being the default. Note that when DHCP is enabled the AnywhereUSB looks for DHCP option 26 in order to determine the MTU size (with 1500 being the default). You can add this IP address to the Connection List by checking the Add to Connection List check box. The Set Password and Clear Password buttons are for enabling and disabling the AnywhereUSB’s Configuration Password. The optional debug log address is for technical support use only.Command Menu: ConnectThis command allows you to add the IP address of the AnywhereUSB to the Connection List.This command retrieves event information from AnywhereUSB. Use this to gather information for Technical Support. This dialog also allows you to save and clear the event log.Command Menu: RebootThis command causes the AnywhereUSB to reboot.Command Menu: Lock / UnlockWhen an AnywhereUSB’s is password protected, the Unlock menu is required in order to open the unit’s configuration dialog. Once the correct password is entered, the AnywhereUSB transitions to an unlocked state. In order to enable the unit’s c onfiguration password again, the Lock option must be selected for the given unit(s).View Menu: Driver InformationThis command displays the version numbers of the AnywhereUSB drivers and firmware and allows you to uninstall the drivers.View Menu: Refresh (F5)This command updates the discovered AnywhereUSB list.AnywhereUSB Permitted Device ListAn option has been added to the AnywhereUSB product that will limit access to a set of select devices. This option allows an administrator to build a list of supported devices by adding specific VendorID/Product ID or Class values into the registry.The AnywhereUSB will compare the IDs of each USB device (when the USB device is connected), with the value(s) in the registry and if there is a match, the device will enumerate otherwise an ―unknown device‖ message will appear in the Notification Area.The key is located in the following location in the registry:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ionhubThe new key value is ―PermittedDevices.‖ This Multi String value contains a list of devices that the AnywhereUSB will enumerate all other devices will show as ―unknown device.‖The following are some examples of values in the permitted device listFor a hub use the value ―GENERICHUB‖ (Class_09 is not supported)For a composite device use the value ―COMPOSITE‖For specific device use Vid_xxxx&Pid_yyyy where xxxx and yyyy are the vendor id and product idof the deviceFor a device class such as mass storage use Class_xx where xx is the class of deviceCOMMUNICATIONS 02HUMAN INTERFACE 03PRINTER 07STORAGE 08VENDOR SPECIFIC FFExamples:To allow a specific USB device with an embedded hub (like an Edgeport/8):PermittedDevices REG_MULTI_SZ Vid_1608&Pid_0215 GENERICHUBTo allow all Human interface devices such as mouse or keyboard:PermittedDevices REG_MULTI_SZ Class_03To allow all mice and all printersPermittedDevices REG_MULTI_SZ Class_03 Class_07The USB Device’s Vid/Pid values can be found using the provided AnywhereUSB View utility. The fields are called idVendor and idProduct. In the following example, the highlighted USB Flash Drive has the following properties:idVendor: 0x13FEidProduct: 0x1D00The following is a view of the registry with the new Key of ―PermittedDevices‖:Double clicking on the key will bring up the Edit Multi-String dialog.Understanding HubsHubs, critical components in the plug-and-play architecture, are wiring concentrators that enable the attachment of multiple devices, thus converting a single attachment point into multiple attachment points. USB architecture allows a cascaded multiple hub configuration with certain power limitations (explained later in this section). See figure 1.Each hub has an upstream port, connecting to the host, and multiple downstream ports, connecting to downstream devices, including other hubs. A hub can detect attachment and detachment of downstream devices and enable and monitor the distribution of the power to downstream devices via their integral hardware and the operating system.Each USB device reports its power requirements to the operating system, which then enables and disables the device as a function of its power requirements and the amount of available power. High-speed devices typically need to be connected to a self-powered hub, which obtains power from its external power supply and provides up to 500 mA for each downstream port. Only simple devices, such as a mouse, can be connected to a bus-powered hub, which obtains power from its upstream host and provides up to 100 mA for each downstream port.Due to the limited available power for bus-powered hubs, cascading two bus-powered hubs is an illegal topology, and devices connected to the second hub will not function. (USB specifications limit the connection of a bus-powered hub to a self-powered hub or host only.)According to the USB Specification, the maximum limit of hubs cascaded in series cannot exceed five. In other words, you may have a maximum of five hubs between any device and the host. This does NOT mean that the maximum number of hubs in a system is five. Indeed, up to seven hubs can be connected parallel at any given level. You must tally both external and embedded hubs when counting downstream hubs.Regulatory and Other Information© 2007 Digi, Digi International, the Digi logo, USB Over IP, AnywhereUSB, Watchport, Edgeport, and Hubport are either trademarks or registered trademarks of Digi International, Inc. in the United States and/or other countries. All other trademarks are the property of their respective holders. Information in this documentation is subject to change without notice and does not represent a commitment on the part of Digi International.Digi International provides this document ―as is,‖ without warranty of any kind, either expressed or implied, including, but not limited to, the particular purpose. Digi International may make improvements and/or changes to this documentation or to the product(s) and/or program(s) described in this documentation at any time.Digi International assumes no responsibility of any errors, technical inaccuracies, or typographical errors that may appear in this documentation, nor liability for any damages arising out of its use. Changes are made periodically to the information herein; these changes may be incorporated in new editions of the publication.For U.S. Government use:Any provision of this document and associated computer programs to the U.S. Government is with ―Restricted Rights.‖ Use, duplication, or disclosure by the government is subject to the restrictions set forth in, subparagraph (c) (1) (ii) of the Rights in Technical Data and Computer Software clause of DFARS 52.277-7013.For non-U.S. Government use: These programs are supplied under a license. They may be used, disclosed, and/or copied only as supplied under such license agreement. Any copy must contain the above copyright notice and restricted rights notice. Use, copying, and/or disclosure of the programs is strictly prohibited unless otherwise provided for in the license agreement.Federal Communications Commission (FCC) Regulatory Information (USA only) This equipment has been tested and found to comply with the limits for a Class B digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference in a residential installation. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions, may cause harmful interference to radio communications. However, there is no guarantee that interference will not occur in a particular installation. If this equipment does cause harmful interference to radio or television reception, which can be determined by turning the equipment off and on, the user is encouraged to correct the interference by one or more of the following measures:•Reorient or relocate the receivingantenna.•Increase the separation between theequipment and the receiver.•Connect the equipment into an outletthat is on a circuit different from thereceiver.•Consult the dealer or an experiencedradio/TV technician for help.Warning: The connection of a non-shielded interface cable to this equipment will invalidate the FCC Certification for this device.FCC Regulation - Part 15Declaration of Conformity (DoC)This device complies with the requirements of the Code of Federal Regulations listed below:FCC Title 47 CFR, Part 15 Class B for a digital device.Operation is subject to the following two conditions:This device may not cause harmful interference, andThis device must accept any interference received, including interference that may cause undesired operation.Department of Communication (DOC)Notice (Canada only)This Class B digital apparatus meets the requirements of the Canadian Interference-Causing Equipment Regulations.Cet appareil numérique de la Classe B respecte toutes les exigences du Règlement sur le matériel brouiller du Canada.European Community - CE MarkDeclaration of Conformity (DOC) According to ISO/IEC Guide 22 and EN 45014Manufacturer’s Name:Digi InternationalManufacturer’s Address:11001 Bren Road EastMinnetonka, MN 55343declares that the productProduct Name:AnywhereUSBModel Number(s):301-1130-01Product Options:Allconforms to the relevant EU Directives listed here:EMC Directive 89/336/EEC |Low Voltage Directive 73/23/EECAmending Directive 93/68 EECusing the relevant section of the following EU standards and other normative documents:Safety:IEC 950:1991 +A1, A2, A3, A4EN 60950:1992 + A1, A2, A3, A4EMCThe following summarizes the specifications and requirements for EN55024, EN55022 Class B & CISPR 22 Class B emission and immunity tests. If the actual test levels are higher or different than required, these levels are listed in the appropriate tables.EN 55022 Class BEuropean ContactDigi InternationalJoseph-von-Fraunhofer Str. 2344227 Dortmund, GERMANY49-231-9747-0UL/CSA Safety InformationThis device complies with the requirements of following safety standards below:UL 1950, 3rd editionCSA No. 950Quality ManagerAustin, TexasMarch 2007Digi International 11001 Bren Road EastMinnetonka, MN 55343@CorporateHeadquarters:952-912-3444877-912-3444Fax: 952-912-4952Digi Europe: +49-231-9747-0Digi Hong Kong: +852-2833-1008Digi North America: 877-912-3444。

还原文件夹加密狗加密的文件(转帖)2008年12月21日星期日 19:19你是不是受到用了加密软件无法恢复数据的困恼？如文件夹加密狗，大师加密等隐藏加密文件的方式，或者忘记密码了，用FinalData就可以解决你的问题。

第一种方法：用FinalData，FinalData大家都听说过吧？FinalData是一个大名鼎鼎的数据恢复软件，可以恢复磁盘上被删除的各种文件，甚至当磁盘被格式化了以后，只要数据没有被破坏，也一样可以将数据找回。

之所以用它来破解加密软件，是由于加密软件并非真的对文件数据进行了加密更改，软件只是对磁盘和文件分配表作了一些小小的修改，使得文件无法被查看到。

FinalData可以直接对磁盘进行操作，从而避开了加密软件在系统中造成的假象，顺利的恢复被加密隐藏的文件运行FinalData后，打开加密文件所在的驱动器分区。

FinalData会扫描磁盘文件分配表。

提示：由于我们并不需要恢复被删除的文件，因此可以点击取消簇扫描。

返回程序主界面，可以看到在中间的列表窗口中已经显示出分区中的所有目录文件夹。

双击展开“根目录”，找到被加密的文件夹如“e:\111”，依次展开文件夹列表上的＋号，在“e:\111\DirRecycler\SYSTEM.\dogtmpdir\ ”中是不是加密的文件？选择要解密的文件，点击右键选择“恢复”命令，弹出文件保存对话框，指定将文件保存到另外一个分区后原来加密过的文件就现形了。

是不是很简单？第二种方法：有的朋友可能会说，我的电脑里没有FinalData怎么办？也有办法，你不会告诉我你的电脑里连winrar也没装吧？如果装了的话，那也很简单，用winrar就可以打开，比如你加密的的文件夹是"e:\111",实际存放地址就是“e:\111\DirRecycler\SYSTEM~1\dogtmpdir\”,把路径填到winrar的地址栏敲一下回车就可以打开了，看那些所谓加密的文件是不是乖乖的躺在那里？然后你要删要复制就随便吧。

某加密狗破解这是很久以前的软件了，原来破解的时候写下了点东西，今天看到了就顺便把它发上来，由于原来只是做的简单的笔记，今天稍微补充了点，由于找不到原程序，所以也不是很完整，希望大家谅解！下面就直接贴代码了：0028:CE5AA885 88442405 MOV [ESP+05],AL ; 这儿.0028:CE5AA889 66C746680100 MOV WORD PTR [ESI+68],00010028:CE5AA88F 8A442405 MOV AL,[ESP+05]0028:CE5AA893 884615 MOV [ESI+15],AL0028:CE5AA896 884614 MOV [ESI+14],AL0028:CE5AA899 5E POP ESI0028:CE5AA89A 83C404 ADD ESP,040028:CE5AA89D C3 RET0028:CE5AA89E CC INT 30028:CE5AA89F CC INT 30028:CE5AA8A0 83EC04 SUB ESP,040028:CE5AA8A3 56 PUSH ESI0028:CE5AA8A4 8B74240C MOV ESI,[ESP+0C]0028:CE5AA8A8 56 PUSH ESI0028:CE5AA8A9 E832000000 CALL CE5AA8E00028:CE5AA8AE 668B465C MOV AX,[ESI+5C]0028:CE5AA8B2 83C404 ADD ESP,040028:CE5AA8B5 6689442406 MOV [ESP+06],AX0028:CE5AA8BA 8A4658 MOV AL,[ESI+58]0028:CE5AA8BD 243F AND AL,3F0028:CE5AA8BF 88442405 MOV [ESP+05],AL0028:CE5AA8C3 8A442405 MOV AL,[ESP+05]0028:CE5AA8C7 668B542406 MOV DX,[ESP+06]0028:CE5AA8CC EE OUT DX,AL0028:CE5AA8CD 5E POP ESI0028:CE5AA8CE 83C404 ADD ESP,040028:CE5AA8D1 C3 RET我们是在chat_to_dongle routine. 而且如果我们看下面的data部分,我们看到:SENTINELXXX... 这是什么啊?! 你应该知道有什么公司提供这种加狗的服务如: Hasp, Sentinel, DesKEY, Activator/Unikey 还有许多其它的.因此,我们可以推断碰到的是一个SENTINEL 狗加密!我们现在在SENTINEL.VXD 文件... 回到文章中来,我们停在这儿:0028:CE5AA885 88442405 MOV [ESP+05],AL ; 这里..0028:CE5AA889 66C746680100 MOV WORD PTR [ESI+68],00010028:CE5AA88F 8A442405 MOV AL,[ESP+05]0028:CE5AA893 884615 MOV [ESI+15],AL0028:CE5AA896 884614 MOV [ESI+14],AL我们要看是关于可执行文件的CALL,所以我们要按三四次F12,我们会在这儿:0028:CE5B35D6 50 PUSH EAX0028:CE5B35D7 55 PUSH EBP0028:CE5B35D8 57 PUSH EDI0028:CE5B35D9 E8D2FEFFFF CALL CE5B34B0 ; 我们的call :) 0028:CE5B35DE C06C241F01 SHR BYTE PTR [ESP+1F],01 ;回到这儿. 0028:CE5B35E3 83C40C ADD ESP,0C0028:CE5B35E6 0AD8 OR BL,AL0028:CE5B35E8 664E DEC SI0028:CE5B35EA 75E1 JNZ CE5B35CD0028:CE5B35EC C0EB01 SHR BL,010028:CE5B35EF 6A64 PUSH 640028:CE5B35F1 57 PUSH EDI0028:CE5B35F2 E8C979FFFF CALL CE5AAFC00028:CE5B35F7 8A44241B MOV AL,[ESP+1B]0028:CE5B35FB 83C408 ADD ESP,080028:CE5B35FE 2401 AND AL,010028:CE5B3600 50 PUSH EAX0028:CE5B3601 55 PUSH EBP0028:CE5B3602 57 PUSH EDI0028:CE5B3603 E8A8FEFFFF CALL CE5B34B00028:CE5B3608 83C40C ADD ESP,0C0028:CE5B360B 0AD8 OR BL,AL0028:CE5B360D 66BE0300 MOV SI,00030028:CE5B3611 6A64 PUSH 640028:CE5B3613 C06C241701 SHR BYTE PTR [ESP+17],010028:CE5B3618 57 PUSH EDI在CALL 中:0028:CE5B35D6 50 PUSH EAX0028:CE5B35D7 55 PUSH EBP0028:CE5B35D8 57 PUSH EDI0028:CE5B35D9 E8D2FEFFFF CALL CE5B34B00028:CE5B35DE C06C241F01 SHR BYTE PTR [ESP+1F],010028:CE5B35E3 83C40C ADD ESP,0C0028:CE5B35E6 0AD8 OR BL,AL0028:CE5B35E8 664E DEC SI0028:CE5B35EA 75E1 JNZ CE5B35CD0028:CE5B35EF 6A64 PUSH 640028:CE5B35F1 57 PUSH EDI0028:CE5B35F2 E8C979FFFF CALL CE5AAFC00028:CE5B35F7 8A44241B MOV AL,[ESP+1B] 0028:CE5B35FB 83C408 ADD ESP,080028:CE5B35FE 2401 AND AL,010028:CE5B3600 50 PUSH EAX0028:CE5B3601 55 PUSH EBP0028:CE5B3602 57 PUSH EDI0028:CE5B3603 E8A8FEFFFF CALL CE5B34B00028:CE5B3608 83C40C ADD ESP,0C0028:CE5B360B 0AD8 OR BL,AL0028:CE5B360D 66BE0300 MOV SI,00030028:CE5B3611 6A64 PUSH 640028:CE5B3613 C06C241701 SHR BYTE PTR [ESP+17],01 0028:CE5B3618 57 PUSH EDI0028:CE5B3619 E8A279FFFF CALL CE5AAFC00028:CE5B361E 83C408 ADD ESP,080028:CE5B3621 C0EB01 SHR BL,010028:CE5B3624 8A442413 MOV AL,[ESP+13] 0028:CE5B3628 2401 AND AL,010028:CE5B362A 50 PUSH EAX0028:CE5B362B 55 PUSH EBP0028:CE5B362C 57 PUSH EDI0028:CE5B362D E87EFEFFFF CALL CE5B34B00028:CE5B3632 C06C241F01 SHR BYTE PTR [ESP+1F],01 0028:CE5B3637 83C40C ADD ESP,0C0028:CE5B363A 0AD8 OR BL,AL0028:CE5B363C 664E DEC SI0028:CE5B363E 75E1 JNZ CE5B36210028:CE5B3640 6A05 PUSH 050028:CE5B3642 80E380 AND BL,800028:CE5B3645 68DF000000 PUSH 000000DF0028:CE5B364A 57 PUSH EDI0028:CE5B364B FF5718 CALL [EDI+18]0028:CE5B364E 83C40C ADD ESP,0C0028:CE5B3651 B900000000 MOV ECX,00000000 0028:CE5B3656 80FB01 CMP BL,010028:CE5B3659 5D POP EBP0028:CE5B365A 83D1FF ADC ECX,-010028:CE5B365D 5F POP EDI0028:CE5B365E 6683E103 AND CX,030028:CE5B3662 5E POP ESI0028:CE5B3666 5B POP EBX0028:CE5B3667 83C404 ADD ESP,040028:CE5B366A C3 RETOk,看看下面的代码并不能帮助我们什么:( 我看过几篇关于狗加密的教程.我们做的这几步,应该是已经完成了.我想,在CALL后面,会有一个关于狗的CMP ,如果值是和狗相同,那么就通过,否则就会加上一个错误的旗标...... 但是,我们是不幸运的,这里不是那么简单!的.通过和代码游戏(跟踪call,寻找一些比较的代码),我按很多次F12 ,但是找不到一点好东西!BTW,我无从这该死的Sentinel的VXD中出来!按住F12,可是什么都没有变!VDX使我陷入困境了......我希望回到Acad.exe 文件中!我不希望破解狗硬件,大多数的时候,狗保护的弱点一般都是在目标本身!我试了BPIO -h 378 R让我们在I/O-port 上试试其它的断点:378 已经试过了3BC 这个;)278 这个也是;o)OK,运行软件,但是却没有拦截;( 我的天啊!因为它是一个VDX ,所以我也试了bpx CreateFileA ,但是走不了多久......那么,为什么不反汇编它呢?运气好说不定能找到一些在字符串中找到一些关于出错的信息(不要做梦了,那是不可能有的!!:p)现在你能用工具中的啤酒了;) 因为我们要花很长时间去反汇编!!!! 那就是我为什么不用IDA的原因了! BTW, 我们的目标可执行文件大概是7.24 mb!好了,现在你知道为什么要花这么多时间了吧..喝过酒后,一觉醒来.经过这么长的时间,终于反汇编好了! 首先,保存结果!我们不希望再等那么多时间,不是吗?如果你的电脑死机或者其它原因,你只有再等那么多时间了!再喝一次酒,呵呵!完了吗? Ok!我们愚蠢的想法是去找字符串,运气不佳,没有,其实是意料之中:p 那么让我们想想!我们怎样攻击它呢? 我们看看Import 表吧!看看狗到底调用了什么函数:) 我们可以找到一个"l33t0" API 函数!哈哈,我想会有一些好东西了, 我们来看看内核......太太太好了:) 我找到一些有趣的东西了:DeviceIoControl从没有看过,但是名称,听起来非常好,不是吗?呵呵!去除所有的断点只在softice中输入: 'bc *' 和: 'BPX DeviceIocontrol'现在运行我们的软件! 哈哈,它拦截下来了:) 按F12,我们跳出了dll文件来到了ACAD.exe :) 让我们和代码玩耍吧.......先看代码, 我按F12几次直到在一个好位置.下面是来自我的winice.log 的一部分::bl00) BPX KERNEL32!DeviceIoControl // Damn good :)Break due to BPX KERNEL32!DeviceIoControlBreak due to BPX KERNEL32!DeviceIoControlBreak due to BPX KERNEL32!DeviceIoControlBreak due to BPX KERNEL32!DeviceIoControlBreak due to BPX KERNEL32!DeviceIoControlBreak due to BPX KERNEL32!DeviceIoControl// 你在这可以看到我在找到好地方之前被拦截下来多少次// 你用这个bpx 的时候,你按F5 3 次,一会有拦截下来,// 你再按两次后停在了这儿:025F:0098B1AF 668B442402 MOV AX,[ESP+02] ; EAX = 一些值025F:0098B1B4 83C404 ADD ESP,04025F:0098B1B7 C20800 RET 0008025F:0098B1BA 8D9B00000000 LEA EBX,[EBX+00000000]025F:0098B1C0 33C0 XOR EAX,EAX025F:0098B1C2 8A442408 MOV AL,[ESP+08]025F:0098B1C6 83F801 CMP EAX,01025F:0098B1C9 7415 JZ 0098B1E0025F:0098B1CB 83F802 CMP EAX,02025F:0098B1CE 7456 JZ 0098B226025F:0098B1D0 83F803 CMP EAX,03025F:0098B1D3 0F8497000000 JZ 0098B270025F:0098B1D9 C20800 RET 0008// 通过RET 后,我们落在这儿:025F:006ABE9A 0FBFC0 MOVSX EAX,AX ; 呵呵:)025F:006ABE9D 83F8FF CMP EAX,-01 ; EAX = FFFF ?!025F:006ABEA0 7405 JZ 006ABEA7 ; 跳转到6abea7025F:006ABEA2 25FFFF0000 AND EAX,0000FFFF025F:006ABEA7 5F POP EDI025F:006ABEA8 C3 RET ; 返回....// 这是最重要的部分:025F:006ABD94 83C404 ADD ESP,04025F:006ABD97 85C0 TEST EAX,EAX025F:006ABD99 7C36 JL 006ABDD1025F:006ABD9B 8D44240C LEA EAX,[ESP+0C]025F:006ABD9F 50 PUSH EAX025F:006ABDA0 E8DB000000 CALL 006ABE80025F:006ABDA5 83C404 ADD ESP,04025F:006ABDA8 85C0 TEST EAX,EAX025F:006ABDAA 7C25 JL 006ABDD1025F:006ABDAC 686071A700 PUSH 00A77160025F:006ABDB1 E8CA000000 CALL 006ABE80025F:006ABDB6 83C404 ADD ESP,04025F:006ABDB9 85C0 TEST EAX,EAX025F:006ABDBB 7C14 JL 006ABDD1025F:006ABDBD 68F470A700 PUSH 00A770F4025F:006ABDC2 E8B9000000 CALL 006ABE80025F:006ABDC7 83C404 ADD ESP,04025F:006ABDCA 3DFDDC0000 CMP EAX,0000DCFD ; eax= DCFD? 025F:006ABDCF 7408 JZ 006ABDD9 ; 好! 狗025F:006ABDD1 47 INC EDI ; 锁住了:)025F:006ABDD2 83FF04 CMP EDI,04025F:006ABDD5 7EA3 JLE 006ABD7A025F:006ABDD7 EB17 JMP 006ABDF0 ; 知道吗?025F:006ABDD9 8B0D8871A700 MOV ECX,[00A77188] ;狗在这儿025F:006ABDDF 6633F6 XOR SI,SI025F:006ABDE2 A18471A700 MOV EAX,[00A77184]025F:006ABDE7 8B1481 MOV EDX,[EAX*4+ECX]025F:006ABDEA C70202000000 MOV DWORD PTR [EDX],00000002 025F:006ABDF0 8B0D8471A700 MOV ECX,[00A77184] ;没有狗:/ 025F:006ABDF6 A18871A700 MOV EAX,[00A77188]025F:006ABDFB 8B1488 MOV EDX,[ECX*4+EAX]025F:006ABDFE 8D0C88 LEA ECX,[ECX*4+EAX]025F:006ABE01 8B1D8471A700 MOV EBX,[00A77184]025F:006ABE07 8B02 MOV EAX,[EDX]025F:006ABE09 35A9B50000 XOR EAX,0000B5A9025F:006ABE0E 03C3 ADD EAX,EBX025F:006ABE10 A3A471A700 MOV [00A771A4],EAX025F:006ABE15 8B11 MOV EDX,[ECX]025F:006ABE17 833A00 CMP DWORD PTR [EDX],00025F:006ABE1A 752F JNZ 006ABE4B025F:006ABE1C E81F010000 CALL 006ABF40025F:006ABE21 35A9B50000 XOR EAX,0000B5A9025F:006ABE26 3D564AFFFF CMP EAX,FFFF4A56025F:006ABE2B 741E JZ 006ABE4B--------------------------- 8< ---------------------- 截取:pOk,我首先想到的是改变:025F:006ABDCA 3DFDDC0000 CMP EAX,0000DCFD ; 是eax= DCFD ?025F:006ABDCF 7408 JZ 006ABDD9 ; 好的! 狗锁住了成为:025F:006ABDCA 3DFDDC0000 CMP EAX,0000DCFD025F:006ABDCF EB08 JMP 006ABDD9 ;不管EAX 了,我跳:p但是,EAX 的值很重要,否则是会崩溃的:( 我们也看到了很多处都调用了EAX 寄存器,检查了好几次哦!那么,我们只有暴力使EAX 的值等于DCFD 了!你还不清除吗,新手?EAX的值为什么要等于DCFD?你没看到:CMP EAX,0000DCFD吗?先在大家都清楚了吧!我们到哪去修改目标呢?想想什么时候对AX 赋值的?我清理一下内存,整理出下面这段代码:025F:0098B1AF 668B442402 MOV AX,[ESP+02] ; EAX = 一些值.025F:0098B1B4 83C404 ADD ESP,04025F:0098B1B7 C20800 RET 0008025F:0098B1BA 8D9B00000000 LEA EBX,[EBX+00000000]025F:0098B1C0 33C0 XOR EAX,EAX025F:0098B1C2 8A442408 MOV AL,[ESP+08]025F:0098B1C6 83F801 CMP EAX,01025F:0098B1C9 7415 JZ 0098B1E0025F:0098B1CB 83F802 CMP EAX,02025F:0098B1CE 7456 JZ 0098B226025F:0098B1D0 83F803 CMP EAX,03025F:0098B1D3 0F8497000000 JZ 0098B270025F:0098B1D9 C20800 RET 0008很老的软件了，我想现在网上应该是找不到了，我也没搜到，所以这篇文章有点四不像吧，整理出来也就这样子了……加密狗破解破解之轻松解被MoleBox打包了的程序PEiD查壳为MoleBox V2.3X -> * Sign.By.fly [Overlay] *1、用OD载入，hr ESP2、bp VirtualProtect中断三次返回，删除断点3、Ctrl+B：89 01---nop掉,----->干掉IAT加密，难点，如果这里不NOP掉，则在找到IAT时会有无效函数，且无法修复00531EF2 8901 mov dword ptr ds:[ecx],eax //此行代码NOP掉4、F9 4次，直达OEP。

----问题：插了加密狗后，还是提示需要注册或锁异常；首先检查加密狗插在主机上灯是不是亮的，如果是亮红灯，那么就检查数据库服务器的操作系统日期时间；如果时间也正常，加密狗，还是提示需要注册或锁异常1、----打开sql查询分析首先执行一下：代码1：master..xp_cmdshell 'hydee20.dll 43513431524364552435324'执行代码1如果出现为：1NULL那么就是正常！那么就需要检查如下：在查询分析中执行代码：select * from c_org_tran where org_tran_code =dbo.f_sys_ini ('1001')查传输机构名称(orgname字段)有没有包含加密狗的关健字。

如果传输机构名称没有问题，那么将加密狗拨下来，插到其他的USB口再进软件；如果加密狗的启用日期大于操作系统的日期，也是会提示需要注册或锁异常比如启用日期是2010.9.25,但是系统的日期是2010.9.01那么就会提示需要注册或锁异常如果进软件打开零售录入或验收入库单或批发销售单提示当前功能不允许使用，是没有开通零售录入或验收入库或批发销售的功能----------执行上述代码1提示如下错误：错误1：ODBC: 消息0，级别16，状态1无法在库xpweb70.dll 中找到函数xp_cmdshell。

原因: 127(找不到指定的程序。

)。

处理方法：sp_dropextendedproc 'xp_cmdshell'goEXEC sp_addextendedproc xp_cmdshell,@dllname ='xplog70.dll'declare @o int错误2：消息15121，级别16，状态21，过程xp_cmdshell，第 1 行在执行xp_cmdshell 的过程中出错。

调用'CreateProcess' 失败，错误代码: '5'。

加密狗常见问题解答以下加密狗常见问题的解答适合于微狗、软件狗、网络狗等多种狗。

1 ．问：如果在计算机的USB 口和并口上同时插入USB 狗和并口狗，哪只狗起作用？答：安装微狗开发套件选定绑定方法时，如果“优先级选择”项选择的是并口狗，那么同时插入USB 狗和并口狗时系统会先检测并口狗，并口狗先起作用；如果“优先级选择”选择的是USB 狗，那么这种情况下USB 狗先起作用。

2 ．问：微狗开发套件与软件狗有何区别？答：主要区别为：并口狗和USB 狗内置单片机，而软件狗则没有。

3 ．问：单片机起什么作用？答：单片机主要用来提高反跟踪的性能。

它通过固化的软件（该软件不可读）对写入和读出的数据按一定的算法进行变换，并采用金天地公司独创的数据交换随机技术使得每次软件与狗交互的字节流都不一样（即使写入的数据是相同的）。

这样就有效地防止了软件跟踪和逻辑分析仪的分析，保证了加密的可靠性。

4 ．问：何为狗的密码及其作用？答：狗的密码是一种由软件开发者控制的、在对狗进行读写操作时校验的密码。

狗的密码不影响检查及变换操作（DogCheck() 、DogConvert() ）。

微狗的密码为四字节长（32 位），在出厂时密码设置为0 。

狗的密码可以由软件开发者用微狗开发套件发行盘上提供的工具软件(DogEdt32.EXE) 进行修改。

注意：对修改后的密码一定要记录并保存好，若忘记密码，加密后的软件将无法对狗进行读写操作而导致软件运行失败。

忘记密码后只能将狗送回至厂家进行清零。

5 ．问：别人能买到和我买的一样的狗吗？他用他的随狗软件可以读出我在狗中写的内容吗？答：您无需有此担心。

狗中有一定的存储空间，其中一部分是系统区，另一部分是用户区。

用户区可以供开发者读写，系统区用来存放狗的特征码及其它信息，任何用户都不能访问的。

特征码是用来区分狗的一组数据，此数据在生产时随机产生，然后写到狗内。

特征码重复的概率很小，只有几千万分之一。

教你如何破解加密狗[分享] 教你如何破解加密狗hasp 系列加密狗破解有的朋友认为很难，其实不然，只要有足够的耐心和技术基础。

是没有问题的。

--------------------------------------------------------------------------------------------------------004015FF |. 8D95 ACFBFFFF lea edx,[local.277]00401605 |. 52 push edx00401606 |. 8B85 F8FBFFFF mov eax,[local.258]0040160C |. 50 push eax0040160D |. 8B8D A8FBFFFF mov ecx,[local.278]00401613 |. 51 push ecx00401614 |. 68 D4E54000 pushAPP.0040E5D4 ; ASCII "EN"00401619 |. 8B55 E8 mov edx,[local.6]0040161C |. 52 push edx0040161D |. E8 8E230000 call<jmp.&user_dll.sui_In> ;这个CALL只要一执行，就死掉，所以必须跟进00401622 |. 8945 EC mov [local.5],eax00401625 |. 8B45 EC mov eax,[local.5]00401628 |> 8B4D F4 mov ecx,[local.3]0040162B |. 64:890D 00000000 mov fs:[0],ecx00401632 |. 8B4D E4 mov ecx,[local.7]00401635 |. E8 C72D0000 call APP.004044010040163A |. 8BE5 mov esp,ebp0040163C |. 5D pop ebp0040163D \. C3 retn--------------------------------------------------------------------------------------------------------跟进后出现一下代码，看第一行，就是0040161D 处调用的函数，再看右面的注释，心跳加快，InitSystem，从名字上你都能猜想它会干什么，对，读狗的相关代码就应该在这儿初始化（当然还要初始化其他信息），继续跟进--------------------------------------------------------------------------------------------------------004039B0 $- FF25 C8554000 jmp ds:[<&user_In>] ; InitSystem004039B6 $- FF25 C4554000 jmp ds:[<&user_Star>] ; StartProgram004039BC $- FF25 C0554000 jmp ds:[<&user_Mai>]004039C2 $- FF25 AC544000 jmp ds:[<&XXX_DLL.#3>]004039C8 $- FF25 A8544000 jmp ds:[<&XXX_DLL.#47>]--------------------------------------------------------------------------------------------------------跟进后，代码是一系列的IsBadReadPtr，由此判断该处是初始化内存工作，离读狗还用有一段距离。

关于鲁班08版深思洛克加密狗（网络狗、单机狗）常见问题解决方法一、网络狗(服务端）检测流程：1、检查该电脑上是否插有其他软件加密狗，如果有则将其拔下重启电脑。

2、将鲁班08版深思洛克加密狗重新插入，看电脑右下方是否提示“发现新硬件”。

（有则继续检测第3项）如果没有：重新安装软件试一下。

更换USB插口再试，还没有提示则说明网络锁可能坏了，请客户联系当地代理进行换锁。

3、选择“开始”——“程序”——“精锐IV网络服务V3.0”——“管理程序”——查看网络锁服务器是否启动（如没有则点取红色方框的内容，右键启动服务），如图1。

4、如果仍然读不到网络锁，找到软件安装目录，双击e4ncli.ini文件在HOSTADDR＝后面输入127.0.0.1即可，如图二图一图二5、“开始”——“控制面板”中，“”双击进入，选择“常规”中“关闭”，再重启软件。

如果软件可以使用则确定是防火墙引起的问题。

然后再将Windows防火墙启用，然后进入“例如”, 将程序和服务中的项目一项项再启动软件（选中一项则启动一次软件）直至发现哪一项和软件有冲突然后将这一项关闭即可，如图三。

图三6、关闭电脑上其他的火墙，然后重启软件。

如果软件可以使用则说明是其他的防火墙与软件冲突。

然后再将其他的火墙启用，找到防火墙中的访问规则，将其中的项目一项项再启动软件（选中一项则启动一次软件）直至发现哪一项和软件有冲突然后将这一项关闭即可。

6、按Ctrl+Alt+Delete进入任务管理器在进程中查找以下几项：FileMon、RegMon、Trw、 TRWDEBUG、IceDump 、softice，如果发现任何一项，结束其进程即可（每次开机都需要结束进程，所以要将其全部卸载）。

二、网络狗（客户端）检测流程：1、检查该电脑上是否插有其他软件加密狗，如果有则将其拔下重启电脑。

2、“开始”——“控制面板”中，“”双击进入，选择“常规”中“关闭”，再重启软件。

加密狗加密与解密方法这个密码限定控制卡的使能权限。

加密狗加密方法1 打开EZCAD软件包，找到“J6.exe”执行程序。

2 双击执行该程序，弹出“Select parameter”对话框，如图1所示。

在图中可以看出我们可以设置两级密码，这两个密码是完全独立的，其中任何一次使用达到设定要求以后，加密狗就会限定版卡的使用权限。

如同时设置两级密码，权限应不同，即这两个密码设置的时间等权限长短不一。

如图，软件默认的是一级密码选中状态，如果想选择二级密码直接点选即可。

图13 当我们选择好设定密码的级数后，点击确定按钮，弹出“JczShareLock”对话框，如图2是软件默认的发布板界面，点击下拉菜单，我们可以选择共享版模式，如图3。

图2图3下面我们分别说明发布版模式和共享版模式的加密方法。

4首先是发布版模式如图2。

发布版模式下没有次数，天数，时间等的设置，只有密码设置，主要应用于保护自己模式的设置，防止别人更改。

点击“写入/Write In”按钮，进入“Write Dongle”界面,如图4。

如果我们是第一次写入密码或者没有设置密码，那么就直接勾选“修改密码/ Change Password”选项，在“新密码/New Password”下面的前一个输入栏里输入4位数字，在后面的输入栏里输入4数字，这样完成了密码的初步设定，然后在“确认密码New PassWord again”下的输入栏内重复输入上面设定的密码，然后点击确认，完成密码的设定。

如果我们是修改密码的话，那么我们首先要在“Write Dongle”界面上方的“输入密码/Input Password”下的输入栏内输入以前设定的密码，然后在勾选“修改密码/ Change Password”，输入新的密码。

否则修改密码就会失败，并出现“密码错误”提示信息。

图45共享版的密码设定，如图3是共享版的界面。

在这里我们首先要设定好限制使用的次数，天数，时间，直接在后面的输入栏内直接输入即可。