Assembly Language for Beginners

(Jeff_L) #1

8.5 Dongles.


void DrawHand(
HDC hDC,
int pos,
HPEN hPen,
int scale,
int patMode,
PCLOCKSTR np)
{
LPPOINT lppt;
int radius;


MoveTo(hDC, np->clockCenter.x, np->clockCenter.y);
radius = MulDiv(np->clockRadius, scale, 100);
lppt = rCircleTable + pos;
SetROP2(hDC, patMode);
SelectObject(hDC, hPen);

LineTo( hDC,
np->clockCenter.x + MulDiv(lppt->x, radius, 8000),
np->clockCenter.y + MulDiv(lppt->y, radius, 8000) );
}


Now it’s clear: coordinates has been precalculated as if clock face has height and width of 2 ⋅ 8000 , and
then it’s rescaled to current clock face radius usingMulDiv()function.


POINT structure^8 is a structure of two 32-bit values, first isx, second isy.


8.5 Dongles


The author of these lines, occasionally did software copy-protectiondonglereplacements, or “dongle
emulators” and here are couple examples of how it’s happening.


AboutoneofthecasesaboutRocketandZ3thatisnotpresenthere,youcanreadhere:http://yurichev.
com/tmp/SAT_SMT_DRAFT.pdf.


8.5.1 Example #1: MacOS Classic and PowerPC


Here is an example of a program for MacOS Classic^9 , for PowerPC. The company who developed the
software product has disappeared a long time ago, so the (legal) customer was afraid of physical dongle
damage.


While running without a dongle connected, a message box with the text ”Invalid Security Device” ap-
peared.


Luckily, this text string could easily be found in the executable binary file.


Let’s pretend we are not very familiar both with Mac OS Classic and PowerPC, but will try anyway.


IDAopened the executable file smoothly, reported its type as ”PEF (Mac OS or Be OS executable)” (indeed,
it is a standard Mac OS Classic file format).


By searching for the text string with the error message, we’ve got into this code fragment:


...


seg000:000C87FC 38 60 00 01 li %r3, 1
seg000:000C8800 48 03 93 41 bl check1
seg000:000C8804 60 00 00 00 nop
seg000:000C8808 54 60 06 3F clrlwi. %r0, %r3, 24
seg000:000C880C 40 82 00 40 bne OK
seg000:000C8810 80 62 9F D8 lwz %r3, TC_aInvalidSecurityDevice


...


(^8) https://msdn.microsoft.com/en-us/library/windows/desktop/dd162805(v=vs.85).aspx
(^9) pre-UNIX MacOS

Free download pdf