The dongle helps us to protect against software piracy and consequently to keep prices reasonably low.
It can be insured against loss or theft, free of charge. If not insured, lost means lost and no replacement. If you lose an uninsured dongle, do not ask us about a new dongle and do not ask us to use the dongle of a different license as a replacement for the lost dongle. Questions like these are futile and only have disadvantages for you. You will forfeit the chance of a good-will discount on the purchase of a new license.
The software does not require Internet access to authenticate the license.
Works in virtual machines. (If your dongle repeated disconnects in a virtual machine, change settings to use USB 2.0 instead of USB 3.0.)
Up to 16 dongles can be attached to the same computer at the same time. (However, you may want to consider a single multi-user dongle instead, see below.)
Weight: approx. 7 g ~ 110 grains ~ 1/4 ounce
Dimensions: 5.3 × 1.7 × 0.7 cm or 2.07 × 0.62 × 0.37 inches
Operating temperature: 0°C - 70°C
Storage temperature: -10°C - 80°C
Humidity: 20% - 80%
Certifications: CE, FCC
Material value declared when mailing the dongle overseas: EUR 7
Price that we charge for a dongle: EUR 0 (we do not sell the dongles, just 'provide' them to unlock the software, 1 per license)
Delivery time overseas by postal mail: 4 days - 6 weeks (varies greatly, no shipping charges, no tracking number)
Delivery time overseas via FedEx Int'l Priority: 1-3 working days (for a surcharge, please specify your phone number in the order form!)
Surcharge for delivery of the dongle via FedEx Int'l Priority: depends on destination country, please see order form
A malfunctioning dongle can be exchanged for a new dongle. It must still be in your possession, including the metallic plug. Lost, misplaced or stolen dongles are not replaced, only if they were insured. If you lose an uninsured dongle, you cannot receive another dongle for that license. You could purchase a new license, and in that case we may be able to offer you a discount and apply the calculatory value of unused access to updates of the previous license (only if you do not ask us about a new dongle for the existing license).
Dongles have a serial number printed on the outer case or engraved in the metallic plug, starting with the letter R. However, we do not use that number to reference dongles. We use the so-called hardware ID instead, which is displayed in the program if the dongle is attached, in the Help | Dongle dialog. You can easily copy the ID from there. The first 8 digits are constant and sufficient to identify a dongle.
Two alternative to dongles that may be available for certain license types are BYOD and BYOD+. With BYOD there is no waiting time before you can use the software! |
There are different types of dongles:
Regular dongles (color: green) represent 1 license each and allow 1 user to execute X-Ways Forensics on 1 computer at a time each, locally, even multiple instances of the program. Multiple dongles attached to the same computer (e.g. terminal server) are supported as of v16.5 to allow for multiple simultaneous users. The new 'Smart' dongles are supported by default as of v17.7 SR-13, v17.8 SR-16, v17.9 SR-9, and v18.0 and later. They are labelled 'R4 SMART'.
Multi-user dongles (color: green) represent x licenses each (more than 1, no more than 50) and allow x users to execute X-Ways Forensics on 1 computer (e.g. terminal server) at a time, locally.
Network dongles (color: red) can represent 1 or more licenses (depends on how many licenses you order/have) and can be found by the software on the network. A dongle server program (alternatively available as a service) that we supply must be run on the machine with the dongle (a Windows machine) so that the dongle can be found. Supported by v16.8 SR-10, v16.9 SR-4, and v17.0 and later. If a network dongle with no more than 50 licenses is attached locally, it works exactly like a regular or multi-user dongle (depends on the number of licenses). With more than 50 licenses, it can only be used through the network interface (i.e. the dongle server program must be running on that computer). Multiple network dongles on the same or different machines on the same network can be used at the same time, and if more than 1 network dongle is found by the program, the user can choose one (if any of the dongles are fully utilized already by as many users as possible based on the number of licenses that they represent, this is shown).
How many simultaneous users a dongle supports, i.e. how many licenses it represents, can be verified in X-Ways Forensics at Help | Dongle. When multiple users at the same time share a regular dongle (which in fact must not be shared) or a multi-user dongle and they exceed the maximum number of allowed simultaneous uses (1 for a regular dongle), then the new user will push aside a previous user, i.e. a previous user will be requested by the software to save and stop his work and will eventually be kicked out. The behavior may change at any time. With a network dongle if the maximum number of allowed simultaneous uses has been reached, new users have to wait until the session(s) of a previous user terminates.
If you would like to exchangeregular dongles that you already have for 1 network dongle, you can find pricing and an order form here (pricing subject to change). All the dongles that you wish to swap must still be functional and returned to us upon receipt of the network dongle, and they must actually reach us (you can request deactivation codes for them and apply them to at least make them useless when you send them out).
Important: If you wish to order your licenses with anything other thanregular dongles, you must select that with your online order/must specify that on a purchase order sent to us, or else you will get regular dongles!
Dongles may be sent out in an inactive or only temporarily usable state and once received must be activated with an activation code. All dongles remain our property. Canon selphy cp900 windows 10. If you are interested in a multi-user dongle when buying multiple licenses, please ask first.
X-Ways dongles can be made available to a remote system through RDP (RemoteFX USB Redirection). Tested on a Windows 8.1 system and a remote virtual Windows 8.1 system in Azure (Microsoft cloud computing), where to run X-Ways Forensics. This can extend the range and flexibility of X-Ways Forensics for imaging and analysis work. For details please see here (works the same with X-Ways dongles). USB Network Gate, USB over Ethernet and Donglify also work. Archived blog post by Troy Larson about Azure forensics.
Reversing aint easy these days and is getting harder. Every other executable is packed with this or that, PEID is no longer updated, and many software companies are moving towards dongle based security. The idea is simple – store the registration key or encryption key on a mobile piece of hardware.
So what is a dongle? Traditionally a dongle is a hardware device that connects to the PC through one of the ports in the back. The older ones used the parallel printer port.
Finding a computer with a parallel port these days is tough, so as with all technology, adaptations were made. Now, USB is the defacto standard.
These are relatively cheap to produce and are hard to crack. The fact of the matter is, depending on how the dongle protection is incorporated, it can be impossible to crack a program without the device. Not completely impossible however. Like I said, if the protection is implemented wrong, it cracking the program could be as simple as a 3 byte patch of changing
cmp eax,0
jne 040032BE
RET
What Is A Dongle
to
JMP 040032BE
There are 2 ways to implement a dongle. The right way and the wrong way. The right way would be to encrypt your programs and store the encryption key on the dongle and decrypt at run time depending on whether the device is connected or not.
Dongle Life
The wrong way would be to merely check for the presence of the dongle. Why? Device drivers can be produced to emulate the functionality and visibility of any device including USB and parallel devices. Not only that, the check for a device can be patched, quite easily. There are a few companies out there that implement dongle based protections to software companies as a 3rd party service taking the hassle of implementing a copy based protection system out of the hands of the software company. Trouble is, once you’ve cracked this 3rd party providor’s method, it works on EVERY ONE of their clients.
Take Sentinel from SafeNet for example: http://www.safenet-inc.com/support-downloads/sentinel-drivers/ . Their protection suite is quite popular, however recent versions produced have one fatal flaw – implementation of their dongle based copy protection can be halted based on a single 3 byte patch.
Say for example the software in question is done the right way – encrypted and needs the key to be decrypted at run time. How might this be cracked? Well for starters, we would need to identify the key. The key can be obtained either in memory during live analysis in a debugger or statically by probing the driver or contents of the USB device. Device drivers need to be debugged using a kernel debugger since drivers dont operate in user mode. WinDBG is suitable for this, however softice can be used as well. I myself have never been able to get softice working, but if you can, go for it. Another method would be to use this little program called USBSnoop – http://sourceforge.net/projects/usbsnoop/. This awesome tool allows for a tool that logs the usb data exchange between hardware and device driver. I’ve had excellent luck with this and have found the decryption key in plain text by analyzing the data stream log.
Once the key has been obtained, decryption of the program is possible. What would need to be done from there? One would need to either A) dump the decrypted program which would no longer need the key (depends on how the encryption is implemented) or create an emulator. The emulator would simply be a dummy USB device that contained a copy of the USB dongle – key and all.
Run Dongle Protected Software Without Dongle Download
Its hard to explain without going into full detail on how to create such an emulator, but guides do exist on how to create drivers. First off you’ll need the driver development kit from microsoft. Next, check out lib-usb from sourceforge: http://sourceforge.net/apps/trac/libusb-win32/wiki . Create a USB device driver that simulates the key or files being present on the newly emulated device. Maybe one day I’ll write a step by step on writing such a program, but for now however, we have the basics and concepts out of the way.
Expect more updates in the future.
