+- CarTechnoloGY (https://cartechnology.co.uk)
+-- Forum: Discussions All about Software and Hardware (https://cartechnology.co.uk/forumdisplay.php?fid=310)
+--- Forum: Automotive Help & Discussions / Software and Hardware (https://cartechnology.co.uk/forumdisplay.php?fid=40)
+---- Forum: Opel - Vauxhall - Holden (https://cartechnology.co.uk/forumdisplay.php?fid=59)
+---- Thread: Lock for DUMP EPT OCFD OPCOM HQ (/showthread.php?tid=35959)
Pages:
1
2
Lock for DUMP EPT OCFD OPCOM HQ - samtimber - 31-05-2018
Hello every one,
I want to try some work on converting an opcom china clone to HQ ,for that i need this :
- Ocfd file given the dump of eeprom of the FT232R,
- Image view of reading data by OP-COM FUT,
- Image view of reading data by FT_Prog plus the template xml dump ,
I will be very grateful if some one coud provide me with this,
Thanks
RE: Lock for DUMP EPT OCFD OPCOM HQ - McMihai - 01-06-2018
(31-05-2018, 17:38 PM)samtimber Wrote: Hello every one,the software is paired with the serial number of the FTDI
I want to try some work on converting an opcom china clone to HQ ,for that i need this :
- Ocfd file given the dump of eeprom of the FT232R,
- Image view of reading data by OP-COM FUT,
- Image view of reading data by FT_Prog plus the template xml dump ,
I will be very grateful if some one coud provide me with this,
Thanks
all you need is to change the serial number of the FTDI.
or enter the serial number (FTDI) in the OPcom HQ software
RE: Lock for DUMP EPT OCFD OPCOM HQ - samtimber - 03-06-2018
Thanks for reply but i 'am looking for some one who has the opcom hq and can provide me with the information that i ask before to make a public solution for every one who have the china clone.
of course,passing the information must be in private
RE: Lock for DUMP EPT OCFD OPCOM HQ - leader - 04-06-2018
Forget about this...
The loader in OP-COM HQ is very hard protected. You need a valid license for the loader.
The license is stored in the user programable area of FTDI-RL's eeprom and it's paired against ftdi chipid. So do you need to know several secrets stuffs:
1. Encryption and hashing algorithm of the license (based on chipid)
2. Proper RSA key to digital sign the hash
3. To obtain this you need to devirtualize the lastest themida virtual machine
4. The loader is protected with severeral self checks too against cracking (for example, crc's against static patching, self debuging against debuggers and timechecking (GetTickCounter()) against dynamic patching,etc...)
Why do you think that somebody will share this secrets to destroy market?
Why do you not buy a HQ Clone and get the these informations by yourself instead of ask it for free and reshare it as your own work?
The HQ Clone are solution from the past. Nowadays there are better solutions for op-com which works like the original...
RE: Lock for DUMP EPT OCFD OPCOM HQ - alveos - 06-06-2018
What solutions?
RE: Lock for DUMP EPT OCFD OPCOM HQ - stmilosh - 13-06-2018
(04-06-2018, 18:53 PM)leader Wrote: Forget about this...Or instead of all of that you can simply find those two bytes of "licence" by brute force. It is only 65k combinations at worst and FTDI EEPROM can certainly sustain that many user area byte reprograms
The loader in OP-COM HQ is very hard protected. You need a valid license for the loader.
The license is stored in the user programable area of FTDI-RL's eeprom and it's paired against ftdi chipid. So do you need to know several secrets stuffs:
1. Encryption and hashing algorithm of the license (based on chipid)
2. Proper RSA key to digital sign the hash
3. To obtain this you need to devirtualize the lastest themida virtual machine
4. The loader is protected with severeral self checks too against cracking (for example, crc's against static patching, self debuging against debuggers and timechecking (GetTickCounter()) against dynamic patching,etc...)
.
RE: Lock for DUMP EPT OCFD OPCOM HQ - leader - 13-06-2018
(13-06-2018, 02:04 AM)stmilosh Wrote: Or instead of all of that you can simply find those two bytes of "licence" by brute force. It is only 65k combinations at worst and FTDI EEPROM can certainly sustain that many user area byte reprograms
You are wrong. Those 2 bytes was valid only for 131223d HQ version.
In 150406HQ skladd improved his portection by rsa sign the license. The signature is stored in the User Area of FT232RL's internal eeprom. Because of the User Area size limitation the RSA key is only 20bytes (160bits) length. So it not hard to calculate private key for it....
In 170823 sklad impored the protection agains and lock his loader to computer too.
As I told before novadays there are much better solution than these HQ interfaces....
RE: Lock for DUMP EPT OCFD OPCOM HQ - mattydr67 - 16-06-2018
Mr Leader you have totally right.
But in my opinion the new solutions hasn't to be public as HQ clone solution is.
As you said there are better solution for a long but this one are better because it wasn't public. You know what I mean
Let the HQ clone solution to remain for the public.
Good luck
RE: Lock for DUMP EPT OCFD OPCOM HQ - cronix - 19-06-2018
What's the meaning of this?
So you say there are other sw tools/hw interfaces that do the same of OPCOM and are (possibly) free?
I cant quite understand why it should be a secret.
Thanks!
RE: Lock for DUMP EPT OCFD OPCOM HQ - loki954 - 19-06-2018
here a soft and firmware that work very well for my opcom