05-22-2018, 03:15 PM
(05-21-2018, 07:20 PM)roomtoetje Wrote: In the device is a license system that grants an amount of treatments.
The license keys were always free when you bought disposables/supplies from the company, but they don't sell supplies nor licenses anymore.
-----
I expect the input string to be something like 1234-12345678-x. So i want to bruteforce that against my list.
How do you input the license info? If you just input the base-64 data and the device knows it is "iFlap with 30 Delta" then it is most likely not a hash but encrypted data. If you have to input the type and other info, it might be a signature or custom check/hash. Could you elaborate more on why you think it is "something like 1234-12345678-x"?
This whole thing is very difficult to reverse engineer on only the input data. Finding firmware upgrades and decompiling that or gaining access to the device through debug ports (JTAG for example) would allow you to more precisely determine how this system works. Also, since they are defunct you might also find info from other users online or the company that provides the third-party supplies (you are most likely not the first person to ask for this).