Comments (8)
Hi,
I figured out the key for my consumer headset version 1.5.1.
The key is:
const unsigned char HEADSET_151_KEY[KEYSIZE] = {0x4D,0x00,0x47,0x54,0x38,0x10,0x31,0x42,0x4D,0x00,0x47,0x48,0x38,0x00,0x31,0x50};
In C library, epoc_open() function call must be changed from epoc_open(d, EPOC_VID, EPOC_PID, 0) to epoc_open(d, EPOC_VID, EPOC_PID, 1) to connect and work properly.
Please add to master branch, if you like to.
Best, E.
from emokit.
Here is detailed howto for figuring my consumer key:
- Download OllyDbg http://www.ollydbg.de/
- Download SnD Crypto Scanner (http://www.woodmann.com/collaborative/tools/index.php/SnD_Crypto_Scanner_%28Olly/Immunity_Plugin%29) and copy OllyCScan to Olly directory (version 0.4b)
- Run OllyDbg
- Open F3 EmotivControlPanel.exe (do not run debugging yet)
- Run OllyDbg plugin -> SnD Crypto Scanner
- Perform Scan
- MD5, Rijndael (Sig 1) and Rijndael (Sig 2) should be found
- Keep SnD Crypto Scanner Window open
- Run debugging of EmotivControlPanel.exe (F9)
- EmotivControlPanel should completely start, display window with brain and be receiving data
- no need to have headset properly positioned
- Switch to SnDCrypto Scanner window
- Click on Rijndael (Sig 2) then on line in lower window (Signature e1f898...), then click Set Hardware Breakpoint
- Debugger should almost immediately break at some instruction (e.g., SHL EDX,8)
- Scroll up until sequence of INT3 opcodes is found
- Put breakpoint (F2) to first instruction below INT3 sequence - this is the start of function manipulating key
- we now have begin of the function manipulating with epoc key
- you may remove hardware breakpoints now (will break on normal breakpoint at the beginning of this function)
- Resume debugging (F9)
- should break almost immediately
- step over (F8) unless first CALL instruction is found
- step into (F7)
- this function is strange, doing memset on NULL param and free (NOT what we are searching for)
- continue (F8) to second CALL instruction
- step into (F7), you should see memcpy and memset calls disassembled in OllyDbg window
- step to part where memcpy function arguments are prepared (PUSH instruction)
- n should be equal to 0x10 (16B) - number of bytes in eopc key
- src should point to buffer with epoc key
- read buffer address (OllyDbg will show that or see value of corresponding PUSH parameter)
- switch to Memory dump window, RClick->Goto->Expression
- type buffer address (or parameter of PUSH)
- read epoc key (16 bytes) from Memory dump window
- {0x4D,0x00,0x47,0x54,0x38,0x10,0x31,0x42,0x4D,0x00,0x47,0x48,0x38,0x00,0x31,0x50};
- Insert your headset key into Emokit software (https://github.com/qdot/emokit)
- Change last parameter of epoc_open to 1 instead of 0 (epoc_open(d, EPOC_VID, EPOC_PID, 1)) in main()
from emokit.
Nice! I'll add this info to our readme, and add the key to the code. Thanks so much for finding this!
Will close this out myself once I get those two things done.
from emokit.
Many thanks for maintaining this software - good work!
from emokit.
Thank you qdot for the work on EPOC.
Are there any news concerning eskel's problems while using the Python script?
I tried to run the filter = hid.HidDeviceFilter(vendor_id=0x21A1, product_name='Brain Waves') command in Windows, but the list is always empty, even when I remove the "Brain Waves" name. I tried the same thing in Linux, but it seems that there's no problem.
Can I somehow get rid of this problem without having to use Linux?
Thanks for your time
from emokit.
eskel,
Thank you for the step by step instructions on how to get the key! I was finally able to get my headset working with the emokit. My headset is pretty much brand new, so I wonder how often they're changing the key now...
from emokit.
Just wanted to let you know, I am keeping an eye on this, but I'm so massively swamped in other projects right now that I probably won't be able to update things for a while. If anyone who forked wants to add documentation, keys to code, etc..., please feel free to pull request and I'll try to bring things back in. I've talked to Daeken a bit about trying to figure out the key gen stuff once and for all, but, well, we're both kinda in the same situation time-wise at the moment.
from emokit.
Key crack now in repo.
from emokit.
Related Issues (20)
- Mapping Facial Expressions to Raspberry Pi HOT 1
- compilation error
- Graphical Interface for raw data and PSD
- Looking for yet another project lead? HOT 15
- Epoc+ and horrific terms HOT 10
- Discord server invite link no longer valid HOT 1
- RuntimeError: Could not find the hidapi shared library. HOT 7
- support for 2018 epoc+ HOT 1
- Epoc+ 2017 Support HOT 4
- The Emokit code, through the years...
- A question regarding emotiv_values and emotiv_data values.
- Hacking it: Choosing the right USB port HOT 1
- Emokit: Beginner
- Battery error HOT 2
- Getting almost every quality value as None HOT 4
- Emotiv INSIGHT!!! HOT 1
- Support for Ubuntu?
- name 'emotiv' is not defined HOT 2
- recurring of reader restart and reader stopping
- Does it work with the new Epoch X? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from emokit.