Summary of general ideas about dotting

1. bp CreateFileA is connected to the device. 2. bp DeviceIoControl reads data from the USB flash drive, which is equivalent to bp ReadFile3 and bp MessageBoxA. 4. Several important dll: JTUSB. dll, setupapi. dll, hid. dll5, some key Call names and descriptions: // prepare to find the USB device SetupDiGetClassDevs (& guidHID, NULL, 0, DIGCF_PRESENT | DIGCF_DEVICEINTERFACE) that complies with the HID specification ); // find the USB device interface SetupDiEnumDeviceInterfaces (hDevInfo, NULL, & guidHID, 0, & strtInterfaceData); // release SetupDiDestroyDeviceInfoList (hDevInfo); // if the device is found, read the device path: SetupDi Notify (hDevInfo, & strtInterfaceData, & strtDetailData, sizeof (strtDetailData), NULL, NULL) // open the CreateFile (m_strPath, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); // read HidD_GetAttributes (hCom, & strtAttrib) Hid. dll. hidD_GetHidGuid obtains the Setupapi of the category. dll. setupDiGetClassDevs returns a device information group that contains Setupapi for all devices of the specified class. dll. setupDiEnumDeviceInterfaces Api. dll. setupDiGetDeviceInterfaceDetail returns the device path Hid. dll. hidD_GetAttributes is sent back to the manufacturer and product, and the version number is Hid. dll. hidP_GetValueCaps returns the Kernel32.dll that describes the device capability. createFile enable the device communication Kernel32.dll. writeFile sends an output packet to the device Kernel32.dll. readFile reads the message Kernel32.dll from the device. closeHandle releases the Setupapi resource used by CreateFile. dll. setupDiDestroyDeviceInfoList releases the resource Hid used by SetupDiGetClassDevs. dll. hidD_GetPreparsedData returns a handle to the buffer Hid that stores device capability information. dll. hidD_FreePreparse DData releases the resource Hid used by HidD_GetPreparsedData. dll. hidD_SetFeature transmits a feature packet to the device Hid. dll. hidD_GetFeature reads a feature packet from the device. It is nothing more than recognizing whether a dog is inserted into the device. --> enumerating a dog path --> reading a dog version --> reading Dog data --> verifying. Based on the above API breakpoint, you can always find the method of cracking. Note that there may be a breakpoint check during verification, which may lead to misunderstandings.