PDA

View Full Version : FlexLM 8.2a -success and tya


oldbrat
December 28th, 2007, 09:11
Hiya,
I got the new target recently, which is one Linux binary protected with FlexLM 8.2a.

Maybe this is my first crack after few years doing non-computer related things.

Get the TOT complete this time is hardest part. Lost all the old connections, but Google is our friend. So after 1 days I collected all the tools: IDA + FLAIR, Hiew, and ald as debugger (since I was on Linux), got also the FlexSDK 8.1a.

The worse things is IDA cannot identify all these lc_checkout, lm_start_real, etc... all. Maybe because all the symbols was stripped by lmstrip on Linux, maybe bad signatures, I dunno.

I was at the wit end. Reading all other tuts on Crackz site does not help to clarify how we can find out the lc_checkout (actually he has mentioned the "lm_ckout.c" inside lc_checkout function).

More ftpsearch reveal that there are also SOURCE for a whole flexlm sdk 9.2. Oh, great!!!

After that, reading through the C source code and FlexLM object code is like reading a tut about how C compiler translate C code to assembly.

Yep, all other functions was there l_sg, lm_start_real, l_zcp ....

Once the target was identified, 1 break point before l_sg can help me to recover all the vendor and job structure (thanks Crackz again), and calcseed deliver your encriptions seeds in 1 minute.

That's it. TYA. A lot of reading and searching, 5 minutes of debugging give me desired results.

with best regards,
oldbrat

Aimless
December 28th, 2007, 09:40
Nice to read the above. I hope you frequent this board often... And Welcome.

Have Phun

JMI
December 28th, 2007, 13:11
We need more postings on "cracking" and debugging on Linux, so please come back with any interesting information you care to share.

Regards,