I'm trying to crack a FlexLm protected program. I have a Demo license which is still working.
I cracked the old version of program by tracing the program from the entry point and writing every jump it takes until the main window show up.Then I changed the Date in license file and trace the program again using OllyDbg and changed the conditional jump that were different from the jumps of unchanged license file.
I ran the program using any parameter in license file.

but my problem is with the new version of program and i want to use the same approach. I trace all the lines of program using olyydbg. but even with a Valid license file I can not trace the code. I pass some calls and it pops-up menu that the license is ok.
again, I step into code to find where the main window finally show up. But instead I reach a call when I step into it Ollydbg gives the access violation error (notice this happens with valid license file).

I tried debuging using Sofice and Syser but again i got the same problem.

I used the IceLoad feature to load the program. in normal way when i press ctrl+d the main window of program finally pops-up. but if I set a breack point on the line after which the license is successfully check to see which lines it will go after that . the program shows an error .and i can not trace into program.

Is there a way to solve this problem ?

Thanks

Alphino ,

Have you "considered" that the new version is actually detecting your breakpoint setting, as in it being a form of "debugger" detection?

How about you so some research on detection of breakpoints. Might help you to understand what might be happening.

Regards,

This is truly nuts.

Identify the FLEXlm routines you are interested in and breakpoint them directly, lots of information how to find them in your disassembler/debugger of choice.

Regards

CrackZ.

Thanks JMI and Crackz

I did not trace every line of program. I just find the call that checks the license and I just trace that part of code.
But the program dose not allow me to set a break point on lines following the call that says license has been successfully checked .I mean ,if a set a break point on those lines it generates access violation error and terminates from OllyDbg or Softice or Syser.
As JMI suggested , it detects that we are setting a break point on its codes. So , how can we avoid detection of break points ? and How can I know which Lines has been executed (after license checked ) until the man window show up ( in know the address of call which shows it ) ?

Thanks a lot ,

Regrads

Alphino

Well, isn't it time for YOU to do some research on "detecting debugger breakpoints" and/or "detecting breakpoints" ?? Don't these, and other similar criteria appear to be potentially useful search criteria??? So why aren't YOU looking for information on these topics???

Regards,

Hi Again

I finally solved my problem.

After doing some research and using some anti debugger techniques . I finally found this one to be a good choice .

I used an OllyDbg which has anti debugger detection and it hides the ollydbg from.
there are so many pugins out there but unlike others this one has no bug and it is stable.

Well here is a ollydbg with a plugin that makes it undetected from programs detecting a debugger, this also works on dota clients anti-debugger.

to bypass the "IsDebuggerPresent" check, i have include a HideDebugger.dll and put it inside the OllyDbg folder, if you start OllyDbg.exe it will automatically inject every dll from this folder in its process. If you start OllyDbg.exe the first time, close OllyDbg.exe again, this will make a OllyDbg.ini and the 2nd time you start OllyDbg.exe you will have a new option in the menubar in Plugins->Hide Debugger->Options
Make sure the "IsDebuggerPresent" option is ticked

I uploaded the file here

http://www.persianupload.com/files/u50gnzq63ivt2xkrar88.rar

Hope that helps