Its been a while since being on this board moved onto otherthings with RL but now back again.

Looking at flexlm as software I am using is being converted from home built system to flexlm.
Seems Flexlm has developed a bit since I last looked at it so I have a bit of reading ahead of me.

Would be useful if I could gain some tutorials etc for some lite reading. Send links via PM etc.

Anyway was thinking of the borrow licensing feature of Flexlm. This allows a client to borrow a licence and move away from the server and maintain the license.
Would it be possible to transfer a license back to the server with some patches done locally that would add a license that is correct.

It would seem my licenses contain the SIGN= part which seems to stop generation of licenses without patching.

Anyway thanks for keeping my account open

peterg

Always nice to see a common old face coming around again, stick around!

You might have to be a little less lazy than "please send tutorials to me by PM" to get any good answers though.

I don't understand.
Are you looking for FlexLM tuts ?

Thanks for the welcome back dELTA.

Looking for tutorials/Knowledge dumps/Security Analysis/Notes/Blogs discussing the newer versions of flexlm.

There are some discussions here which i have gone through but just needed some more information so I can get back to speed.

I noticed on crackz flexlm page that it hasn't been updated lately for the latest versions etc so thats why I asked if people who might have had some links etc to post them across but not in the forum but via PM.

I promise to post my latest stuff on v11.x very shortly.

Hopefully some of the newer methods I've developed will be of interest ;-).

Unfortunately the very latest lmgr.libs are getting harder to come by and I've done most of my testing on v11.4-v11.9.

Edit: I'll also discuss some of the patches the scene is currently using and why some crackers need a serious refresher in patching school.

Regards,

CrackZ.

Hey crackz

Good to see you still around.

Definately interested in the info and will keep an eye out for it.

Thanks for the response

CrackZ: i'm really happy to hear that you want to update your pages regarding newer FLEXlm versions - albeit i'm not very familar with it.
But your collection of tutorials on SentinelLM was definitely an excellent starting point to get my foot into SLM.

All: even though CrackZ pages seem to be a bit outdated to the occasional visitor, most of the information is still relevant today, just dig deep enough (most of you already know this)

Hi CrackZ

Can you give us a timeline of when you are going to post some of your new research?


Regards
RCER

Can one of the flexlm gurus confirm something for me?

Items done so far.
Client is 11.7 Flexlm
Patched Daemon to accept the license key l_pubkey_verify so licenses load regardless of what is in SIGN.

Then tracing through the logic of the client software (which has some nice debug strings in it to help out ) I found the client software was crashing and not loading.

Tracing through with ollydbg until I found the routine why it was crashing (incorrect address outside program range when returning from a call)
Further tracing found some code that compares part of the SIGN against a calculated code to compare.
For example
SIGN="0011 1111 1111 1111 1111 1111 1111 1100 FFFF FFFF FFFF FFFF FFFF FFFF FFFF"

The program goes through all it works and then starts to compare the calculated code against whats in the license file for that feature.
The part it compares to is the area labelled in 1. Note not the whole license just the ones (7 words)
Any change to the license then i.e. change a single F to E results in a different result.
So I can assume this is the new ECC/TRO at work.

But the question is.
I am correct that it only checks the 7 words and does every sign have a leading 00 and middle 00?

Hi CrackZ
Nothing more to say, i guess......