Hi,
I'm not so newbie on Reverse Engineering. But my last reverse engineering was done with SoftICE, about 15 years ago...

So, I'm working on study about FlexLM protection. I've a software that using a License File in XML format.
This file have some tags for configuring the features enabled. One last tag is the Signature, an alphanumeric string 120 bytes long. This Signature is based on content of this license file itself, and surely using some Key...

There are some libraries used by the Software License Center, one of this is a FlexLM DLL Library, and a command line tool to check the License File using this DLL Library.

Usually I use W32Dasm to disassemble any Executable File, EXE or DLL files. This file has not analyzed from W32Dasm, without any errors. I want to know the mechanism to check the signature of this file. I need of an help to choose the right tool to made it.

I've used OllyDbg 2.0 to made some reserve engineering, but the software check the presence of Debugger. I've tried to use some plugin like Stealth64 enabling quite all available protections and hide OllyDbg, without success.

I want to disassemble this DLL to made a study on reverse engineering on the function for check Signature. What can I used?

Four things will determine your approach:

1. Is this x86 or x64?

2. Which version of Flexlm is used. Does it use ECC?

3. Before anything, read up FLEXLM literature and try to get hands on the version (as in point 2) SDK. It will help you with symbols.

4. Do you know how FLEXLM works? (No, I'm not talking about CRACKING it, I'm talking about understanding at a metal level HOW it works). If not, you have a few weeks to learn (with point 3)

W32dasm/ICE days are long gone by. IDA PRO is the way to go. You will freely find the proper IDA PRO ADVANCED 6.6 on Google with all utilities and SDK. Learn to use IDA. If you have just a "passing" familiarity with IDA, I'd suggest cranking out a couple of weeks on IDA with normal disassembles (or, you can also Google the IDA PRO BOOK second edition and go ahead). Without IDA it's going to be very inconvenient to break something like FLEXLM.

Also check out CRACKZ's side. If you show a genuine interest and ask politely, he may point you to the latest SDK. Besides, his website is a treasure trove of anything FLEXLM. If you STILL cannot crack FLEXLM (after doing all of the above), I'd suggest you find programs protected with the OLDER versions of FLEXLM. Then work your way up the versions.

Have Phun

Hi,
Thanks Aimless, you're so AWESOME!
I'm going to study right now to use IDA PRO!
Please, give me the chance to answer you something in the future for any doubt about this new approach.

Thanks in advantage!

Oh, one more thing:
1. The software I need to use is x64, but the software for License Manager is x86
2. I think the FlexLM versione is 11.11.0 but I don't know if it use ECC (and obviously I don't know what the hell ECC is!)
3. I'll do that
4. I don't know, so I'll study IT.

Thanks again!