Log in

View Full Version : FlexLM help please

meaculpa
October 18th, 2001, 01:47
Hi,
Need some help with FlexLM reversing please.
Target: Materials Studio (formerly MSI, now Accelrys)
Looks like it was build with v7.0c, I'm using SDK v7.2h.

Please help me with the SoftIce part, I can't figure out what to
BPX with, to start getting the vendor codes and seeds?

Does anyone know where i can contact some Flex experts such as Nolan Blender, SiuL+Hacky, Pilgrim or Dan.....

Thanks in advance

Regards,
.MeaCulpa
Perry
October 18th, 2001, 06:36
Maybe, if you give us more information where we can to see your work.

Anyway, read the Dan Essay.

Perry.
meaculpa
October 19th, 2001, 02:48
Hi Perry,

Could you be a bit more specific on what you would like to see. ??
Perhaps another question - if i disasm the target exe, and see no
licencing calls, it means they're using the libmgrxxx.dll method, right?
Also the essay from dan, is for custom crypt filters, (sounds like this is a rare protection method), how do i know if i'm dealing with crypt filter?
Thanks is advance

Regards
.Mea
newbius
October 23rd, 2001, 23:19
I think it might be crypt filters. Try tracing down lc_set_attr and see if it attempts to set LM_A_USER_CRYPT_FILTER. If your seeds are good, but you're not getting valid licenses, check for this.
Kythen
October 23rd, 2001, 23:58
Actually read over both Dan's essay (which is not on crypt filters) and Nolan Blender's essay.

Also, what do you mean by not finding any licensing calls? Did you not find any in the imports? Then check any other dll's in the program. If you still don't find any of them importing the flexlm dll functions, then your target used the library. In that case you identify critical functions like lc_init, lc_new_job, l_n36_buff, l_sg, lc_checkout, and lc_set_attr. There are a few nice tricks involving strings to make that identification process easy. You'll see what I mean in the essays, but if it doesn't make sense I can explain more thoroughly (I want ppl to explore and learn on their own, not just spoonfeed answers).

After you identify those critical functions, check to see if there are any funky attributes are used, like those crypt filters, or a vendor defined hostid. If so, deal with them accordingly (we'd be glad to help ya if you do run into some), otherwise just follow the above essays and you should be just fine. Make sure to set your LM_BEHAVIOR entry in your SDK to v7.0 and not the v7.1 though! Don't want your license gen thinking it has to use those signatures and not the normal key