View Full Version : flexlm 9.0 help!
noxworld
April 4th, 2004, 22:54
I try to crack a program potected by flexlm 9.00.
follow the Nolan Blender's "Zendenc FLEXlm 7.2 cracking information"
i find the ENCRYPTION_SEED1 ,ENCRYPTION_SEED2 and VENDOR_KEY i make up the lmcrypt.exe using flexlm sdk 9.2 .the mode is upgrade from 7.2.the LM_STRENGTH is LM_STRENGTH_DEFAULT.sign length = 12.but it can not work.then i make it up with flexlm sdk 7.2h, it can not work also .the software can work on demo mode protected by flexlock. i use the flsetup.exe(7.2)with the seed ,make up fldata.ini , it worked ! so ,it seemed that the seed is right.perhaps it did not use the ENCRYPTION_SEED,but the LM_SEED in lm_code.h.there should be some relation beteen LM_SEED and ENCRYPTION_SEED.does LM_SEED generate the ENCRYPTION_SEED in lmseed.h?how can i find the LM_SEED ?
JMI
April 5th, 2004, 03:08
Your post does not indicate whether you have attempted to review any of the other 173 threads listed when the search button is used with "flexlm." Have you reviewed any of them to see if they can assist you with your issue before you asked for help?
You have mentioned only one tutorial. Have you searched for any others which discuss flexlm reversing? Have you reviewed the materials contained in the CrackZ site listed in the links at the bottom of the Forum? Have you reviewed any of the Flexlm manuals available on the net? Using "LM_SEED + flexlm" in my favorite search engine took less than a minute to find a 2002 version of the "Implementation Guide." Even though this first hit was for version 3.2 it has substantial disucssion of both LM_SEED and ENCRYPTION_SEEDS which you should review on your own. Further searching can be accomplished using "Flexlm + ENCRYPTION_SEEDS."
Have you search for and reviewed the Flexlm source code which is available on the net?
In short, if you have done something to try to help yourself solve this problem, you have not yet indicated what that might have been. Generally, attempting to help one's self is expected of those seeking help here.
Regards,
CrackZ
April 6th, 2004, 18:11
Hiya,
I've been looking at FLEXlm's latest offering in little chunks over the last few weeks, v8.x through to v9.x. A paper will be forthcoming on my site in the next few weeks.
1. The LM_SEED's are NOT related to the ENCRYPTION_SEED's, they are securely generated by the developer with lmrand1 (actually you can make them up but in practice it seems crazy to do so). You have absolutely no hope of deriving them, 2^96.
2. The rest of the FLEXlm information, ENCRYPTION_SEED's etc, are still hidden via _l_sg() in exactly the same fashion as described by Nolan Blender and can be used to build a valid lmcrypt, later versions of the SDK insist on LM_SEED being defined, but you can still generate simple SIGN=123412341234 or default licenses.
3. In my essay I describe a very easy way to make a 1 byte patch which will switch the FLEXlm routine to use the old style checkout (aptly named _our_encrypt(), as opposed to the new style authenticator (aptly named _our_encrypt2()), this approach I have tested now with 7 targets and it has worked flawlessly.
Drop me an e-mail if you want some more details.
Regards
CrackZ.
noxworld
April 6th, 2004, 21:39
thank you !
i really need some details information . my email address is noxworld2000@163.com.
CrackZ
April 26th, 2004, 19:03
Hiya,
I know this thread is old now *but*.....
http://www.woodmann.com/crackz/Tutorials/Flex2004.htm
This is my latest discussion of how we can force all current FLEXlm versions to accept old style licenses with a trivial patch to protected binaries.
As noted elsewhere, you haven't a hope of finding the LM_SEED's used by the developer in the later secure implementations.
Regards
CrackZ.
whyIII
April 26th, 2004, 20:36
Crackz, Great work!!
res_spectre
April 27th, 2004, 10:37
I promise that next time I post I won't violate the rule against asking where I might find the Tools of the Trade, which states:
Do not ask where to get the Tools of our Trade. Do not even think about asking for them.
Tricker
April 27th, 2004, 13:35
I'm a complete idiot and not only didn't read the post right above mine, I also ignored the rule against asking for the tools of the trade.
I promise that next time I post I won't violate the rule against asking where I might find the Tools of the Trade, which states:
Do not ask where to get the Tools of our Trade. Do not even think about asking for them.
Powered by vBulletin® Version 4.2.2 Copyright © 2018 vBulletin Solutions, Inc. All rights reserved.