Log in

View Full Version : lm_checkout() retn


Zman
October 25th, 2004, 14:34
Hi all,

Im working on a target that is using a popular license manager with a newer version v8.2a. It's got all that additional prikey/pubkey stuff as well. I've read most of the essays on the subject but the newer info seems to suggest that reversing this is difficult even for an expert. I found the checkout routine, but being a newbie, I cannot figure out where/how to patch the return value. Anyone else working on something like this? Any info or a push in the right direction would be appreciated.

SiGiNT
October 25th, 2004, 15:20
If you have an example lic. you can use that by applying, the ECC patch, do a google on that patch, or I can supply you with more details, in simple implementations just eliminating the _l_checkout or _lc_checkout call in conjunction with rhe ECC patch will eliminate the need for a lic.

SiGiNT

Zman
October 25th, 2004, 16:09
Thank you signit33! I give that a try.

-Zman.

Zman
October 28th, 2004, 00:36
All praise SiGiNT!

The ECC patch in combination with the generic license and the NOP's place on the conditional jumps to the lm_checkout() worked like a champ! My first cracked program! Awesome! What a rush! SiGiNT is OBIWAN!

Zman

appleleafs
October 29th, 2004, 15:33
As I think that it is usually to risky to patch the l_checkout directly. Some program will checkout redudent features, or anti crack features, if the kind of feature is checked out, they will block some functions. Also, some program check for different feature to determine the current configuration, if every attemp is succeed, you may loose some function of the program.
I think it is better to fix the ECC checking point, so that it fall back to the normal license check, and supply a valid old style license.

SiGiNT
November 1st, 2004, 23:48
Appleleafs,

You are absolutely correct - the ECC should do the trick and that is where I pointed Zman for the first attempt, but I have had good success with the checkout patch on a couple of really simple implementations, it won't work with out problems when dealing with the more sophisticated apps, anyway it's always more fun to try to encrypt your own lic! Zman I truly appreciate the compliment, but I really don't deserve it, Flexlm is the only thing I know a small amount about ( I'm a 1 trick pony ) - and I was glad I could help you out, but the real work, (the ECC patch), was found by others and they desreve the credit.

SiGiNT