Hi mates,

flexgen2k3 gives error of invalid hostid or vendor key/code.
my hostid is "Any"
the vendor keys I have got from lmkg.exe ver3.0 :confused:
my DAEMON does not have LMGRxxxx.dlls

the vendor daemon has linked api to executable.

the vendor daemon has linked api to executable.

Thanx fox

should I look into daemon.exe for the keys or the lgmrd.exe?

why lmvkg3 keys are not correct?

into daemon.exe

correct

any body know, does this flex lic use CRO/TRO?
FEATURE vent_xxx M***** 1.000 permanent uncounted 26AE78A1FF82 \
VENDOR_STRING=xxxx
HOSTID=--------------- user_info="xxxxx \
ISSUED=23-nov-2004

*.exe is protected with 8.0d,
i've found enc seed1 and seed2, vk1,vk2,vk3,vk4 and job structure is always 00000000 (and can't calculate using nolan's calcseed)
.. feed into flexseedgen, get vk5 and s1 and s2. and generated lic wrong.. i think this because of not correct s1 and s2, any one can tell me how to correctly calculate s1, s2, vk5
thank's

@kiki: upload the vendor deamon file and license.

@kiki: upload the vendor deamon file and license.

@BfoX: thanks, cek your PM

@BfoX: thanks it work, but i want to know by myself, how you calculate the seed, find the correct seed and job structure.

kiki

into daemon.exe

correct

lmVKG3.0 does not create correct VKs for me, or Flexgen2k3' DB is not correct, because I checked the DB's VKs are all different. (I have checked all behaviours from v4 to v11)

Please somebody (or: master Bfox) tell me the correct approach.

Do I have to use flexgen2k3 or genlic32.exe? which one should work for me?
(My prog is ver 8.2a / Flexid as hostid)

Is it because Flexgen2k3 support only up to 7.0?

I have also used the lmvkg to generate VK and put them in lm_code.h but genlic32 comes with "data not found in lm_code.h" !!?
.

@FiFo: put here daemon's name

@Bfox: barco

@FiFo:
/* Version 8 keys */
#define VENDOR_KEY1 0x3b700273
#define VENDOR_KEY2 0xb0ed9e6b
#define VENDOR_KEY3 0xd5d07471
#define VENDOR_KEY4 0x8e494052
#define VENDOR_KEY5 0x621242c6
#define CRO_KEY1 0x6dcd8b08
#define CRO_KEY2 0x0a6b671c

#define VENDOR_NAME "barco"

/* Version 9 keys */
#define VENDOR_KEY1 0x7157daaa
#define VENDOR_KEY2 0x66c8d763
#define VENDOR_KEY3 0xea668d59
#define VENDOR_KEY4 0x168623ea
#define VENDOR_KEY5 0x621242c6
#define CRO_KEY1 0xb2f790a8
#define CRO_KEY2 0x54d444c1

#define VENDOR_NAME "barco"


try it

I had those, but no success. also look at this:
/* Version 7 keys */
#define VENDOR_KEY1 0x6a52d237
#define VENDOR_KEY2 0x87451ff9
#define VENDOR_KEY3 0x2c1e19fd
#define VENDOR_KEY4 0xfdb0692a
#define VENDOR_KEY5 0x7b29cbf0
#define CRO_KEY1 0xf2ba677d
#define CRO_KEY2 0x84f4a985

#define VENDOR_NAME "barco"

/* Version 10 keys */
#define VENDOR_KEY1 0x031fc4e0
#define VENDOR_KEY2 0xc52ce1c1
#define VENDOR_KEY3 0x9e3a24cb
#define VENDOR_KEY4 0x94649827
#define VENDOR_KEY5 0x621242c6
#define TRL_KEY1 0x30f248eb
#define TRL_KEY2 0x2cc01e5c

#define VENDOR_NAME "barco"

when I put them (i tried all versions) into flexgen.ini I get:
"Invalid HostID or Invalid Vendor key or Vendor code, please check"

Pls have a look at my flexgen. I have used behaviour 7.0 to test.
http://rapidshare.com/files/183381997/Flexgen.rar

@BfoX:
thanks, i managed myself, after tedious work and irritating my eyes.

/* Version 8 keys */
#define VENDOR_KEY1 0x6abe3814
#define VENDOR_KEY2 0x494548c0
#define VENDOR_KEY3 0xc029809a
#define VENDOR_KEY4 0x40c3c7dd
#define VENDOR_KEY5 0x677960f1
#define CRO_KEY1 0x62ae391c
#define CRO_KEY2 0xcc64da4a

SERVER host_name ANY 27001
DAEMON :D
FEATURE vent_xxx :D 1.000 permanent 100 29A301900CDB \
VENDOR_STRING=xxx
user_info="xxx" \
ISSUER=kiki_keysha_finally_i_managed_it!!!!! \
ISSUED=15-jan-2009

@FiFo: upload your 'barco' and PM link to me.

@kiki: well done ;)

@BfoX:
i have another target to play... and know i'ts using CRO
here the sample of lic format
INCREMENT axxxxx xxxxx 9.1 permanent uncounted HOSTID=ID=xxxxx \
ISSUER=xxxx ISSUED=1-Nov-2006 ck=217 TS_OK \
SIGN="0060 2642 5BE4 6154 F000 EDFA B1EF 8700 1819 2F60 083A \
0583 AF31 9114 43B2" SIGN2=FF003AAE251E

@kiki: is right. use CRO patch and old way of the licensing...

@kiki: is right. use CRO patch and old way of the licensing...
do i have to patch CRO first? then making fake old lic, load into debugger and hunting the seed? :rolleyes:

@kiki: is right.

Hi,

I have a target and license. The target working with this license ok. License has long expiration time but I want to make it permanent. This is lic with server line. I generated lic but the main module didn't run. I've used genlic32 from Flexlm SDK 7.2 and encryption seed from different target but from this same company. This license has no ECC keys.
The target is protected with flexlm 8.0.
Is different kgen available to do this?
I could deliver this target for testing.

@stefan: upload the vendor daemons exe and license

@stefan: upload the vendor daemons exe and license
yes, i want to play with seed hunting too... ;)

@BfoX: Your license did not work as well as mine.

maybe the LM_Seed x 3 in the lm_code are wrong?!

I had those, but no success. also look at this:
/* Version 7 keys */
#define VENDOR_KEY1 0x6a52d237
#define VENDOR_KEY2 0x87451ff9
#define VENDOR_KEY3 0x2c1e19fd
#define VENDOR_KEY4 0xfdb0692a
#define VENDOR_KEY5 0x7b29cbf0
#define CRO_KEY1 0xf2ba677d
#define CRO_KEY2 0x84f4a985

#define VENDOR_NAME "barco"

/* Version 10 keys */
#define VENDOR_KEY1 0x031fc4e0
#define VENDOR_KEY2 0xc52ce1c1
#define VENDOR_KEY3 0x9e3a24cb
#define VENDOR_KEY4 0x94649827
#define VENDOR_KEY5 0x621242c6
#define TRL_KEY1 0x30f248eb
#define TRL_KEY2 0x2cc01e5c

#define VENDOR_NAME "barco"

when I put them (i tried all versions) into flexgen.ini I get:
"Invalid HostID or Invalid Vendor key or Vendor code, please check"

Pls have a look at my flexgen. I have used behaviour 7.0 to test.
http://rapidshare.com/files/183381997/Flexgen.rar

Fifo, your flexgen vendor is absolutely wrong !!!

Fifo, your flexgen vendor is absolutely wrong !!!
Thanks Kiki

I have given up Flexgen.

I am working on the SDK and lmcrypt. I have realized that I have to grab LM_SEED.

Thanks Kiki

I have given up Flexgen.

I am working on the SDK and lmcrypt. I have realized that I have to grab LM_SEED.

find the data[0], data[1] and job structure, calculated the seed1 and seed2 and you can generate valid lic...

@FiFo: seed1/2 extracted from target is valid. may be trouble with hostid.

@FiFo: seed1/2 extracted from target is valid. may be trouble with hostid.
you right BfoX, i've faced the target that only accept with hostid bound to hardware, always denied hostid=any

@BfoX: I checked, it is on the same hostid.

@kiki: I can't find 1_sg but I found lm_chkout.c yet not successful. will you take a look at my target?

@BfoX: I checked, it is on the same hostid.

@kiki: I can't find 1_sg but I found lm_chkout.c yet not successful. will you take a look at my target?
PM me your vendor daemon and demo lic

@FiFo: seed1/2 extracted by me from target is valid.

@kiki: I can't find 1_sg but I found lm_chkout.c yet not successful. will you take a look at my target?
check this address, this is _l_sg

.text:00416FA0 push ebp
.text:00416FA1 mov ebp, esp
.text:00416FA3 sub esp, 24h

@kiki: I appreciate your help which solved my problem.
Did you find 1_sg by searching for 0x6F7330B8? I just saw it in one essay from CrackZ.

@everybody: knowledge is like a river that should flow, if you don't share it, it'll become a marsh.

Some people think that forums are places to do business?!:confused:

We are mostly engineers who can find our way soon or later, I think it's better to shed a light for eachother to reach the target quicker, it will be nice and appreciable.

This is lmcryptgui that is a fantastic tool, it worked for me to create lmcrypt very simple.
http://rapidshare.com/files/185221954/lmcryptgui.rar

This is the SDK I used for my target. (ver 8.1a)
http://rapidshare.com/files/185226195/Flexlm_sdk_8.1.zip
And SDK 10.8:
http://rapidshare.com/files/185232457/Flexlm_sdk_10.8.rar

CHEERS:)

@kiki: I appreciate your help which solved my problem.
Did you find 1_sg by searching for 0x6F7330B8? I just saw it in one essay from CrackZ.

@everybody: knowledge is like a river that should flow, if you don't share it, it'll become a marsh.

Some people think that forums are places to do business?!:confused:

We are mostly engineers who can find our way soon or later, I think it's better to shed a light for eachother to reach the target quicker, it will be nice and appreciable.

This is lmcryptgui that is a fantastic tool, it worked for me to create lmcrypt very simple.
http://rapidshare.com/files/185221954/lmcryptgui.rar

This is the SDK I used for my target. (ver 8.1a)
http://rapidshare.com/files/185226195/Flexlm_sdk_8.1.zip
And SDK 10.8:
http://rapidshare.com/files/185232457/Flexlm_sdk_10.8.rar

CHEERS:)

@fifo: WELL DONE
if you did read carefully, search it, try it ... sooner or later you'll understand... read crackz page many good tuts there...don't just read 1 tut, read other too. [thanks crackz ;)]

many of us just want quick solution, but don't want to learn.

that's is your target use flexid, and i just to create hostid=any and doesn't work, simply change the hostid to flexid and regenerate... and boom.. it work ;)

another licmaker

http://rapidshare.com/files/28569137/EFA_LicGen_0.4b.rar

another licmaker

http://rapidshare.com/files/28569137/EFA_LicGen_0.4b.rar

Thanx Stefan

Great ;)

Any version of SDKs? Pls share.

My flexlm stuff I can post here let me know which one.

FLEXlm SDK v10.8
FLEXlm SDK v7.0d
FLEXlm SDK v7.2f
FLEXlm SDK v8.1
FLEXlm SDK v9.2
lmgr11_4_sig.zip
Vendor keygens

My flexlm stuff I can post here let me know which one.

FLEXlm SDK v10.8
FLEXlm SDK v7.0d
FLEXlm SDK v7.2f
FLEXlm SDK v8.1
FLEXlm SDK v9.2
lmgr11_4_sig.zip
Vendor keygens
I only have 8.1 and 10.8 as I shared before.
Could you put the other ones?

FlexLM SDK

versions 7.0d, 7.2f, 9.2


http://rapidshare.com/files/188143068/FlexLM_SDK.rar

Thank you so much.:)

FlexLM SDK

versions 7.0d, 7.2f, 9.2


http://rapidshare.com/files/188143068/FlexLM_SDK.rar

Thank you very much

@kiki: I appreciate your help which solved my problem.
Did you find 1_sg by searching for 0x6F7330B8? I just saw it in one essay from CrackZ.

@everybody: knowledge is like a river that should flow, if you don't share it, it'll become a marsh.

Some people think that forums are places to do business?!:confused:

We are mostly engineers who can find our way soon or later, I think it's better to shed a light for eachother to reach the target quicker, it will be nice and appreciable.

This is lmcryptgui that is a fantastic tool, it worked for me to create lmcrypt very simple.
http://rapidshare.com/files/185221954/lmcryptgui.rar

This is the SDK I used for my target. (ver 8.1a)
http://rapidshare.com/files/185226195/Flexlm_sdk_8.1.zip
And SDK 10.8:
http://rapidshare.com/files/185232457/Flexlm_sdk_10.8.rar

CHEERS:)

thanks for sharing info and SDK,

BR

-kaka-

FlexLM SDK

versions 7.0d, 7.2f, 9.2


http://rapidshare.com/files/188143068/FlexLM_SDK.rar

thanks lot ,

BR,

-kaka-

hy

is it possible to make a new flexlm license from the vendor without having any demo license? how to get the right seed 1 and seed 2? as i dont the feature , how can i get them, possible to create from my vendor?

Thanks much

hy

is it possible to make a new flexlm license from the vendor without having any demo license? how to get the right seed 1 and seed 2? as i dont the feature , how can i get them, possible to create from my vendor?

Thanks much

Upload or PM me your vendor daemon, i'll try to help you :)

hy

is it possible to make a new flexlm license from the vendor without having any demo license? how to get the right seed 1 and seed 2? as i dont the feature , how can i get them, possible to create from my vendor?

Thanks much

Yes it can be done with faked license.
Why do you want ecryption seeds if you dont have license? :)
You will have to recover all features and it can be really boring.

br

Yes it can be done with faked license.
Why do you want ecryption seeds if you dont have license? :)
You will have to recover all features and it can be really boring.

br

benito you right, it's really boring.

@kiki - it maybe just does not like HOSTID=ANY. Try HOSTID=ID=12345678 (any number).

Git

@kiki - it maybe just does not like HOSTID=ANY. Try HOSTID=ID=12345678 (any number).

Git

Thanks Git for your suggestion, as i learm more about flexlm protection.

Kiki

there is a script for Ollydbg for seed finding for flexlm 7.2. Anyone try this?
It's not working for me. It crashes olly after I loaded script.

http://www.openrce.org/downloads/browse/OllyDbg_OllyScripts

And are you sure you really know how properly use Olly? :p

I am beginner. I know my question probably was trivial but maybe someone could help a little :) and give a hint.

Dear Master ...

i'm a newbie here ...
specially on FlexLM stuff ...

i want to know all info from my xxxxx.lic license ...
what 1st thing to do ...

it need tools like decoding SLM license ???

Need advice ... :p :p


BR,

-kaka-

Dear Master ...

i'm a newbie here ...
specially on FlexLM stuff ...

i want to know all info from my xxxxx.lic license ...
what 1st thing to do ...

it need tools like decoding SLM license ???

Need advice ... :p :p


BR,

-kaka-

slm != flexlm , you can use olly or ida + sig for your tools and crackz page for tutorial

Dear Master ...

i'm a newbie here ...
specially on FlexLM stuff ...

i want to know all info from my xxxxx.lic license ...
what 1st thing to do ...

it need tools like decoding SLM license ???

Need advice ... :p :p


BR,

-kaka-

Decode utility for flexlm? Why? The flexlm licenses arent encrypted like slm licenses, so why do you need decoder?

Decode utility for flexlm? Why? The flexlm licenses arent encrypted like slm licenses, so why do you need decoder?

ya ya ya ...

i've already know that then ... :p

and i got info like this ...

SERVER EV-Server1 001560A42C71 ANY
...
...
.... HOSTID=ANY BORROW=720 \
SIGN=1C35F2C46A24


so ,,, what the next step to be done until i gain a new license for my SW ...

need advice, :D

thanks,


BR,

-kaka-

go to CrackZ site and read tutorials...

go to CrackZ site and read tutorials...

already ...
but still confused ... :p

i'll read it later then ...

thanks for the suggest ..


BR,

-kaka-

Hello friends :)
I am a beginer in the use of debugger, disassembler and reversing any s/w. I have a problem with my expired flexlm (sspro dongle) licence.

Each time i use the license, i have to set back my system date before 08-feb-2001.

Let us assume that my original License below :
_________________________________________________
FEATURE hxxxxx Bxxxxxxxx 1.000 08-feb-2001 uncounted \
VENDOR_STRING=blah...blah.... \
HOSTID=SPROAUTH=ABCDEF01234567890 \
ISSUED=23-mar-2000 SIGN=xxxxxxxxxxxx
_________________________________________________

Let us say that the HOSTID of my expired license is HOSTID=SPROAUTH=ABCDEF01234567890.

I usually take my sspro dongle and plug it at any PC which i want and use the software as usual. Everythings is OK after i set back my system date. It's mean that the HOSTID=SPROAUTH on the my license is liberated by Machine ID (M.A.C, Disk Serial Number, e.t.c) of my PC.

Reading and follow all available article about flexlm protection, My expired license can be unexpired (permanent uncounted). I used my MAC as HOSTID and regenerate my licence, everythings work fine. Thank's very much to Haldir and several articles at crackZ, woodmann site e.t.c.

The problem is when i keep use HOSTID=SPROAUTH=ABCDEF01234567890 and regenerate a new license, the s/w would not work. The 'sign' which i generate for MAC able to run my s/w but the 'sign' which i generate for HOSTID=SPROAUTH=ABCDEF01234567890 can not make my s/w work.

Could anyone please, give me prespective so i can keep use HOSTID=SPROAUTH=ABCDEF01234567890 on my license ?

BR
SonofabiT

you seed1/2 is valid?

you seed1/2 is valid?

i think seed1/2 is valid if he can generate it with another hardware locked.

First check is to leave your input license exactly as the known working license, except change SIGN=xxxxxxxxxxxx to SIGN=0. Run lmcrypt -i input.lic -o output.lic and compare output.lic with the known working license. If they don't have the same content and identical SIGN, then you have Seed or other lmcrypt problem which you must correct before you go any further.

If the SIGNs are identical then you know you got the right seeds so the problem may be wrong Version, wrong LM_STRENGTH or another problem. To be honest, the description of your problem in the last 2 paragraphs is a bit unclear (to me).

Sorry, just occured to me you can't follow my suggestion with later versions of flexlm as lmcrypt will not sign an expired license.

Git

Better you post vendor daemon and exp lic. and PM to other member to make sure seed is correct.

Better you post vendor daemon and exp lic. and PM to other member to make sure seed is correct.

is right...

i think seed1/2 is valid if he can generate it with another hardware locked.
You're right. The seeds i found are correct just for my MAC address locked. Not suitable with HOSTID=SPROAUTH.

First check is to leave your input license exactly as the known working license, except change SIGN=xxxxxxxxxxxx to SIGN=0. Run lmcrypt -i input.lic -o output.lic and compare output.lic with the known working license. If they don't have the same content and identical SIGN, then you have Seed or other lmcrypt problem which you must correct before you go any further.
Let us more clear that my original expired license (FLEXlm 8 model) below :
FEATURE hxxxxx Bxxxxxxxx 1.000 08-feb-2001 uncounted \
VENDOR_STRING=blah...blah.... \
HOSTID=SPROAUTH=ABCDEF01234567890 \
ISSUED=23-mar-2000 SIGN=69BFxxxxxxxx

Well, i have tried generate several license based on hardware id and HOSTID=SPROAUTH=ABCDEF01234567890. Before i did it, i set back my system date to 23-mar-2000 and imagine that on 23-mar-2000 i generated this expired license.

In the input.lic, i only set the FLEXlm Licence Signature to 0 and play with different HOSTID and Expiration date.

Let us assume the sspro dongle and my M.A.C address :
SPROAUTH : SPROAUTH=ABCDEF01234567890123
cell[0x01]cell[0x00] : 1234,ABCD
Mac address : 00-12-34-56-78-90

I compare all the results for both flexlm 8 and 10 licence models.
-----------------------------------------------------------------------------------------------------------------
|No| Node-locked | ISSUED | Expiration |FLEXlm 8 Sign|v.8 log:|Flexlm 10 Sign|v.10 log:|
-----------------------------------------------------------------------------------------------------------------
|1 | SPROAUTH=ABCDEF01234567890123 | 23-mar-2000 | 07-feb-2001 | 47D2xxxxxxxx | -8.130 | 254Cxxxxxxxx | -8.130 |
|2 | SPROAUTH=ABCDEF01234567890123 | 23-mar-2000 | 08-feb-2001 | 69BFxxxxxxxx | N/A | E41Axxxxxxxx | -8.130 |
|3 | SPROAUTH=ABCDEF01234567890123 | 23-mar-2000 | 08-feb-2001 | 58E2xxxxxxxx | -8.130 | 3F45xxxxxxxx | -8.130 |
|4 | SPROAUTH=ABCDEF01234567890123 | 23-mar-2000 | 09-feb-2001 | FA61xxxxxxxx | -8.130 | 2C82xxxxxxxx | -8.130 |
|5 | SPROAUTH=ABCDEF01234567890123 | 23-mar-2000 | permanent | 76C4xxxxxxxx | -8.130 | EC3Axxxxxxxx | -8.130 |
|6 | FLEXID=6-1234ABCD | 23-mar-2000 | 07-feb-2001 | 6D31xxxxxxxx | -9.57 | D692xxxxxxxx | -9.57 |
|7 | FLEXID=6-1234ABCD | 23-mar-2000 | 08-feb-2001 | FD67xxxxxxxx | -9.57 | 172Bxxxxxxxx | -9.57 |
|8 | FLEXID=6-1234ABCD | 23-mar-2000 | 09-feb-2001 | A5EFxxxxxxxx | -9.57 | 42CExxxxxxxx | -9.57 |
|9 | FLEXID=6-1234ABCD | 23-mar-2000 | permanent | 359Axxxxxxxx | -9.57 | 511Cxxxxxxxx | -9.57 |
|10| 001234567890 | 23-mar-2000 | 07-feb-2001 | D941xxxxxxxx | -8.130 | 9E0Fxxxxxxxx | N/A |
|11| 001234567890 | 23-mar-2000 | 08-feb-2001 | 4732xxxxxxxx | -8.130 | 3Ec1xxxxxxxx | N/A |
|12| 001234567890 | 23-mar-2000 | 09-feb-2001 | B744xxxxxxxx | -8.130 | 5AF2xxxxxxxx | N/A |
|13| 001234567890 | 23-mar-2000 | permanent | 276Cxxxxxxxx | -8.130 | 67B3xxxxxxxx | N/A |
-----------------------------------------------------------------------------------------------------------------
N/A= There is not Flexlm error Log (The s/w works properly)

The content of the table are not the real values. Basicly what i displayed in the table were represent the real ones. However, i hope it would be enought to understand. The real values have been tested refer to the match pair of the right sspro dongle with it's right original expired license.

If the SIGNs are identical then you know you got the right seeds so the problem may be wrong Version, wrong LM_STRENGTH or another problem. To be honest, the description of your problem in the last 2 paragraphs is a bit unclear (to me).
We can see in the Table that only the Flexlm v 10 models based on MAC address which success to make my license 'permanent uncounted'. I have tested it with my actual dongle and the s/w works properly.

For FLEXlm 10 licence model based on my MAC address, i used the following input :
FEATURE hxxxxx Bxxxxxxxx 1.000 permanent uncounted 000000000000 \
VENDOR_STRING=blah...blah.... \
HOSTID=001234567890 \
ISSUED=23-mar-2000

Eventhought, I think my seeds are correct, but all HOSTID=SPROAUTH give me a FLEXlm error log on both flexlm 8 and 10 licence models. Only SPROAUTH in the no.2 for FLEXlm signature v.8 successed because it is an original licence just for compare to others.

Let us compare in the part of SPROAUTH Node-locked (no.2 vs no.3 of FLEXlm 8 licence). No.2 is my original (not re-generated) expired license and No.3 is my re-generated license. I set the license no.3 with 'ISSUED' and 'expiration date' same as No.2. We can see that the SIGN is not identic. Well, this is the problem.

Sorry, just occured to me you can't follow my suggestion with later versions of flexlm as lmcrypt will not sign an expired license.
Yes, i heard you.

Questions :
1. Any ideas about SPROAUTH, please ?
2. If i want to use flexid, is it right if i add HOSTID=FLEXID=6-Cell[1]Cell[0] of my sspro dongle ? If yes it is, then It would not work. I have tested it. If no it is not, well then please explain ?

BR
SonofabiT

Maybe stupid question, but you know how to generate SPROAUTH string? Cause it is not simple dongleid, it has more complex length. If you are not able generate valid string the license will be not accepted even if the seeds are correct.
SPROAUTH string can be some kind of serial number derived from combination of dongleid and who know what next :) You should reverse app

br

Yes , my questions are so stupid. :) I am sory about it.

I guess, the SPROAUTH string is strongly depend the content of my *dmp (but i don't know exactly where is it). If we 'generate SPROAUTH string' as you said, it mean i should change the content of my *dmp. I think SPROAUTH string is uncangable (constant value) if we would not edit my sspro .dmp/.reg or decrypt the content of VENDOR_STRING (may be) which strongly encrypted ( for me ). Honestly, i can not decrypt yet the content of VENDOR_STRING.

Could anyone please explain me about 'generate SPROAUTH string' ?

BR
SonofabiT

@SonofabiT: upload the vendor daemon file.

hello friends
Has anyone success experience with flexlm licence hosted to SPROAUTH ?
Please, i need hints ...

As I said to you before, read the FlexLM Reference Manual, Chapter 13 : Vendor-Defined Hostid Types

Git

@Git
Ok Git. Eventhough it is hard to me as an newbie, i am keep trying.

@All
I have a daemon file ( Flexlm 9.0 ) which i want catch it's seed1/2. Let assume that the daemon is MyDaemon.exe. Reading several available articles deal with flexlm reversing, I can find the address of _l_sg.

Refers to my original license, I make a fake.dat license and ready to play. In the Debugging options of ollydbg 1.10, Under Exceptions Tab, i ticked/checked "Ignore also following custom exceptions of ranges:"

I load the MyDaemon.exe into ollydbg. Olly pause, then i go to _l_sg address.
Inside the _l_sg, i locate a dword pointer which represent a call to _l_n36_buff. The next intruction of this call is a return of _l_n36_buff intruction and i set bp in this address.

Still inside _l_sg, i back to 'call to _l_n36_buff' intruction and then i set bp in this call too. Finaly i run olly and i realy hope olly will break at call to _l_n36_buff intruction so it will provide me to continue the next journey.

The problem is ollydbg never break at call to _l_n36_buff.

Questions :
1. Am i missed somethings ?
2. In ollydbg, are there any Debugging options which i should setting in order to catch seed1/2 ?

BR
SonofabiT

Before you run Olly, load task manager and make sure MyDaemon.exe is not already running.

Git

Thank's a lot Git. You are realy understand how to advice a newbie like me. :)
Finaly i can catch seed1/2 at another PC. :D I think there are somethings wrong with my wind XP pro.

anyway, making a lmcrypt hosted to sspro-Authentification (SPROAUTH) of my sspro dump still frustrating me. :confused:

It will continue to frustrate you until you reverse engineer the application. "Vendor Specific" means written by the same people who wrote the application.

Git

SonofaniT still dont trust us that there is no generic way to calculate it. You really have to disassemble and debug the application to get more...