Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   Flexlnet 11.5 target (https://forum.exetools.com/showthread.php?t=16766)

rcer 04-15-2015 18:58
Flexlnet 11.5 target
 
I am trying to reverse a target which uses flexnet 11.5 licensing scheme.
I have recovered the correct encryption seeds, and have build lmcrypt for SIGN=12 character licenses. Licenses can be checked out with the lmtools utility, but when I try to run the program I receive the following error
"invalid FLEXLM license file syntax"

An older version of this application used SIGN=16 character licenses, so maybe I get above error because I am generating 12 character licenses.

Does anybody know how to build lmcrypt for SIGN=16 character licenses?

rgds

rcer

nikkapedd 04-15-2015 23:18
rcer, upload your target... And you need to add this string "-longkey", if you want SIGN with 16 characters..

Git 04-16-2015 01:59
Or in the sign area of the template license, put a 0 for each digit of SIGN that you want.

Example :
FEATURE fname3 vendorna 2.000 permanent 0 000000000000 TS_OK ck=0
gives 12 digit sign. 0000000000000000 would give 16 digit

Git

FoxB 04-16-2015 03:02
may be use -verfmt 5

nikkapedd 04-16-2015 04:14
-verfmt prints in old format and prints errors when
is newer than specified.
Code:
Here a full example...
usage: lmcrypt [-i infile] [-o outfile] [-e errfile] [-longkey]
        [licenses ...] [-r] [-verfmt ver] [-decimal] [-maxlen n] [-help]
  [-r]    Print copyright notice.
  [-help]  Display usage information.
  If no input file, or if specified as - or stdin, stdin is used.
  If no output file, or if specified as - or stdout, stdout is used.
  If no error file, or if specified as - or stderr, stderr is used.
  licenses are read and written back in place.
  If no arguments, reads stdin and writes stdout.

  -verfmt prints in old format and prints errors when
  is newer than specified. Version formats are 2-5, 5.1, 6, 7 and 7.1

[-longkey]-->> it makes 16 characters in the standard lic and 16 in the SIGN
Git, if you write [-longkey] in the script, and SIGN="0" in the template, the crypter write 16 characters, without filling with zeros the SIGN like this--> SIGN=0000000000000000

Git 04-16-2015 05:17
I'm aware of that nik, but prefer to do it the other way.

Git

alekine322 04-16-2015 06:51
Hi @rcer

upload your target, I can review and comment

rcer 04-16-2015 22:07
nikkapedd, Git & Fox & Alkine322

Thanks, for this tip, and I tried the 16 Char license, but still get the same error message.

Upload the full target, or the daemon only? and upload to where? ( have no access to the ftp anymore)

rgds

FoxB 04-17-2015 02:37
start from the deamon file on rghost.net

rcer 04-17-2015 08:01
O.K.
have sent you guys a PM with the link & pwd

regards

ketan 04-19-2015 07:09
>FEATURE fname3 vendorna 2.000 permanent 0 000000000000 TS_OK ck=0

add HOSTID=ANY e.g. to your template

otherwise if you want floating license then
add this

SERVER this_host locking port
DAEMON vendorna

and change FEATURE fname3 vendorna 2.000 permanent 0 000000000000 TS_OK ck=0
to
FEATURE fname3 vendorna 2.000 permanent 100 000000000000 TS_OK ck=0

rcer 04-19-2015 12:14
ketan,

vendor is callmd not vendorna,

I managed to solve the issue, the problem was that the target does not accept:

- HOSTID=ANY
- Permanent
- features with expiry dates beyond 2 years from current date

Program now runs fine with SIGN=12 license

ketan 04-20-2015 03:37
>vendor is callmd not vendorna,

Ah, sorry. It was Git' template, not yours.

As for client-side checks in 95% of cases you have to find lc_auth_data and trace the code that analyses config* returned. Sometimes the API to begin with is lc_get_config/lc_next_config. And a number of LM_*FILTER* hooks set with lc_set_attr are usual suspects also :-)

PS: never met SIGN=16digits in the wild, it's either 12 or CRO. Though technically it could be 16/20 also.

Git 04-20-2015 17:34
'vendorna' was made up from almost random letters that my fingers fell on, sorry :)

Git

nikkapedd 04-21-2015 02:35
ketan, the standard license can be 20 digits, but the standard SIGN can be only max 16 digits.. except the long ECC SIGN and SIGN2

rcer 04-21-2015 07:58
Ketan,

Thanks for this usefull info, but this target is .NET, and only the flexlm routines are machine code, and I don't have a clue how to debug NET.

Git 04-21-2015 17:37
.NET program will often call FlexLM functions in an ordinary DLL.

Git

N0P 04-21-2015 17:53
Quote:
Originally Posted by rcer (Post 99173)
Ketan,

Thanks for this usefull info, but this target is .NET, and only the flexlm routines are machine code, and I don't have a clue how to debug NET.
use visual studio + reflector plugin ;)

uranus64 04-21-2015 19:30
Also this tool is interesting for .NET "spy".

rcer 04-21-2015 21:27
Git,

This is also the case with this target, but I don't have a clue how to debug a NET executable with VS & reflector:)

ketan 04-22-2015 07:11
I'm pretty much sure flexnet api is either in the same binary PE section or in external dll.

Very simple way to get it debugged is patch any api call found (lc_new_job e.g) to int 3 and let system debugger catch it.

@nikkapedd - made my 1st flex target almost 20yrs ago, thanks you for insights though :-)

Git 04-22-2015 16:43
I am suggesting you debug the DLL if it is as I think. You could even debug both .NET program and normal DLL at the same time using reflector for the .NET and IDA for the DLL.

Git

rcer 04-23-2015 08:42
O.K. Looks like I will have to learn NET, and how to use reflector for debugging:)

Does anybody have a good tutorial about debugging an executable with refector?

rgds

wilson bibe 04-23-2015 16:47
Reflector is not the right tool to debug an net assembly, you can try the Dile or IlSpy to do this.

nathan 06-26-2015 21:23
May be a stupid question: do you have a sample valid license file ? My guess is that you a re missing one of those strings that may be forced to be mandatory (NOTICE=, VENDOR_STRING=, ert ...)

Mpower04 11-24-2015 15:49
Tracing .NET
 
Rcer-
Take a look at this post for debugging with .NET. I saw your post and reminded me of myself a few years back...

http://forum.exetools.com/showthread.php?t=8459

obfuscator 12-17-2015 17:14
is there any unpacker for flexnet packed exe ? or have to manually unpack the target


All times are GMT +8. The time now is 17:13.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2026, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX