|
|
#11
01-14-2014, 00:15
|
|||
|
|||
|
gurandiL, you can build your vendor using lmseeds
lmseeds1= 0x11111111 lmseeds2= 0x22222222 lmseeds3= 0x33333333 then use your new build as base with the tool "PubKey_Replacer170_win".. But i tried 3, 4 times and the tool does not work.. Other way is to build your vendor, but recovering the handshake 4 seeds with ida.. Then use the PubKey_Replacer170_win only for the right pubkey... Here is the body of the core that you have to find in the original vendor, then put the seeds in your new build Code:
In the body of this function find code like this: code if ((l_6buff == l_var_3315) && ((l_func_3313 ^ 2296) & 0xff)) l_func_3313 ^= 2296; if ((l_6buff == (l_var_3315 + 1)) && ((l_func_3313 ^ 7557) & 0xff)) l_func_3313 ^= 7557; if ((l_6buff == (l_var_3315 + 3)) && ((l_func_3313 ^ 1789) & 0xff)) l_func_3313 ^= 1789; if ((l_6buff == (l_var_3315 + 2)) && ((l_func_3313 ^ 6361) & 0xff)) l_func_3313 ^= 6361; The values (not in hex) 2296, 7557, 1789 and 6361 are the 4 seeds for the handshake process. in your lm_new.c file with the values from original vendor daemon. Tested and working by a master flexlm reverser...!!!!!!! Quote:
|
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Harmony A library for patching, replacing and decorating .NET and Mono methods during | ahmadmansoor | Source Code | 1 | 01-12-2024 15:06 |
| Alternate Approach to FlexLM Brute-Force | Windoze | General Discussion | 9 | 10-21-2020 19:23 |
| Where are the Class methods? | 5Alive | General Discussion | 0 | 07-28-2005 03:22 |
| Different Detection Methods | OHPen | General Discussion | 0 | 10-21-2003 10:11 |
Threaded Mode