I'm trying to generate a license for a popular verilog simulator from an eda vendor with sys in its name
Anyways, here's what I have so far.
- I have an expired license with all all features
- I don't have the vendor daemon that this application needs.
My problems:
- Don't have Olly for linux, but have been using ida for linux with some success. Its buggy and crashes but it works so I'm not going to complain too much.
- In the past, I've successfully extracted keys from windows flexlm apps using CrackZ's techniques of breakpointing on lc_checkout, however, I don't think its possible for me to do that with this target
1. I cannot find lc_init() or lc_checkout() in the disassembly. A good thing about the linux binaries is that, all the names seem to be intact. I did find another library which does have these routines, but that library isn't being called as far as i can tell
2. The application quits after failing to find a vendor daemon. I set LM_LICENSE_FILE to point to my license.dat but the target just complains that it can't find the file and quits. I've actually single stepped through the code quite a bit and I see (just before it quits) where LM_LICENSE_FILE expects an argument of the sort %s:%s/license.dat where the 1st $s is the port number of the server on which the vendor daemon is running and the second %s is the server address and path.
So my questions are:
1. Is it possible to crack this without the vendor daemon if I can't even get it to accept the file that I have? Theoretically speaking, is patching the only way out for this target - that's inelegant though?
2. What should I be doing instead?
Plz PM me if you want more details about the app.
Thanks
Sailor_eda