Exetools  

Go Back   Exetools > General > General Discussion
Reload this Page Need help with a linux flexlm target
Register Forum Rules FAQ Calendar

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 11-11-2007, 16:21
Sailor_EDA Sailor_EDA is offline
Friend
  
Join Date: Nov 2004
Posts: 68
Rept. Given: 8
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 50
Thanks Rcvd at 4 Times in 2 Posts
Sailor_EDA Reputation: 2
Question Need help with a linux flexlm target
I'm trying to generate a license for a popular verilog simulator from an eda vendor with sys in its name

Anyways, here's what I have so far.

- I have an expired license with all all features
- I don't have the vendor daemon that this application needs.

My problems:
- Don't have Olly for linux, but have been using ida for linux with some success. Its buggy and crashes but it works so I'm not going to complain too much.
- In the past, I've successfully extracted keys from windows flexlm apps using CrackZ's techniques of breakpointing on lc_checkout, however, I don't think its possible for me to do that with this target
1. I cannot find lc_init() or lc_checkout() in the disassembly. A good thing about the linux binaries is that, all the names seem to be intact. I did find another library which does have these routines, but that library isn't being called as far as i can tell
2. The application quits after failing to find a vendor daemon. I set LM_LICENSE_FILE to point to my license.dat but the target just complains that it can't find the file and quits. I've actually single stepped through the code quite a bit and I see (just before it quits) where LM_LICENSE_FILE expects an argument of the sort %s:%s/license.dat where the 1st $s is the port number of the server on which the vendor daemon is running and the second %s is the server address and path.

So my questions are:
1. Is it possible to crack this without the vendor daemon if I can't even get it to accept the file that I have? Theoretically speaking, is patching the only way out for this target - that's inelegant though?
2. What should I be doing instead?

Plz PM me if you want more details about the app.

Thanks

Sailor_eda
Reply With Quote
  #2  
Old 12-01-2007, 12:59
Sailor_EDA Sailor_EDA is offline
Friend
  
Join Date: Nov 2004
Posts: 68
Rept. Given: 8
Rept. Rcvd 2 Times in 2 Posts
Thanks Given: 50
Thanks Rcvd at 4 Times in 2 Posts
Sailor_EDA Reputation: 2
C'mon, somebody has to have some idea or has everybody given up on cracking flexlm?
Reply With Quote
  #3  
Old 12-21-2007, 20:22
ChupaChu's Avatar
ChupaChu ChupaChu is offline
Friend
  
Join Date: Dec 2007
Posts: 38
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 3 Times in 3 Posts
ChupaChu Reputation: 0
Conserning flexlm, it seems to me you have configured it to read the license from a deamon on port you mention. Check if Deamon really runs on that port and that firewall is not blocking it. Also i noticed (in fluent, gambit and similar) that vendor names are sometimes stored as text strings, so look for them in IDA's "strings" tab
usualy its name of program combined with few bytes of additional text..

BR, ChupaChu!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Need some help on this flexlm target Sailor_EDA General Discussion 6 03-02-2006 13:38


All times are GMT +8. The time now is 13:53.

Aaron's homepage - Top

Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( Since 1998 )