Results 1 to 9 of 9

Thread: Something Changed it seems !!

  1. #1

    Something Changed it seems !!

    To cut a long story short...
    Task : I am working on a 64bit application protected with Flexera 11.9 version with SIGN2 239bit.
    Process: Searching with favorite seach engine provide, it seems ECC enabled. To defeat need to patch the appl and can accept the weak license.
    Hard Work: Ok, digged for seeds, generated old license. accepted. Analyzed application, patched 9 files. Working fully.

    Anyway... Nothing to boasts about it.... Everybody does this way... ( Is it ? Lets check ?)
    Again searching .... revealed some kind of Total surprise.... License released by some group which does not require any modification. (What ????)

    Question : So here i am in front of all you Guru's . Does this means ECC is no more IFR (impossible to fully reverse). It could be an exception but one more appl i started seeing in linux x86, i also saw the same with long format (This appl, another time). Getting back to the main, Does anybody have more info about this word "geomaticLM". I think its enough for you all to get its history and geography... or Anybody interested in trying himself ...
    I still feel it can't be through brute forcing. Is there any kind of manipulation to approach the LM seeds. Or its CrackZ started releasing his latest findings in the Market...(just kidding)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Without getting too *specific*. I assume this is Roxar. Someone on here brought this to my attention about 18mths ago ifirc.

    From analysis of the 11.9 SDK I can tell you there has been no compromise of the integrity of the ECC.

    Regards,

    CrackZ.

  3. #3
    Registered User
    Join Date
    Jul 2011
    Location
    somewhere in Italy
    Posts
    19

    flexlm ECC protection

    Quote Originally Posted by gdpforion View Post
    To cut a long story short...
    Task : I am working on a 64bit application protected with Flexera 11.9 version with SIGN2 239bit.
    Process: Searching with favorite seach engine provide, it seems ECC enabled. To defeat need to patch the appl and can accept the weak license.
    Hard Work: Ok, digged for seeds, generated old license. accepted. Analyzed application, patched 9 files. Working fully.

    Anyway... Nothing to boasts about it.... Everybody does this way... ( Is it ? Lets check ?)
    Again searching .... revealed some kind of Total surprise.... License released by some group which does not require any modification. (What ????)

    Question : So here i am in front of all you Guru's . Does this means ECC is no more IFR (impossible to fully reverse). It could be an exception but one more appl i started seeing in linux x86, i also saw the same with long format (This appl, another time). Getting back to the main, Does anybody have more info about this word "geomaticLM". I think its enough for you all to get its history and geography... or Anybody interested in trying himself ...
    I still feel it can't be through brute forcing. Is there any kind of manipulation to approach the LM seeds. Or its CrackZ started releasing his latest findings in the Market...(just kidding)
    At the moment is not any way to reverse the ECC protection.
    But you can easly build your vendor with the SDK with different lmseed and it work as the original..
    The ECC patch is the only way to work with the program....
    And CrackZ is right about the ECC....
    Last edited by istigatore; October 24th, 2011 at 16:22.

  4. #4
    That's correct CrackZ, its rms 2k11.
    Thanks for the info. Thanks istigatore.
    So i assume that in some cases.. links does matter.....
    Now (hypothetical) a reverse way of RE. If we somehow get lmcrypt, is it possible to hunt down the lmseeds1-3.
    Best Regards
    Last edited by gdpforion; October 25th, 2011 at 13:52.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    A little more study revealed lmseeds can't be no more traced after generating the key pairs. So the hunting project goes for an end....
    Looks i need to study more... Since my extracted prikey always shows 1h extra bytes length 10,16,1f, compared to the sdk generated one for all the 3 keys.

    maybe the length is variable as the array shows [40] max dimention, but don't know... Will see....
    anyway this thread seems to find an end...
    Q. Something changed ?
    A. Well. Not really.
    Regards
    Last edited by gdpforion; October 27th, 2011 at 10:19.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    schrodinger
    Guest
    I am newbie in flexlm but I have seen this done lately and want plz an explanation for this. i think it is known by ppl here that Schrodinger 2011 x64 and x32 has been done lately with a full non patching requiring license . The program since its first license done in 2006 by rise team has been processed using ECC patching. Only now and for v11.9 flexera version this has been done without patching. The question is there an exploit for this especial version of flexlm or there is new mechanism to know the public key. Sorry for my ignorance though
    Last edited by schrodinger; January 20th, 2012 at 14:04.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Registered User
    Join Date
    Jul 2011
    Location
    somewhere in Italy
    Posts
    19

    "LMSEED"

    I know 2 people who are able to recover the "LMSEED", or at least believe that they are able to do it ... Because these people are capable of make licenses without touch / change any files ...
    And I wrote my previous post and half a shit.
    I have rebuilt a dozen of new "Vendors", with the right "seeds" , but changing the "LMSEEDS" .. Well, this license does not work with old "VENDOR" ..
    And I asked several people who have already worked with FLEXlm, and it is virtually impossible to recover "LMSEEDS" once again built the "VENDOR"
    I'd like to know from "CrackZ", if it is indeed possible to recover the 3 "LMSEEDS" or is there a way to "bypass them" ...

  8. #8
    I will post on this shortly.

    Regards, CrackZ.

  9. #9

    Cool

    Just a quicky...
    As light year is not only a measure of distance but also a measure of time. Since according to einstein's theory of relativity everything observed also depends on the frame of reference on which it is measured. So a "minute" here may not be the same as a "minute" elsewhere. We need to keep in mind about the velocity and position of CrackZ. As last time i heard about he went with shania to see the infrared rainbow on Titan. See you soon... Please don't mind.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •