Results 1 to 10 of 10

Thread: flexlm 11.8 known pri/pub key

  1. #1

    flexlm 11.8 known pri/pub key

    Knowing the private/public keys is it possible to generate license for flexlm 11.8?
    I have the 11.4 sdk

  2. #2
    Founder FoxB's Avatar
    Join Date
    Mar 2002
    Location
    Earth
    Posts
    450
    without problem

  3. #3
    thanks FoxB for your reply
    Would you give me more information?
    What other info do i need? I have VENDOR_KEY(1-5), TRL_KEY(1-2) and pri/pub keys but no seed. Is it enough?
    in the sdk files, where should i put the private key?

  4. #4
    Founder FoxB's Avatar
    Join Date
    Mar 2002
    Location
    Earth
    Posts
    450
    well, explain more about your "pri/pub keys"
    what is?

  5. #5
    i found a utility which is called "Generic ECC pubkey replacer" developed by tanker
    it will replace target application's ECC public key with a known one.
    Then you can use a known ECC private key to generate a valid license.
    The question is having this private key how to build the lmcrypt,exe?
    vendor keys are known

  6. #6
    Founder FoxB's Avatar
    Join Date
    Mar 2002
    Location
    Earth
    Posts
    450
    i'm not use this way, sorry.

  7. #7
    Hiya,

    This is the approach I've been using for the last 5 years or so. I had planned to write a quick tutorial showing the method I'm using, but essentially it goes something like this.

    1. Build a lmcrypt.exe for target vendor using your own LM_SEEDS.
    2. Dig out the 3 public keys from generated lmcrypt. They are 0x10/0x16 & 0X1F bytes in length as I recall.
    3. Replace public keys in target with those from your lmcrypt.
    4. Licenses can now be generated.

    This is an over-simplification of the process, the public keys are rebuilt byte by byte at run-time so digging out all of the bytes to patch is kind of boring, (I wrote a program to do it). There are some other pitfalls I've seen, some targets have multiple public keys, you can also patch only the public key length your actually interested in, so if the program uses short ECC keys then only the shortest key needs patching.

    Best regards,

    CrackZ.

  8. #8
    Thanks CrackZ for your response.

    I'm trying to follow your steps, but step 2 is a complicated for me
    Question 1) AFAIK there should be one private key and 2 public keys. or do we have 3 pub keys?
    Question 2) I don't really know how to start digging out the keys. Would you please give me a clue?

    I appreciate your help in advance
    Also awaiting a full tutorial from you on the subject. This will makes the life much easier ;-)

  9. #9
    Musician member evaluator's Avatar
    Join Date
    Sep 2001
    Posts
    1,479
    Blog Entries
    1
    dear CrackZ!
    instead of full tutorial,
    i awaiting a from you 1 free Ice-cream!

  10. #10
    CrackZ,
    Can you please describe a little about (3).. How to detect those bytes to be changed.

    Best Regards and Thanks

Similar Threads

  1. flexlm
    By diazpi in forum The Newbie Forum
    Replies: 7
    Last Post: February 26th, 2010, 10:52
  2. flexlm 9.2.0
    By RCER in forum The Newbie Forum
    Replies: 14
    Last Post: February 19th, 2008, 03:10
  3. flexlm 11.0
    By icray in forum The Newbie Forum
    Replies: 1
    Last Post: August 17th, 2005, 11:24
  4. flexlm 9.0 help!
    By noxworld in forum Malware Analysis and Unpacking Forum
    Replies: 7
    Last Post: April 27th, 2004, 13:35
  5. flexlm
    By pdz in forum Advanced Reversing and Programming
    Replies: 2
    Last Post: January 19th, 2002, 10:08

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •