Results 1 to 9 of 9

Thread: For Nolan Blender - Vox Quiet

  1. #1
    Crazy Genius
    Guest

    For Nolan Blender - Vox Quiet

    I'm reversing my target with flexlm 6.1
    As in essay I found out my real seeds ( by zeroing the random bits)
    ( It was the same seeds I got in lc_init proc 12345678 cmp )
    But it's still not working.

    Any ideas ?

    I read in reverse group work essay , that VoxQuet had the same problem.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  2. #2
    Nolan Blender
    Guest
    For 6.1, you have to null out the **pointer**
    to the job structure that's being passed to
    the decoding routine - simply zeroing the
    data in the job structure is insufficient, as the routine in lm_new will divide the key
    between the job structure, and the returned
    value in the vendorcode structure. If you
    look at Dan's essay or mine you can see how
    this is done.
    tsehp.cjb.net is where to go for these essays.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #3
    Crazy Genius
    Guest
    I didn't zero the data in the job structure , I zeroed the random bits. I tried to zero the pointer to the job structure and get same results . ( If I understood correctly the seeds then stored in the vendorcode structure in place of data[0] and data[1] ? ).

    And I have some other progs in the same program package, that don't use static library and never take the "vector call" in l_sg(). So the seeds I found for those progs are same I found for main one. And they don't work too.

    Any Ideas ????

    P.S. Nolan , what's your e-mail ?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  4. #4
    Nolan Blender
    Guest
    Well, they could be doing some tricks like
    user defined encryption or crypt filters.
    If you null out the pointer, you should get
    at least different results than without
    nulling it out. What's the program? What
    error does it give when it's not working?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  5. #5
    Crazy Genius
    Guest
    The target is Eagleware by GENESYS.
    As for user-defined encryption and filters I checked it out and did not find any. And of course I get different seeds when I null the pointer.
    But as I said this package includes different progs. And some of them are not using the new_job() function. The seeds I getting there ( by conventional ways) are same I found in main prog by zeroing out the pointer. in checkout() I got standart -8,-130 error - invalid seeds in all progs. Some of progs is about 400K in size. Want to look at it ?
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #6
    Nolan Blender
    Guest
    Are you generating long keys? Some programs
    (notably older ones) won't work if you use
    the current shorter keys. If you've compiled
    lmcrypt, you can ask for longer keys with
    lmcrypt -verfmt 5 -longkey license.dat

    Since this one doesn't appear to be a public
    (i.e, easily downloadable) program, I'm
    assuming you have access to some valid keys -
    try running lmcrypt against those keys to
    see if your seeds are correct.

    Also, some programs have a custom HOSTID that
    they use - if it requires something like
    HOSTID=BLAH_ID=11-23-53-23-53-23 then
    it may require a custom host ID.

    A very helpful exercise is to check what
    lc_set_attr is being called with - you'll
    be able to determine the behavior version and
    any other weird settings that may be implemented.

    I can sometimes be found on #cracking4newbies
    on EFnet. There are other people there who
    are experts at FLEXlm too, so ask in the
    channel for assistance. I suspect that one
    of the above tips will get you going though.

    --nb.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  7. #7
    Willebul
    Guest
    Hi

    Looked at this a while back ( Nice RF simulator ) , got hold of a real lic ( below )
    You can extract the code but
    look at the hostid , they do something funny
    at that end .
    Also the server line x=xxx seems funny
    Got sidtracked and havent had the time to finish up.


    SERVER Y=xxxx
    VENDOR eagle
    FEATURE genesys eagle 6.5 12-feb-2000 1 AF8EE0CC38C6 HOSTID="ANY P=EFEF"

    Good hunting
    W
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #8
    GeN!uS
    Guest
    ; Are you generating long keys? Some programs

    I tried all possible combinations.

    ;Since this one doesn't appear to be a public
    ;(i.e, easily downloadable) program, I'm
    ;assuming you have access to some valid keys -

    No I don't have any.

    Also, some programs have a custom HOSTID

    But I failed in checkout() func. As for l_host it's returns 0 . a check for user defined HOSTID usually comes after checkout()

    lc_set_attr is called with 3f,2b,38,3a,47,6,44 parameters - nothing unusual.

    also I have seeds from older version of this prog ( 6.1 ) I tried to create license with this seeds and it's not worked too. Does it mean anything ?

    P.S. I'm using Eagleware v.7 by GENESYS.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #9
    Perry
    Guest
    Excuse me all, but do you have tried Skullcoder sniffind??

    Perry.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Similar Threads

  1. Crackz Nolan God help me out :P
    By Robocop in forum Advanced Reversing and Programming
    Replies: 1
    Last Post: February 22nd, 2008, 18:42
  2. Tracking problem....Nolan help...
    By Robocop in forum The Newbie Forum
    Replies: 2
    Last Post: December 20th, 2005, 17:44
  3. Nolan: encryption seeds 3 and 4 in flexlm 7.2
    By abccba in forum Advanced Reversing and Programming
    Replies: 4
    Last Post: February 14th, 2001, 01:47

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •