Reverse Engineering Team Board

Reverse Engineering Team Board (http://www.reteam.org/board/index.php)
-   Reverse Code Engineering (http://www.reteam.org/board/forumdisplay.php?f=23)
-   -   Sentinel LM Vendor Information (http://www.reteam.org/board/showthread.php?t=3569)

30f4011 03-15-2011 07:25 AM

Sentinel LM Vendor Information
 
Hi all,
How to find Vendor Information(Optional attributes) from sentinel RMS protected program?

--
BR

yogi_saw 03-15-2011 10:44 AM

Search for lsdecode106 in google dnload the utility u will get all info

30f4011 03-16-2011 12:37 AM

Hi,

I have lsdecode106 and and I had used it to find vendor information from lic file.
But is it possible to find vendor information by reversing app?
Is there any function which takes vendor information as paramater?

--
BR

pivasik 03-16-2011 03:52 AM

Read manuals. Some functions get the parts of vendor info as parameters. But also there is secret parts used internally.

stuart1974 10-12-2012 01:33 PM

Hi,

Is there a possibility to get the secrets, what should we look for.

Thanks
Stuart

zementmischer 10-13-2012 01:20 AM

RMS' secrets (a.k.a. challenge-response) are based on comparing the MD4 digest of the license secret to the MD4 digest inside your target. If you are lucky your target is based on the example code provided by SafeNet which means that the secrets are also stored as plain text inside the executable. But most of the time your target will only contain the MD4 digest of the secrets and not the secrets itself. In this case it's almost impossible to recover the plain secrets. You should analyze your target for any references to the MD4 algorithm (just search for known constants like 0x67452301, 0xefcdab89, 0x98badcfe and 0x10325476). These constants are used by MD4_init. From here you should be able to determine the MD4_update function. You'll probably find two (or more) MD4_init and MD4_update functions inside your target if the implementation is based on the example. Just make a dummy license with some arbitary secrets, set a bpx on all MD4_update functions and examine the stack on each hit. If you see anything else than your own secrets then you've found a candidate for a secret - if not, shit happens...


All times are GMT -4. The time now is 05:27 PM.

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.