Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > Reverse Code Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
 
Thread Tools Display Modes
  #1  
Old 10-12-2013, 06:12 PM
darxstor darxstor is offline
Member
 
Join Date: Jun 2011
Posts: 12
Default Flexnet lic generation with newer SDK?

Hi gurus!. Nice to be back here.
I have a question regarding flexnet SDK: my target is v11.6.0.0 build 60117. It happens that I only have SDK 11.9.
Is it possible to generate a license for a previous flexnet version from here?
I've seen that lmcrypt should be able to gen lics for versions 2 to 7.1 using -verfmt option, but is there any way to create lic for 11.6 using some trick? Or exactly the same version as the target is needed?
I (supossedly) have the keys, seeds and vendor, and maybe a couple of more questions but all that is useless if I don't have the right encrypter, I guess.

Thanks a lot!.
Reply With Quote
  #2  
Old 10-13-2013, 01:35 AM
tedshred tedshred is offline
Member
 
Join Date: Oct 2010
Posts: 31
Default

The "-verfmt" option has to do with the variations of the formatting of the feature/increment line, not the basic encryption of the license. I would think that the incremental change of the minor version from 11.6 to 11.9 would not result in a difference in the license key generated.
Reply With Quote
  #3  
Old 10-14-2013, 12:53 PM
darxstor darxstor is offline
Member
 
Join Date: Jun 2011
Posts: 12
Default

Hi tedshred, thanks for quickly answering!
Understood about -verfmt, didn't know. I'm really new to flexlm/flexnet, just a couple of tries some years ago.
Ok: I did a license with 11.9. Assuming my keys & seeds are ok (I did seed recover procedure for 11.4) & also vendor daemon name, the daemon server starts ok and shows both features as available.
Also got messages: EXTERNAL FILTERS are OFF & TCP_DELAY NOT enabled on server side.
But the problem is that when I try to check license out, it gives the message : "Bad encryption handshake with server" on the client side. On server side I get :
13:39:14 (daemon_name) Bad handshake detected with pc_name_here pc_name_here
several times.
As far as I've googled it, it could mean that I'm using different versions for the executable and the server, among other things. Any idea?

Thanks!
Reply With Quote
  #4  
Old 10-14-2013, 01:46 PM
tedshred tedshred is offline
Member
 
Join Date: Oct 2010
Posts: 31
Default

I have not encountered the messages you're seeing. The server (I take it that you mean lmgrd.exe) should be the same or newer version than the daemon and the executable. The versions of the daemon and the executable should be the same.

Do you have the license server and the executable running on one or separate PCs?

Could you show a generic template of the license file, omitting specific software details/names(if you wish)?
Reply With Quote
  #5  
Old 10-15-2013, 08:17 PM
darxstor darxstor is offline
Member
 
Join Date: Jun 2011
Posts: 12
Default

Hi again. Sorry about the delay.
Yes, I meant lmgrd.exe. This is how it is now:
lmgrd.exe : 11.9
vendor_daemon.exe : 11.9

Both compiled with SDK 11.9, and license created with lmcrypt DLL=1

Program executable : 11.6.0.0 build 60117

Everything running on same PC.
I agree that all should be same version, that's why I started asking if it's possible to compile for an older flexlm version. I guess that's the problem.

License format is:
SERVER this_host MAC_address
DAEMON vendor_daemon_name
FEATURE feature_name_1 vendor_daemon_name version_# permanent 1 SIGN="nnnn nnnn nnnn \
nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn"
FEATURE feature_name_2 vendor_daemon_name version_# permanent 1 SIGN="nnnn nnnn nnnn \
nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn nnnn"

Regarding the "Bad encryption handshake with server" message, I've just googled it and some hits show this error coming due to several causes. I don't remember where I ' got it for the first time in Google, but if you search for it you'll find several vendors instructions showing the same message. I've searched again and found one saying that it could be a seed not matching issue. It makes me think that maybe my seeds are not good, not sure.
Any idea?

Thanks!

Quote:
Originally Posted by tedshred View Post
I have not encountered the messages you're seeing. The server (I take it that you mean lmgrd.exe) should be the same or newer version than the daemon and the executable. The versions of the daemon and the executable should be the same.

Do you have the license server and the executable running on one or separate PCs?

Could you show a generic template of the license file, omitting specific software details/names(if you wish)?
Reply With Quote
  #6  
Old 10-16-2013, 03:31 PM
tedshred tedshred is offline
Member
 
Join Date: Oct 2010
Posts: 31
Default

I'm surprised you got a "working" license for a long SIGN value with no mention of finding the elusive LMSEEDs for the vendor.

I'm assuming you included the path to the daemon on the DAEMON line in the actual license(?)
Reply With Quote
  #7  
Old 10-17-2013, 12:10 AM
darxstor darxstor is offline
Member
 
Join Date: Jun 2011
Posts: 12
Default

Hi.
I did the procedure to get SEEDs for 11.4, if that's what you mean. Hopefully they are right, not sure. The template comes from a genuine license.
Regarding the daemon path, looks like it's not needed. The daemon starts just with the daemon name, without full path. I did the same in my license and it starts (with the messages I mentioned before).
Does the fact that the daemon (lmgrd + vendor daemon) start mean that the keys and seeds are correct?
Reply With Quote
  #8  
Old 10-17-2013, 12:57 AM
tedshred tedshred is offline
Member
 
Join Date: Oct 2010
Posts: 31
Default

I might understand the omission of the path working if the license were located in the same directory as the daemon.
Reply With Quote
  #9  
Old 10-18-2013, 11:02 AM
darxstor darxstor is offline
Member
 
Join Date: Jun 2011
Posts: 12
Default

That's right. Everything is in the same directory.
Reply With Quote
  #10  
Old 10-18-2013, 01:10 PM
gdpforion gdpforion is offline
Member
 
Join Date: Oct 2010
Posts: 9
Default

@darxstor You are getting Bad Handshake error because the handshake uses Encryption Seeds 3/4 for server and Client. Since your target uses ECC 113Bits and you recovered the Enc Seeds 1/2 there is a difference in the lic and hence it is rejected. There is no way and no need to find the Enc Seeds 3/4. You have to go through the route of patching the target. Happy Learning
Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump





Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2022, Jelsoft Enterprises Ltd.