Thanks Thanks:  8
Page 1 of 5 123 ... LastLast
Showing results 1 to 10 of 48

Thread: How to find flexlm seeds from 64bit demo?

  1. #1
    Member Reputation: 30
    Join Date
    2014-06-29
    Posts
    21


    1 out of 1 members found this post helpful.

    Default How to find flexlm seeds from 64bit demo?

    I have got the seeds of the attached demo with 32bit demo(I know the seeds for 32bit and 64bit are the same. To get the seeds is not the purpose of this thread). However, I cannot find it in 64bit flexlm 11.12. Could someone kindly show me how to find out the seeds of the attached demo as an example? Appreciate if you can show me the procedure and provide me the name of an useful 64bit decode tool.

    Attachment 41337

    Thank you so much!
    Last edited by prospect2005; 2018-04-28 at 10:09 AM Reason: Clarify

  2. # ADS
    Circuit advertisement
    Join Date
    Always
    Posts
    Many
     

  3. #2
    Member Reputation: 32
    Join Date
    2014-01-24
    Posts
    42


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    I used x64dbg (64 bits) and the same parameters (demon + fake lic file, etc) and I found the seeds of my target without any issue

  4. #3
    Member Reputation: 292
    Join Date
    2009-09-10
    Location
    Earth...
    Posts
    381


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    the seeds of the 32bit same for 64bit

  5. #4
    Member Reputation: 32
    Join Date
    2014-01-24
    Posts
    42


    Default Re: How to find flexlm seeds from 64bit demo?

    yes, this is true as well.........as an "exercise for practicing " I worked with demonx32 and demonx64 and this was the result.
    thanks for the clarification BfoX, this is a good advice for many people

  6. #5
    Member Reputation: 104
    Join Date
    2010-05-19
    Posts
    119


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    Quote Originally Posted by prospect2005 View Post
    I have got the seeds of the attached demo given by 32bit demo. However, I cannot find it in 64bit flexlm 11.12. Could someone kindly show me how to find out the seeds of the attached demo as an example? Appreciate if you can show me the procedure and provide me the name of an useful 64bit decode tool.
    Attachment 41337
    Thank you so much!
    lgcx.exe seeds {0x1F47C5D5, 0xEFEFDB21};

  7. Thanks javilapiedra thanked for this post
  8. #6
    Member Reputation: 30
    Join Date
    2014-06-29
    Posts
    21


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    Quote Originally Posted by BfoX View Post
    the seeds of the 32bit same for 64bit
    Yes, I know the seeds are the same for 32bit and 64bit. I just want to know how to get it with only 64bit demo. The purpose of the thread is not to get the seeds but to know the produre of getting seeds from 64bit demo.


    Thank you any way.

  9. #7
    Member Reputation: 30
    Join Date
    2014-06-29
    Posts
    21


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    Quote Originally Posted by carlitos View Post
    I used x64dbg (64 bits) and the same parameters (demon + fake lic file, etc) and I found the seeds of my target without any issue
    Thank you so much for your valuable reply. x64dgb(64 bit) is the tool I used. However, I don't know how to get the seeds.
    When decoding with OllyDgb, the steps I took are in the following(According to Darsy's method):

    Quote Originally Posted by Darsy View Post
    • Check the memory address inside ecx or edx.(follow in dump).One of them will contain the location of
    the job structure. ( note that this new Job structure starts with 00 00 00 00 instead of 66 00 00 00)
    • Delete the 16 random bytes inside the job structure, (starting @ job+04 and ending @ job+13), and
    replace with “00”
    • Run the program & let it break at BP#2 (“Break on RET”, after returning from the call to _l_n36_buff)
    • Now Look at the following stack locations: (follow in dump)
    o ESP+04: Pointer to vendor name (name of vendor daemon)
    o ESP+08: Pointer to vendor code (which now will contain the clean seed 1 and 2)
    o VC+04 = Seed1
    o VC+08 = Seed2

    However, I don't know which register should I refer to. And x64dgb does not support the "follow in dump" function. Could you explain this step and the following steps with x64dbg in detail? Thank you very much!

  10. #8
    Member Reputation: 30
    Join Date
    2014-06-29
    Posts
    21


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    Quote Originally Posted by kjms View Post
    lgcx.exe seeds {0x1F47C5D5, 0xEFEFDB21};
    Thank you so much for kindly providing the seeds. I have got the seeds of the attached demo with 32bit demo(I know the seeds for 32bit and 64bit are the same.


    Could you kindly show me how to find out the seeds of the attached 64bit demo as an example?


    Thank you very much!
    Last edited by prospect2005; 2018-04-27 at 11:55 AM

  11. #9
    Member Reputation: 104
    Join Date
    2010-05-19
    Posts
    119


    4 out of 4 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    Hi watch the video, lets know if any question (:
    Attached Files Attached Files

  12. Thanks javilapiedra, tonyweb thanked for this post
  13. #10
    Member Reputation: 30
    Join Date
    2014-06-29
    Posts
    21


    1 out of 1 members found this post helpful.

    Default Re: How to find flexlm seeds from 64bit demo?

    This is really helpful! Thanks a lot

Tags for this Thread

Bookmarks

Bookmarks

Posting Rules

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •