I have got the seeds of the attached demo with 32bit demo(I know the seeds for 32bit and 64bit are the same. To get the seeds is not the purpose of this thread). However, I cannot find it in 64bit flexlm 11.12. Could someone kindly show me how to find out the seeds of the attached demo as an example? Appreciate if you can show me the procedure and provide me the name of an useful 64bit decode tool.

41337

Thank you so much!

I used x64dbg (64 bits) and the same parameters (demon + fake lic file, etc) and I found the seeds of my target without any issue

the seeds of the 32bit same for 64bit

yes, this is true as well.........as an "exercise for practicing " I worked with demonx32 and demonx64 and this was the result.
thanks for the clarification BfoX, this is a good advice for many people

I have got the seeds of the attached demo given by 32bit demo. However, I cannot find it in 64bit flexlm 11.12. Could someone kindly show me how to find out the seeds of the attached demo as an example? Appreciate if you can show me the procedure and provide me the name of an useful 64bit decode tool.
41337
Thank you so much!

lgcx.exe seeds {0x1F47C5D5, 0xEFEFDB21};

the seeds of the 32bit same for 64bit

Yes, I know the seeds are the same for 32bit and 64bit. I just want to know how to get it with only 64bit demo. The purpose of the thread is not to get the seeds but to know the produre of getting seeds from 64bit demo.


Thank you any way.

I used x64dbg (64 bits) and the same parameters (demon + fake lic file, etc) and I found the seeds of my target without any issue

Thank you so much for your valuable reply. x64dgb(64 bit) is the tool I used. However, I don't know how to get the seeds.
When decoding with OllyDgb, the steps I took are in the following(According to Darsy's method):



• Check the memory address inside ecx or edx.(follow in dump).One of them will contain the location of
the job structure. ( note that this new Job structure starts with 00 00 00 00 instead of 66 00 00 00)
• Delete the 16 random bytes inside the job structure, (starting @ job+04 and ending @ job+13), and
replace with “00”
• Run the program & let it break at BP#2 (“Break on RET”, after returning from the call to _l_n36_buff)
• Now Look at the following stack locations: (follow in dump)
o ESP+04: Pointer to vendor name (name of vendor daemon)
o ESP+08: Pointer to vendor code (which now will contain the clean seed 1 and 2)
o VC+04 = Seed1
o VC+08 = Seed2



However, I don't know which register should I refer to. And x64dgb does not support the "follow in dump" function. Could you explain this step and the following steps with x64dbg in detail? Thank you very much!

lgcx.exe seeds {0x1F47C5D5, 0xEFEFDB21};
Thank you so much for kindly providing the seeds. I have got the seeds of the attached demo with 32bit demo(I know the seeds for 32bit and 64bit are the same.


Could you kindly show me how to find out the seeds of the attached 64bit demo as an example?


Thank you very much!

Hi watch the video, lets know if any question :)(:

This is really helpful! Thanks a lot:)

Hi watch the video, lets know if any question :)(:



Download Other Links

Hi watch the video, lets know if any question :)(:


I would like another link

And this vendor 64 bits for practicing that is making me crazy? I don´t need the seeds, i want to know how to fish them?

Thanks so much

Same method as POST#9 (http://www.finetopix.com/showthread.php/50385-How-to-find-flexlm-seeds-from-64bit-demo?p=266953&viewfull=1#post266953)
MLM seeds are {0x990DE24E, 0x38A1C965};
(http://www.finetopix.com/showthread.php/50385-How-to-find-flexlm-seeds-from-64bit-demo?p=266953&viewfull=1#post266953)

I didn´t success with MLM.exe 64 bits, and i don´t know why. I think my vendor didn´t do anything, becuase it doesn´t start. Could you show me how you find them.;)

Thanks kjms

I didn´t success with MLM.exe 64 bits, and i don´t know why. I think my vendor didn´t do anything, becuase it doesn´t start. Could you show me how you find them.;)

Thanks kjms

may be your vendor use long sign. so seed1/2 is useless

may be your vendor use long sign. so seed1/2 is useless

:mad:???????????????????????

Well they ( Mathworks) are using LONG sign, so ECC will still need to be patched regardless of seed recovery.

To recover the MLM seeds you can even use the "easy" method.. ( Still works for some daemons)

Search for constant 3D4DA1D6 and break point each entry .. ( look @ stack or RSP location )
Seeds are out in the open
1st break = seed one, 2nd break = seed 2 ... it is a simple as it gets.

x64dbg command line =
"C:\Flexlm\Matlab\MLM.exe" -t PCNAME 4 -c c:\flexlm\dummy.dat ( Important that it is called *.dat)

Use whatever paths you need .. but MLM I've found that it needs to be .dat ( not .lic) ...

Create a fake license with following :

SERVER Dune ANY
VENDOR MLM
USE_SERVER
FEATURE Test MLM 99 15-jan-2018 1 1234567890ab \

Well they ( Mathworks) are using LONG sign, so ECC will still need to be patched regardless of seed recovery.

To recover the MLM seeds you can even use the "easy" method.. ( Still works for some daemons)

Search for constant 3D4DA1D6 and break point each entry .. ( look @ stack or RSP location )
Seeds are out in the open
1st break = seed one, 2nd break = seed 2 ... it is a simple as it gets.

x64dbg command line =
"C:\Flexlm\Matlab\MLM.exe" -t PCNAME 4 -c c:\flexlm\dummy.dat ( Important that it is called *.dat)

Use whatever paths you need .. but MLM I've found that it needs to be .dat ( not .lic) ...

Create a fake license with following :

SERVER Dune ANY
VENDOR MLM
USE_SERVER
FEATURE Test MLM 99 15-jan-2018 1 1234567890ab \

Thanks so much for your help… I´ve done. Thanks, thanks...

Hi watch the video, lets know if any question :)(:

Could you send me this video ? reputation too low to download attachments

PLease, help find a seeds from this
41623

PLease, help find a seeds from this
41623
Nvidia seeds
{
0x555CCA26, 0x4BB0EB24
};

Hi , can anyone help me to get seed from this deamon .

i have followed the standard procedure but gives nothing

Regards41642

Hi , can anyone help me to get seed from this deamon .

i have followed the standard procedure but gives nothing

Regards41642

LICPIFT
{
0x25808BC3, 0xDA9FEE92
};

Dear kjms;

Please help me find seeds.
Here is a VD.

Dear kjms;

Please help me find seeds.
Here is a VD.

GRAITEC
{
0xA53DA3CA, 0xDDAB59EC
};

This document [quite old] may help: seed_extraction (http://www.mediafire.com/file/a589glrttuqegvq/flexlm_7.x-11.4_seed_extraction.pdf/file)
Of course as discussed above, if your target uses ECC signing than the extraction of Seeds is not enough.

hi all,
if need to extract the flexlm seeds ( 32 & 64) bit feel free post link or PM i will help you :)

Dear kjms!


Please help me find seeds.

Dear kjms!

Please help me find seeds.

42320

Dear kjms!


Please help me find seeds.
@2gan
I don't have permission to access to download, upload public host...

[QUOTE = kujb; 275262] @ 2gan
У меня нет разрешения на скачивание, загрузку общедоступного хоста ... [/ QUOTE]


https://drive.google.com/open?id=1RUiL812vIMnAS0PcQ_yR21btf7o5r8oj

[QUOTE = kujb; 275262] @ 2gan
У меня нет разрешения на скачивание, загрузку общедоступного хоста ... [/ QUOTE]


https://drive.google.com/open?id=1RUiL812vIMnAS0PcQ_yR21btf7o5r8oj

sbs
{0xC764DB08, 0x843AE3C4};

Hi watch the video, lets know if any question :)(:

I don't have permission to access to download, upload drive.google.com , thank you.

How to find ? can you explain it?
sbs
{0xC764DB08, 0x843AE3C4};

Already have several video clips this forum search

Thank you kjms for helping me on the this thread. I tried the same way you shew me with another deamon. However, there is no "Follow in Dump" option on RCX. Can you tell me why? Thank you!

By follow in dump on rdx, I got the seeds Seed1＝0x09940A9D, Seed2＝0xC946EF5A. However, license made by them cannot be activated.

42552

42553

I also put it on Google Drive in case you cannot download it here. Thanks for anybody for help.


https://drive.google.com/file/d/1-arXGkr8g8pmVI-bLv4n7XIlE_DilhgI/view?usp=drivesdk

Thank you!

Could you kindly help me on my daemon above? Thank you!

Thank you kjms for helping me on the this thread. I tried the same way you shew me with another deamon. However, there is no "Follow in Dump" option on RCX. Can you tell me why? Thank you!
By follow in dump on rdx, I got the seeds Seed1＝0x09940A9D, Seed2＝0xC946EF5A. However, license made by them cannot be activated.

your seeds are correct....
64bit follow rdx, 32bit follow rcx

your seeds are correct....
64bit follow rdx, 32bit follow rcx

Thank you very much. Then maybe I need to patch the deamon.

Hi, hoping someone can help with advice on a 64bit daemon. A few years ago I got the seeds from a 32bit daemon, but in the latest release it's now 64 bit. I followed the same logic and sort of got similar seeds. In the 32bit old version they were straight forward and:

VC+04: B2E569B1
VC+08: 9F492E5A

In the 64bit new version I get:

VC+00: B2E569B100000004
VC+08: EC5F8E859F492E5A
VC+16: E4FE43EFB7BD3762

The version is 11.15.1.0 and I wondered if the seeds are still 8 characters long or whether there is anything else to check, as it might just be the license format.

the seeds should be the same x32 and x64

I should have said that the x32 daemon is about 8 years old, whilst the x64 is new. Therefore it might not be the same seeds but it looks that way, but it's just how they are displayed using x64dbg. Still trying to figure out why the new version isn't working.

So, the license generator is working but the only license that works is an 'original' one which I changed the HOSTID. The expiry date and features seem to be reliant on the following line, which I'm not familiar with:

NOTICE=/s::501BAF9E629A6331C73B2DE880BB3E029DBB2E924BFA66AD891253E16B4EC02022654E08FA270E95B45E9A87F02A3286F09F4D0D496438CCC252DC1CA9763A79 \

Is this a secondary level of flexlm security, or software specific?

Thanks in advance.

the vendor specific. similar to vendor_string, issuer, etc.

the vendor specific. similar to vendor_string, issuer, etc.
Thanks for the info - it saves me the hassle of trying to do a generic license.

hi, could you please upload it or share it with me in PM

thanks in advance

hi, could you please upload it or share it with me in PM

thanks in advance
What files do you want? License, daemon, seeds, example program?