How to crack AMPL student version
Open Ghidra and create a new project
Hit the key I to import a file to the project and select the ampl binary
Make sure you have the same options
Ghidra will ask to analyze the code, hit yes and check the option Decompiler Parameter ID
After the analyze is done go to the toolbar Search -> For Strings and filter out the word demo. There you will find the message that comes up for the limiter student edition. Double click it.
You will see the address that the string is stored and the functions that reference it. Double click on the FUN_XXXXXXXX on the right.
This brings us here
The comparison at
004d8323, is what causes the check for the student limitation. You can see an arrow going from
004d8336, this jump is taking place when student licence is found, so we can redirect the jump to an other address. But where? We can see that if the jump never happens there is an other one 4 lines bellow that goes to
004d83a3, that seems like the right address to go.
We need to apply this change on the binary, but if you try to change this file and Export to binary you will get an error when you try to run it. That is happening because we need to do the change on the line
004d832aon the raw binary and not here. So hit I to import a file and select the ampl binary again. But this time make sure the Format is Raw Binary.
Now hit G and go to this address
004d832abecause the Binary starts from
00000000and the ELF from
00400000. Now right click on the line -> Patch Instruction and change the address to point to
Hit O to export the new binary and choose Format -> Binary.
Now you have a cracked ampl binary! :)
You need to follow the same procedure for every solver you want to use, but probably you only going to need cplex.