News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

Anti-Cracker

Started by Astro, July 24, 2009, 02:56:12 AM

Previous topic - Next topic

Astro

Anyone any recommendations on solutions or techniques for hardening a registry key and my GINA file against modification, etc..?

This is not a final solution, but will be something for now.

I've got a functioning GINA at last, and after only 3 BSODs during testing.  :eek

Best regards,
Astro.

ecube

daemon ware installs something that protects registry keys, forget name but its a seperate project that has nothin to do with daemonware and im pretty sure its free.

fearless

Might be possible to use RegNotifyChangeKeyValue to 'watch' the registry for your keys being changed and respond somehow if they are - restore to default settings, message box to user or whatever.

For the file itself, there are steps you can take that may possibly slow down an attacker, but in the long term a determined cracker will get by any protections you implement. Possible steps you could look at implementing: CRC checking for your file content and/or compressors, packers, encryptors for the file and its sections and possibly anti-debugging code.

Freeware packers usually have a unpacker counterpart, and there is some unpackers around for various versions of the commercial packers, so best not rely on them too much. Themidia (http://www.oreans.com/themida.php) is probably the best one out there at the moment, it uses all the techniques listed above and a virtual code engine to help slow down/prevent dissassembly and real time debugging.
ƒearless

dedndave

this is kind of a "dark side" issue, as viruses do the same thing you are trying to do

Astro

 ::)

I can see why viruses want to do this, but I want to do it, too.

Check your PM.

Best regards,
Astro.

dedndave

lol
my point was, it is something that is frowned upon in the forum
you may not get too many happy responses in this thread

Astro

OK - no problems.

Best regards,
Astro.