News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

DLLs protection (?)

Started by Apl_and_Asm, September 17, 2006, 04:27:33 PM

Previous topic - Next topic

Apl_and_Asm

Hello friends,

Conscious that no protection would resist a talented code-hacker, I was nevertheless wondering how to add minimal copy protection
and/or customer authentication information to the DLLs I have developed, in a reliable, safe way and without harming execution speed.

Feeback would be greatly appreciated.

Alan.
You can only come to the morning through the shadows.
(JRR Tolkien)

PBrennick

UPX or something similar will do an adequate job.  It will not keep out the determined but it will keep the vast majority of users honest.

Paul
The GeneSys Project is available from:
The Repository or My crappy website

Apl_and_Asm

 Thanks for your reply, Paul.

I must confess I do not see how UPX, executables compression software, can be used for copy protection.
Perhaps is compression one of the copy protection process' steps ? Clearly, I missed something.

Regards,

Alan.
You can only come to the morning through the shadows.
(JRR Tolkien)

drizz

Quote from: Apl_and_Asm on September 17, 2006, 04:27:33 PMhow to add minimal copy protection
and/or customer authentication information to the DLLs I have developed, in a reliable, safe way and without harming execution speed.
maybe a keyfile scheme, hardware dependent, would be ok unless you want something special.
The truth cannot be learned ... it can only be recognized.

Apl_and_Asm

 Good Idea, Drizz.

Thank you.

Regards,

Alan.
You can only come to the morning through the shadows.
(JRR Tolkien)

Mark Jones

Well, UPX might keep the majority of "code-tinkerers" out, but it is easy to circumvent with a little assembler knowledge. Personally I detest the whole protection schema in general; you might be better off not protecting it at all and instead making frequent updates. That way those who use the software illegally will (hopefully) get tired of trying to find new cracks for it and just buy it.

As far as physical code protection methods go, there are many but I doubt anyone here would be willing to share their secrets, because doing so would give crackers ideas how to break your software (and of course many crackers DO lurk here so we have to be careful what is said.) There are, however, a few commercial products for protecting code which claim to be crack-proof. These also include methods for licencing and purchasing so you don't even have to write that portion of the code. Please see http://www.masm32.com/board/index.php?topic=4476.0
"To deny our impulses... foolish; to revel in them, chaos." MCJ 2003.08

Ehtyar

UPX is most certainly not a method of protection, stepping with a debugger will lead you right to the original entry point. Hardware IDs and such limit the use of your software for those who wish to use it on multiple machines. Your best bet for a simple protection scheme is a few self-contained integrity checks throughout your code.

PBrennick

Obviously, the entry point MUST be known so you really have not said anything.

Paul
The GeneSys Project is available from:
The Repository or My crappy website

trodon

yes but in some whay Ehtyar is right upx is very easy solution for crackers because this is only compression
popad
jmp oep
and we are on original entry point  :green
so this is only if you want to compress you program for size, also you can use fsg v2.0
but if you want to protect you program dont use packer, use some protector  :wink

PBrennick

Actually, you are all missing the point.  UpX does an adequate job of keeping most people honest as they do not really know how to crack.  For those who 'do' know how to crack, there is nothing that will keep them out.  Because of this fact, my statement is valid.

Paul
The GeneSys Project is available from:
The Repository or My crappy website

trodon

yes if we are looking from this dot of point you are apsolutly right
but today number of crackers is like number of chinese peoples and just waiting to something relase to crack  :lol

Ehtyar

So what you're saying is, people will know how to reverse engineer a program that is not packed, while upx is likely to stump them? Please....

Anyway, to answer the real question, most any decent protection is afforded only by a commercial solution, asprotect, armadillo, themida, execrypter to name a few of the most challenging (albeit most expensive). However, like i said in my original post, your best bet is a few self contained integrity checks, placed throughout your code.

Allow me to add a few more thoughts, you can also look up yodas cryptor/protector, or upolyx if you feel upx is a good idea (no links because surely someone will claim i'm a pirate or some such rubbish). You may also explore api like IsDebuggerPresent, CheckRemoteDebuggerPresent, or use the FindWindow trick to find windows of debugger/dumper programs etc.

Hope these help, Ehtyar.