DLLs protection (?)

[Apl_and_Asm]

Hello friends,

Conscious that no protection would resist a talented code-hacker, I was nevertheless wondering how to add minimal copy protection
and/or customer authentication information to the DLLs I have developed, in a reliable, safe way and without harming execution speed.

Feeback would be greatly appreciated.

Alan.

[PBrennick]

UPX or something similar will do an adequate job.  It will not keep out the determined but it will keep the vast majority of users honest.

Paul

[Apl_and_Asm]

 Thanks for your reply, Paul.

I must confess I do not see how UPX, executables compression software, can be used for copy protection.
Perhaps is compression one of the copy protection process' steps ? Clearly, I missed something.

Regards,

Alan.

[drizz]

how to add minimal copy protection
and/or customer authentication information to the DLLs I have developed, in a reliable, safe way and without harming execution speed.

maybe a keyfile scheme, hardware dependent, would be ok unless you want something special.

[Apl_and_Asm]

 Good Idea, Drizz.

Thank you.

Regards,

Alan.

[Mark Jones]

Well, UPX might keep the majority of "code-tinkerers" out, but it is easy to circumvent with a little assembler knowledge. Personally I detest the whole protection schema in general; you might be better off not protecting it at all and instead making frequent updates. That way those who use the software illegally will (hopefully) get tired of trying to find new cracks for it and just buy it.

As far as physical code protection methods go, there are many but I doubt anyone here would be willing to share their secrets, because doing so would give crackers ideas how to break your software (and of course many crackers DO lurk here so we have to be careful what is said.) There are, however, a few commercial products for protecting code which claim to be crack-proof. These also include methods for licencing and purchasing so you don't even have to write that portion of the code. Please see http://www.masm32.com/board/index.php?topic=4476.0

[Ehtyar]

UPX is most certainly not a method of protection, stepping with a debugger will lead you right to the original entry point. Hardware IDs and such limit the use of your software for those who wish to use it on multiple machines. Your best bet for a simple protection scheme is a few self-contained integrity checks throughout your code.

[PBrennick]

Obviously, the entry point MUST be known so you really have not said anything.

Paul

[trodon]

yes but in some whay Ehtyar is right upx is very easy solution for crackers because this is only compression
popad
jmp oep
and we are on original entry point  :green
so this is only if you want to compress you program for size, also you can use fsg v2.0
but if you want to protect you program dont use packer, use some protector  :wink

[PBrennick]

Actually, you are all missing the point.  UpX does an adequate job of keeping most people honest as they do not really know how to crack.  For those who 'do' know how to crack, there is nothing that will keep them out.  Because of this fact, my statement is valid.

Paul

[trodon]

yes if we are looking from this dot of point you are apsolutly right
but today number of crackers is like number of chinese peoples and just waiting to something relase to crack  :lol

[Ehtyar]

So what you're saying is, people will know how to reverse engineer a program that is not packed, while upx is likely to stump them? Please....

Anyway, to answer the real question, most any decent protection is afforded only by a commercial solution, asprotect, armadillo, themida, execrypter to name a few of the most challenging (albeit most expensive). However, like i said in my original post, your best bet is a few self contained integrity checks, placed throughout your code.

Allow me to add a few more thoughts, you can also look up yodas cryptor/protector, or upolyx if you feel upx is a good idea (no links because surely someone will claim i'm a pirate or some such rubbish). You may also explore api like IsDebuggerPresent, CheckRemoteDebuggerPresent, or use the FindWindow trick to find windows of debugger/dumper programs etc.

Hope these help, Ehtyar.