software protections help

i want to learn the most common software protections against cracking and some protections of famous programs . anybody ? thank you !

Read rEad reAd reaD

Theres a lot of ebooks posted here..

http://www.exetools.com/forum/showthread.php?t=3440&highlight=Ebooks

some of the links are not working..... try your luck!!!

Hello,

As Seventh says, reading a lot of tutorials and searching on the net with appropriate keywords will give you a good point of view in most of the current protection involved in software protection. Asking for them means you don"t yet know them.

A good point to start with, I think, is RE-ing (Reverse engineering) software for your own knowledge. Download a target > study it > write notes > Delete it. Make your own compilation of protection tricks ! The more you reverse, the more you'll know what are the protections used a lot in softwares.

It will lead you to some interesting points, and you'll grab some knowledge, with time, about many parts of RE like packers, anti-debugging, anti-dumping, SMC (self modified code), Crypto and/or hash functions ...

At lest, you'll need some coding knowledge, especially on one (or many) High level languages (like C, C++, etc.) and you'll have to know Assembly language like your mother tongue.

Depending on the plateform you're, you'll have to have a good knowledge on it, I mean what it could be called 'internals' (like 'windows internals'). Many of those internals will help you to implement/develop new ways (if it's possible) or at least 'strange'/'not well know' ways to protect or understand how are protected applcations.

Some good examples of those internals on Win plateform could be TEB, PEB, EPROCESS, KPROCESS, GDT, IDT, memory management, and a lot of other stuffs...With that you could achieve a better understanding on what's going on on your computer, and by the way, having this knowledge, develop/understand strong protections.

So, don't limit you to coding some stuff, study and study again what's going on on your computer in its depth.

As far as I know there's one book that gather some informations about anti-cracking stuffs. It's called "Crackproof your software" (Pavol Cerven), but all those tricks are now well known nad many of them are for win 9x plateform. Since NT has a different behaviour, and 9x is slowly but surely disappearing, concentrate your efforts on NT plateform.

Now you've all in your hands, and in your brain. Download a debugger (OllyDBG is a good one), and reverse all things you can (I mean.. all things that can be RE-ed ). If you don't understand something, fire-up your browser and invoke the great google !

Sometimes, things are difficult to understand, once you've searched a lot and trully doesn't understand what it could mean, it's time to ask on a forum. Do ont try to ask before understanding, it will lead you to NOTHING !

This is just a point a view...not really what you SHALL do. I think only time could help to a better understanding of what going on there...

So let's experiment, it's your turn now !

Regards, Neitsa.

Hi

As Neitsa already pointed out, the best thing to learn is to try something on your own. I think what he forget to say is that you should start with more or less easy targets. It doesn't make much sense trying to reverse an ASPR protected app as a beginner.

Have a look on some shareware sites and check out some new software for serial protections and something. On this way you can see many different serial algos and how to reverse them.

If you think you are ready for some real stuff, check out a Safedisc 2 or Safedisc 3 protected game. Try to look for their softice checks and bypass them. Later in Safedisc reversing you will see code which decrypts itself in realtime, API wrappers and so on. You can find most of the stuff from Safedisc in an EXE cryper, but I always have the feeling that SD2 is easier to reverse, because they don't use as much crap code as the other protectors, so will mostly get a good look into the code.

But before you even start, check out the PE file format. Learn it, learn it, learn it. Also learn to use the Windows API for your own advantage. You can do nearly everything with the standard APIs.

I hope I could give you some advices how you can get started and learn how developers protect their products.

Greetings
Mav

thank you for your answers ! i am newbie and i dont know how to start .i think that tutorials does not help me because i dont understand the assembly .if i was buy a book about how to learn assembly this will make the things easier ?

I might be wrong, but I thin it's a bit too early for you to buy an assembler book. Try to search for good tutorials which explain also the background WHY you are patching something or WHY you should look at adress xxyyzz for a serial. If you found such a tutorial, try to find a nice Assembler reference on the net.

http://yanorel.pcupdate.easyspace.com/masm/ewtoc.html or

http://protools.anticrack.de/files/docs/asmhelp.zip

would be a good start. This will save you some money for now and still teaches you some stuff.

greetings
Mav