Exetools  

Go Back   Exetools > General > General Discussion

Notices

Closed Thread
 
Thread Tools Display Modes
  #1  
Old 09-06-2004, 01:48
panagiotis
 
Posts: n/a
software protections help

i want to learn the most common software protections against cracking and some protections of famous programs . anybody ? thank you !
  #2  
Old 09-06-2004, 02:01
Seventh
 
Posts: n/a
Lightbulb -!-

Read rEad reAd reaD

Theres a lot of ebooks posted here..

http://www.exetools.com/forum/showthread.php?t=3440&highlight=Ebooks

some of the links are not working..... try your luck!!!
  #3  
Old 09-06-2004, 12:22
Neitsa
 
Posts: n/a
Hello,

As Seventh says, reading a lot of tutorials and searching on the net with appropriate keywords will give you a good point of view in most of the current protection involved in software protection. Asking for them means you don"t yet know them.

A good point to start with, I think, is RE-ing (Reverse engineering) software for your own knowledge. Download a target > study it > write notes > Delete it. Make your own compilation of protection tricks ! The more you reverse, the more you'll know what are the protections used a lot in softwares.

It will lead you to some interesting points, and you'll grab some knowledge, with time, about many parts of RE like packers, anti-debugging, anti-dumping, SMC (self modified code), Crypto and/or hash functions ...

At lest, you'll need some coding knowledge, especially on one (or many) High level languages (like C, C++, etc.) and you'll have to know Assembly language like your mother tongue.

Depending on the plateform you're, you'll have to have a good knowledge on it, I mean what it could be called 'internals' (like 'windows internals'). Many of those internals will help you to implement/develop new ways (if it's possible) or at least 'strange'/'not well know' ways to protect or understand how are protected applcations.

Some good examples of those internals on Win plateform could be TEB, PEB, EPROCESS, KPROCESS, GDT, IDT, memory management, and a lot of other stuffs...With that you could achieve a better understanding on what's going on on your computer, and by the way, having this knowledge, develop/understand strong protections.

So, don't limit you to coding some stuff, study and study again what's going on on your computer in its depth.

As far as I know there's one book that gather some informations about anti-cracking stuffs. It's called "Crackproof your software" (Pavol Cerven), but all those tricks are now well known nad many of them are for win 9x plateform. Since NT has a different behaviour, and 9x is slowly but surely disappearing, concentrate your efforts on NT plateform.

Now you've all in your hands, and in your brain. Download a debugger (OllyDBG is a good one), and reverse all things you can (I mean.. all things that can be RE-ed ). If you don't understand something, fire-up your browser and invoke the great google !

Sometimes, things are difficult to understand, once you've searched a lot and trully doesn't understand what it could mean, it's time to ask on a forum. Do ont try to ask before understanding, it will lead you to NOTHING !

This is just a point a view...not really what you SHALL do. I think only time could help to a better understanding of what going on there...

So let's experiment, it's your turn now !

Regards, Neitsa.

Last edited by Neitsa; 09-06-2004 at 12:32.
  #4  
Old 09-07-2004, 02:52
Maviee
 
Posts: n/a
Hi

As Neitsa already pointed out, the best thing to learn is to try something on your own. I think what he forget to say is that you should start with more or less easy targets. It doesn't make much sense trying to reverse an ASPR protected app as a beginner.

Have a look on some shareware sites and check out some new software for serial protections and something. On this way you can see many different serial algos and how to reverse them.

If you think you are ready for some real stuff, check out a Safedisc 2 or Safedisc 3 protected game. Try to look for their softice checks and bypass them. Later in Safedisc reversing you will see code which decrypts itself in realtime, API wrappers and so on. You can find most of the stuff from Safedisc in an EXE cryper, but I always have the feeling that SD2 is easier to reverse, because they don't use as much crap code as the other protectors, so will mostly get a good look into the code.

But before you even start, check out the PE file format. Learn it, learn it, learn it. Also learn to use the Windows API for your own advantage. You can do nearly everything with the standard APIs.

I hope I could give you some advices how you can get started and learn how developers protect their products.

Greetings
Mav
  #5  
Old 09-07-2004, 03:23
panagiotis
 
Posts: n/a
thank you for your answers ! i am newbie and i dont know how to start .i think that tutorials does not help me because i dont understand the assembly .if i was buy a book about how to learn assembly this will make the things easier ?
  #6  
Old 09-07-2004, 03:38
Maviee
 
Posts: n/a
I might be wrong, but I thin it's a bit too early for you to buy an assembler book. Try to search for good tutorials which explain also the background WHY you are patching something or WHY you should look at adress xxyyzz for a serial. If you found such a tutorial, try to find a nice Assembler reference on the net.

http://yanorel.pcupdate.easyspace.com/masm/ewtoc.html or

http://protools.anticrack.de/files/docs/asmhelp.zip

would be a good start. This will save you some money for now and still teaches you some stuff.

greetings
Mav
  #7  
Old 09-08-2004, 09:41
Seventh
 
Posts: n/a
Post Further Reading!

This ebook is good for beginners Hacker Disassembling Uncovered ... i forgot the site . so i attached (roughly large attachment >4mb ) it here. Theres another one worth mentioning although i haven't read it yet.

Exploiting Software: How To Break Code
by Greg Hoglund, Gary McGraw

i can't find ebook version of this book if somebody knows where, pls share it.

Last edited by Seventh; 09-08-2004 at 09:43.
  #8  
Old 09-10-2004, 00:13
JVDB
 
Posts: n/a
Annyone red Lord Hrun's cracking tutorial? Sounds to be a good one, but haven't tracked it down yet.
  #9  
Old 09-10-2004, 01:53
shn0r
 
Posts: n/a
see daemon.anticrack.de, but always to protect better u have to know whats in revese is goin on try to make some connections with crc and working of you app, for example when some calculation depends on crc its very hard to find this and make REAL working, calculation's ( for example ) may depens on serial number etc itr tricky coz app may looks like working but its not working
  #10  
Old 09-10-2004, 04:58
TasM
 
Posts: n/a
Talking Excellent anticracking info...

Well, I recently stumbled accross this page which has some excellent anti cracking FAQ, especially if you are programming in Delphi

http://www.inner-smile.com/nocrack.phtml

Quote:
# How to make cracking your app a little bit harder... [upd:24-Feb-2k]
# More tips you might take into consideration... [upd:24-Feb-2k]
# Advanced tips given by Assembler freaks... [upd:06-Aug-99]
# Special on Delphi reverse engineering...
# Some notes on registration numbers... [upd:06-Aug-99]
# Some notes on timebombs... [new:14-Jan-2k]
# How to find cracks for your apps... [new:21-Apr-2k]
# What to do if you found a crack for your app... [upd:19-Aug-99]
# Facts and Myths about Software pirating...
# Thoughts and letters from crackers [upd:24-Sep-2k]
# Links of interest... [upd:16-Aug-2k]
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How long will the best software-only protections last? chaboyd General Discussion 14 06-23-2005 03:20


All times are GMT +8. The time now is 14:17.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )