PB Decompiler

[Tommeh]

Uhmm... i of course have worried about protection and found out the best way is to have some kind of online verification.

The problem here is ofcourse, if your app does not need to connect to the internet (for example a file viewer) it will probibly get labeled as spyware, whereas if its something like a web browser, its a little easier to pull off.

Now, the biggest problem with online verification is people can dummy servers by changing the values in the host file and they can block the app from accessing the host file as well to make sure its legit.

So the way i managed to get passed this was to do the following:

When the app connects to send the registered serial key, the server side checks the key from a database and then returns a UNIQUE data string that revolves around the serial key in some way but does not contain the whole key. (Yes so far all this can probibly be faked BUT!) Here is the magic part, that data string has to be valid as the client side dosnt just check it, it uses it to complete the program. The data string is decrypted with the serial key send client side, and then certen parts of the data string are then slotted in to the program to complete the app, If the wrong data string is given and the user manages to crack the app to bypass checking, then the application simply crashes. This was VERY hard for me to do as i had to build a kind of scripting engine all of its own for it and its very tempremental (sometimes it crashes anyway ^.^) now, even that is not immune but it makes it that little bit harder

[akee]

Oh no! There goes all the effort we put into a program...

[Num3]

I've studied how EXECriptor works and it's pretty simple...

It just takes simple code patterns and fills up your executable with increadably stupid spaguetti code...

too many jumps for a cracker to even bother....

of course performance drops (this is only good for software that does not need performance), and it adds about 200k of spagetti code to your own....

Example in PB:

Before

Code: Select all

a=a+1

After:

Code: Select all

goto e

d:
k=a
e:
goto d
k:
a+1

[akee]

After:

Code: Select all

goto e

d:
k=a
e:
goto d
k:
a+1

goto e... e says goto d, at d, k=a then it will goto d and so on, and so on... ooops endless loop? looks like a missing goto k... aaarrggh sphegetti code... i prefer the one you eat at italian restaurants.... (stomach growls)

[Num3]

Uhmm... i of course have worried about protection and found out the best way is to have some kind of online verification.

The idea is good, but...

Just take these things into consideration...

a)
Your technique would require each single executable to be diferent (so you could have diferent gaps to fill in)

b)
If your making small shareware software, and only count to have a few users, don't even bother, warez and cracker teams want big fish that has a market value of hundreds of euros, for name and reputation.

c)
PB executables are small, and any warez site would just buy a licence and distribute the entire registered program instead of wasting time cracking it...

[Num3]

goto e... e says goto d, at d, k=a then it will goto d and so on, and so on... ooops endless loop? looks like a missing goto k... aaarrggh sphegetti code... i prefer the one you eat at italian restaurants.... (stomach growls)

Ups... i lost myself in my own spagetti code!

Yes on d: there's a 'goto k' missing

[akee]

Ups... i lost myself in my own spagetti code!

Yes on d: there's a 'goto k' missing

No worries... You just made me hungry...

[thefool]

@num3 about C: thats why the online verification should look if the program is used on different machines & ip's, then block it and contact the author!

also if the check routine just got bypassed with a simple jump or nop, you would have a problem.

[zapman*]

I'll sell one of my softwares from next month. The key protection system is quite simple and can probably be cracked easily.

My strategy is to make keygens by myself and to register them and some copies of valid keys onto warez sites by myself. Of course, the generated and copied keys will have very small duration validity.

The target is to saturate warez sites with inefficient keys. Then, people looking for a key or a keygen will have to try dozens of them before having a chance to find a REAL crack for my soft.

What do you thinck about that idea?

[Dare2]

What do you thinck about that idea?

Sounds pretty cunning and unusual. A lot of work required in finding and keeping the cracker/warez sites up to date?

[Tommeh]

No when you submit cracks to various places you'd be supprised how fast they spread to other sites, but yeah its a good idea

[zapman*]

when you submit cracks to various places you'd be supprised how fast they spread to other sites

ho, hoooo! Seems to be experimented!!

[thefool]

okay i did this:
1) i got the selfmod example from this forum.
2) i edited it to NOT encrypt the part to be protected at runtime, only decrypt
3) made some marks instead so i could find it
4) programmed a simple part-of-file encrypter

5) runned the final exe, it crashes!

6) encrypted the exe file, now it runs perfectly!

7) opened ollydbg, it did NOT find the messagebox call which i encrypted


so it worked now i have to make a nice crackme so i can test if its really good. but it worked, and got encrypted! and decrypted the instructions at runtime!

[sec]

decrypted the instructions at runtime!

Someone will waste one's time for tracing and dumming code worked at runtime then you decrypted

[thefool]

true and i would choose only to encrypt the registration code! so it get decrypted only when i run it. then if one wants, encrypt it again.

so you need to find out how it is encrypted first! you can use nearly any kind of encryption, just make sure encrypted data isnt bigger than decrypted..

this is incode too! no software is wrapping around it to do it. the code itself does it!