PB Decompiler

DoubleDutch · Post by **DoubleDutch** » Wed Jun 01, 2005 2:55 pm

so it worked now i have to make a nice crackme so i can test if its really good. but it worked, and got encrypted! and decrypted the instructions at runtime!

Nice

But you need to test it on the new 64-bit processors - I've been told they have problems with self-mod code because they don't like data writes to code space at all...

The target is to saturate warez sites with inefficient keys. Then, people looking for a key or a keygen will have to try dozens of them before having a chance to find a REAL crack for my soft.

What do you thinck about that idea?

Thats a great idea

But you may make yourself a vendetta target for some groups for trying to spoil their fun...

But i'm prepared to risk it, what warez sites have a submit button?

-Anthony

thefool · Post by **thefool** » Wed Jun 01, 2005 3:06 pm

yeah i have heard a bit about the 64 bit processors

Num3 · Post by **Num3** » Wed Jun 01, 2005 5:20 pm

@TheFool:
Could you please post an exemple of who to work with self modifing code?

All my tests ended in crashes

...

RichardL · Post by **RichardL** » Wed Jun 01, 2005 5:33 pm

I'm a bit late reading this thread, but here is a real life experience dating back to the time when the Amiga was hot stuff and I was involved with some image processing software that ran on it.

The software was written in GFA Basic. The author sent the source and the executable for the first revision. Later he sent a more advanced version of the executable, but no source (floppy disks were small in those days) . We found a bug in the last version but at the same time the author became 'not available', so the bug could not be fixed.

We disassembled the executable code and produced a listing that would re-assemble and then, very carefully and with a backup every half hour or so started to reverse engineer the program.

Using the GFA compiler we could create templates of FOR...NEXT loops and other structures ourselves, and disassemble them to find the method the compiler used. Large sections of the program code could then be identified and annotated. The addresses of variables could also be labelled and named.

After each backup the code was re-assembled and checked against the original binary... we allowed NO errors.

In all it took about a month with about one and a half guys working on the job before we could start patching in the BASIC code as comments; and we could identify enough to focus on the upgrade areas and eventually found the bug... and fixed it!

Having done it once we could see how several tools could be written to speed the process quite considerably.

Its quite an intellectual challenge getting inside someone else's code and thought processes; but overall its not a course of action I would recommend too often.

Happy days!

ricardo · Post by **ricardo** » Wed Jun 01, 2005 5:52 pm

zapman* wrote:I'll sell one of my softwares from next month. The key protection system is quite simple and can probably be cracked easily.

My strategy is to make keygens by myself and to register them and some copies of valid keys onto warez sites by myself. Of course, the generated and copied keys will have very small duration validity.

The target is to saturate warez sites with inefficient keys. Then, people looking for a key or a keygen will have to try dozens of them before having a chance to find a REAL crack for my soft.

What do you thinck about that idea?

Good idea!

One good point to kill keygens is making it no reliable.

Are you doing it right now?

thefool · Post by **thefool** » Wed Jun 01, 2005 6:36 pm

@num3: probaly first tomorrow. ill just make a nice pattern seeker to encrypt the file.. but it works! without crashing

Doobrey · Post by **Doobrey** » Wed Jun 01, 2005 7:32 pm

RichardL wrote: In all it took about a month with about one and a half guys working on the job

What was the other 1/2 guy doing ?

Anyway, that sounds like a good idea. Most people probably would have just decompiled it to 68k asm and tried to figure out the bugs the hard way (yup..been there, done that and got the headache !)

dell_jockey · Post by **dell_jockey** » Wed Jun 01, 2005 9:24 pm

Num3 wrote:
Tommeh wrote:Uhmm... i of course have worried about protection and found out the best way is to have some kind of online verification.
The idea is good, but...

Just take these things into consideration...

a)
Your technique would require each single executable to be diferent (so you could have diferent gaps to fill in)

b)
If your making small shareware software, and only count to have a few users, don't even bother, warez and cracker teams want big fish that has a market value of hundreds of euros, for name and reputation.

c)
PB executables are small, and any warez site would just buy a licence and distribute the entire registered program instead of wasting time cracking it...

as to your point b):

Num3,

I don't think so...

I stumbled across keys/cracks for an app that has a maximum worldwide market volume of some 10.000 copies, a market that is shared by at least 10 major players and numerous smaller players, so go figure.... Admitted: the crack was for one of the major players, but a player in a very small market nonetheless...

In my opinion, you have only two choices really:
- go OpenSource, or
- otherwise protect your app.
I don't think there's anything viable in between...

As to protection:
- you have to tie it to a hardware profile, otherwise your point d) is valid.
- if you implement a protection scheme, don't use any technique that the compiler ultimately translates into JMP, JNE, etc. A somewhat smarter idea would be to use a combined hardware profile and key based code to somehow fill a table that is used for indirect function or module addressing.

Another crazy idea:

I could envision a software distribution method, that includes the free demo version of PB or a freeware linker. The installation routine should somehow ascertain that every function/module is linked into the final installation in random order. Perhaps this order could be generated by using a local hardware profile. If final compilation is done at the users' client, theoretically every binary image out there will differ, hence your point d) becomes invalid and the indirect function/module addressing table idea described above will be different as well...

just my two €-cents (that got devaluated a bit today...)

zapman* · Post by zapman* » Wed Jun 01, 2005 10:29 pm

ricardo wrote:One good point to kill keygens is making it no reliable.

Are you doing it right now?

My soft will be online this week ( http://www.rankspirit.com )
and i'll begin to distribute my keygens next month.

thefool · Post by **thefool** » Wed Jun 01, 2005 10:46 pm

i would do that, and implement some different techniques.
i can help you a bit if you want. i do have some different rules and even some docs so you could provide a small ammount of newbie cracker protection, might even for better crackers, but of course not for the pro & routined ones..
but it could stop some newbies.

another thing: i need one with a 64 bit CPU to test my selfmodifying crackme!
both using a 32 bit os & the 64 bit processor and a 64 bit os with it.. well if someone ocationally has 2 minutes to help me, i would be happy

and 3rd thing

: zapman looking at your software it seems quite nice! if it works as good as it seems to be able too, im pretty sure there will be some users.. but send a pm if you want some advises etc

ow this is the 3rd edit but the 4th thing, as i dont like posting too many posts

:
the screenshot of your software DropUpload in the freeware section of the page doesnt show here.

Kaisen2100 · Post by **Kaisen2100** » Thu Jun 02, 2005 1:32 am

i think ... there is no one 100 % secure way to protect your program ... if you can make program with a pc ... then someone can crak it with a pc ... any way at any cost of time...

may be it is a better idea to make something like open source "donationware" ... you can make your program totally free ... and sell the source code ... and you can accept donations ...

Kaisen2100 · Post by **Kaisen2100** » Thu Jun 02, 2005 2:12 am

searching in google i've found this ... a library for assymetric encryption ... great and cheap library

... look at my message here and you will find the link ...

viewtopic.php?p=91120#91120

zapman* · Post by zapman* » Thu Jun 02, 2005 7:16 am

I had nothing important to do today and I've made the keygens just for the fun:
http://www.freesoundeditor.com/dowloads/rs_keygen.htm

Shannara · Post by **Shannara** » Thu Jun 02, 2005 8:07 am

Nothing like soft porn for an icon, lol.

thefool · Post by **thefool** » Thu Jun 02, 2005 9:35 am

lol they are too overheadet. ever seen a keygen?
Be sure to make a nice nfo file!

but i would make a simple one too, that plays a nice tune. and is simple in gfx not anything black etc. just plain with some flat btn's & a nice image that isnt a skull or something like that.
nearly 80% of the keygens i tried [eh for fun. eg to see what they look like...

] are simple & plain, nothing porn & fancy etc..

and those names are pretty wild too

it seems that people really does think those crackers are all wild and porn fanatics they arent. some are, and some writes awfull things but some, the most known, are in fact not that bad.

so i would make a simple one without too much.. but the current ones are funny indeed

also use a packer like mew11 thats a l33t one

PureBasic Forums - English

PB Decompiler

Good news