i have already tried.
ASProtect and PureBasic?
thefool,
One of the things I found out when using ASProtect with PureBasic is that you can use the inline assembler to insert the tags.
<some code>
!_MarkBegin1 db "CRYPT_START"
<more code>
!_MarkEnd1 db "CRYPT_END"
<more code>
This will let your mark stay put and not dumped in any .data section.
Try it!
sec:
Thank you. I am sure that most of us knew already. It's just there is no fun for the crackers unless someone at least tries to protect their software.
Besides:
Most of us lock the front door when we leave home. Knowing that some one has to spend only a couple of minutes to break into our house doesn't change that. Or maybe I am all wrong...
Have a good night all.
Regards,
Storck
One of the things I found out when using ASProtect with PureBasic is that you can use the inline assembler to insert the tags.
<some code>
!_MarkBegin1 db "CRYPT_START"
<more code>
!_MarkEnd1 db "CRYPT_END"
<more code>
This will let your mark stay put and not dumped in any .data section.
Try it!
sec:
Thank you. I am sure that most of us knew already. It's just there is no fun for the crackers unless someone at least tries to protect their software.
Besides:
Most of us lock the front door when we leave home. Knowing that some one has to spend only a couple of minutes to break into our house doesn't change that. Or maybe I am all wrong...
Have a good night all.
Regards,
Storck
Thanks for the tip, Storck.
In someway it seems to work, but the program isnt happy for raw text in the code. Try this:
Anyone knows why that happens? Wrong use of the marks?
In someway it seems to work, but the program isnt happy for raw text in the code. Try this:
Code: Select all
;my small test code ;)
!_MarkBegin1 db "CRYPT_START"
MessageRequester("","This is the one that is marked in the code :P")
!_MarkEnd1 db "CRYPT_END"
MessageRequester("","OUTSIDE the marks ;)")
probably it's trying to execute the text as ASM op:s, you should probably jump over the inlined text part.
Something like this perhaps:
Something like this perhaps:
Code: Select all
;my small test code ;)
! jmp inside
!_MarkBegin1 db "CRYPT_START"
!inside:
MessageRequester("","This is the one that is marked in the code :P")
! jmp outside
!_MarkEnd1 db "CRYPT_END"
!outside:
MessageRequester("","OUTSIDE the marks ;)")
I think your right that 0.98 was the last version released, but the latest update to 0.98 was the forementioned date according to the website 
http://www.softpedia.com/progDownload/T ... ad-23.html
http://www.softpedia.com/progDownload/T ... ad-23.htmlI think either the date on that page is wrong or perhaps it means the date the page itself was updated because the software definitely says 2001.
I found a more recent (updated a few months back) exe protector that is free for 'home programmers' called ExeShield Deluxe. Not sure if it's any good but the link is:
http://www.webstylerzone.com/en/index.htm
On the topic of ASProtect, i emailed the author several weeks back asking about the upgrade policy and never got a reply which fits in with what i've read about the support not being too good. I'm a registered user of ASPack too, but perhaps it was just a one off. ASProtect does look quite good though, especially if it can be made to work nicely with PureBasic.
I found a more recent (updated a few months back) exe protector that is free for 'home programmers' called ExeShield Deluxe. Not sure if it's any good but the link is:
http://www.webstylerzone.com/en/index.htm
On the topic of ASProtect, i emailed the author several weeks back asking about the upgrade policy and never got a reply which fits in with what i've read about the support not being too good. I'm a registered user of ASPack too, but perhaps it was just a one off. ASProtect does look quite good though, especially if it can be made to work nicely with PureBasic.
Mat
-
sec
- Enthusiast
- Posts: 792
- Joined: Sat Aug 09, 2003 3:13 am
- Location: 90-61-92 // EU or ASIA
- Contact:
REG_CRYPT_BEGIN
REG_CRYPT_END
Maybe, is macroS or constant valueS that included in somewhere? if so, asprotect engine can to find part of that code and encrypt them then insert decrypt engine and encrypted code to some in your target (protected program).
So need to figure out what's REG_* that used.
REG_CRYPT_END
Maybe, is macroS or constant valueS that included in somewhere? if so, asprotect engine can to find part of that code and encrypt them then insert decrypt engine and encrypted code to some in your target (protected program).
So need to figure out what's REG_* that used.
I found this on the internet. : http://www.pelock.prv.pl/
The demo seems to work fine with purebasic, and i havent found an unlocker for it.
I talked to the author and he responded after 3 hours, and said that a new version is on its way and will be in probaly 2 months.
It has some good functionalities, and you dont have to use the license system with it if you dont want too.
It adds verry little to your app, and also packs it. (i tried with a 22kb PB app, after protection it was 27).
(btw, its not because i get paid for telling you about it, i just find it really nice)
other free ones i have looked at:
http://pespin.w.interia.pl/ (PEspin, last update 29.07.2004)
http://yodap.cjb.net/ (Yodas Protector, last update 26/10/2004)
@Pupil:
Ill try that, thanks
@shannara:
Yeah i also mistoke that, but i found out by looking at the program.
I have searched the net for a new version, but he seems to have quit the project..
@mrmat:
exeshield... Well i downloaded it, compiled my purebasic test program (22kb), i selected "start about Exeshield" and every other security option, so exeshield said one could not crack it.
and then i took my exe and just unpacked it within 50 miliseconds...
but anyway, it seems like it want to have 2 other files in the same dir as the app etc.
well i gave up.
The demo seems to work fine with purebasic, and i havent found an unlocker for it.
I talked to the author and he responded after 3 hours, and said that a new version is on its way and will be in probaly 2 months.
It has some good functionalities, and you dont have to use the license system with it if you dont want too.
It adds verry little to your app, and also packs it. (i tried with a 22kb PB app, after protection it was 27).
(btw, its not because i get paid for telling you about it, i just find it really nice)
other free ones i have looked at:
http://pespin.w.interia.pl/ (PEspin, last update 29.07.2004)
http://yodap.cjb.net/ (Yodas Protector, last update 26/10/2004)
@Pupil:
Ill try that, thanks
@shannara:
Yeah i also mistoke that, but i found out by looking at the program.
I have searched the net for a new version, but he seems to have quit the project..
@mrmat:
exeshield... Well i downloaded it, compiled my purebasic test program (22kb), i selected "start about Exeshield" and every other security option, so exeshield said one could not crack it.
and then i took my exe and just unpacked it within 50 miliseconds...
but anyway, it seems like it want to have 2 other files in the same dir as the app etc.
well i gave up.
Thanks TheFool for testing ExeShield Deluxe.
EXECryptor is another nice one. It has a 'OneTouch Trial' option that works with PureBasic but i don't know how to used the advanced features.
PELock looks interesting. I found a manual guide to removing the protection layer but no automated programs. When you say it works fine with PureBasic, did you try using the license keys and crypt/clear markers?thefool wrote:The demo seems to work fine with purebasic, and i havent found an unlocker for it.
EXECryptor is another nice one. It has a 'OneTouch Trial' option that works with PureBasic but i don't know how to used the advanced features.
Mat
I don't see a big difference in whether the method is manual or automatic. If there exists some way to remove the protection that is easily available on the web then a hacker can do it either way.
I think i've found out how to get the EXECryptor API to work with PureBasic, and it may be a similar approach with ASProtect and PELock so i'll post it here. Be warned it's a messy method
Code blocks to protect our code are marked like this (example 1):
This requires the /FIXED:NO parameter to be passed to the linker (read below). When EXECryptor runs on your exe it finds those markers and protects what is inbetween. Don't put the code into procedures, it must be placed directly around the code to protect.
Using the EXECryptor API is a bit more complicated. Another extra option needs to be passed to the linker POLink. One method of passing extra options is to copy PBCompiler and in a hex editor search in the copy for the text "polink.exe". Then change it to something else, say "molink.exe" so that our fake linker will get called instead of the original. There should be two changes to make (i think only the first is needed but it doesn't matter). Alternatively you could rename the linker to something else and replace it with your new file. Remember to make backups and do this in a different folder in case something goes wrong...
The file molink.exe could be something like:
All it does is call the original linker with some extra params. It would be nice if there was a built in way of specifying extra params for the linker... Compile the above with the /CONSOLE flag and create the ExeCryptor.def file which for the EXECryptor API example will be:
Each line after EXPORTS contains the name of a procedure to be entered into the export table (for this example EXECryptor_GetHardwareID).
Place the following in your PureBasic code to use the EXECryptor_GetHardwareID API (example 2):
Now call the modified PBCompiler (or the original if instead you renamed POLink) with the /EXE flag. That will compile the code and call the fake linker which will call POLink and create an executable with an export table.
Now run it through EXECryptor and the output should show "Found 2 marks" (if the first example of PureBasic is used) and "Detect EXECryptor API usage: GetHardwareID" (if the second example is used) . If that happens it should be working and you can use the APIs in your code. Give yourself a pat on the back and go eat some chocolate.
Edit: Tidied code slightly.
Edit2: It's much easier to use EXECryptor if you follow this guide: viewtopic.php?p=78515#78515
I think i've found out how to get the EXECryptor API to work with PureBasic, and it may be a similar approach with ASProtect and PELock so i'll post it here. Be warned it's a messy method
Code blocks to protect our code are marked like this (example 1):
Code: Select all
! DB 0EBh, 006h, 0EBh, 0FCh, 0EBh, 0FCh, 0FFh, 0F8h
; Protected PureBasic code goes here
! DB 0EBh, 006h, 0EBh, 0FCh, 0EBh, 0FCh, 0FFh, 0FFhUsing the EXECryptor API is a bit more complicated. Another extra option needs to be passed to the linker POLink. One method of passing extra options is to copy PBCompiler and in a hex editor search in the copy for the text "polink.exe". Then change it to something else, say "molink.exe" so that our fake linker will get called instead of the original. There should be two changes to make (i think only the first is needed but it doesn't matter). Alternatively you could rename the linker to something else and replace it with your new file. Remember to make backups and do this in a different folder in case something goes wrong...
The file molink.exe could be something like:
Code: Select all
params.s = ""
Repeat
value.s = ProgramParameter()
If value <> ""
params + " " + value
EndIf
Until value = ""
cmd.s = Space(255)
GetEnvironmentVariable_("comspec", cmd, 255)
WinExec_(cmd + " /c polink " + params + " /FIXED:NO /DEF:ExeCryptor.def", #SW_SHOWNORMAL)Code: Select all
EXPORTS
EXECryptor_GetHardwareIDPlace the following in your PureBasic code to use the EXECryptor_GetHardwareID API (example 2):
Code: Select all
!public _EXECryptor_GetHardwareID
ProcedureDLL EXECryptor_GetHardwareID()
!db 090h,090h,090h,090h
EndProcedureNow run it through EXECryptor and the output should show "Found 2 marks" (if the first example of PureBasic is used) and "Detect EXECryptor API usage: GetHardwareID" (if the second example is used) . If that happens it should be working and you can use the APIs in your code. Give yourself a pat on the back and go eat some chocolate.
Edit: Tidied code slightly.
Edit2: It's much easier to use EXECryptor if you follow this guide: viewtopic.php?p=78515#78515
Last edited by MrMat on Wed Jan 19, 2005 6:02 pm, edited 2 times in total.
Mat