Page 1 of 3
.NET bad news for protector apps?
Posted: Sun Dec 04, 2005 6:39 pm
by utopiomania
I've just learned that an exe compiled by a MS .NET app goes through a second compile the first
time it's run on a user's machine, called a JIT (Just In Time) compile.
The second compile is to make shure the final app is supposed to be optimised for the user's
platform (ie 98SE), but where does that leave third party protectors?
If I didn't get this all wrong, I only have to assume they have some kind of hard protection
against piracy up they're sleeves
As in cooperating with Intel or something..
Posted: Mon Dec 05, 2005 9:45 pm
by josku_x
Maybe, but just do a search thourgh Google for a M$ app, and you'll find a bunch or pirated copies..
Even how you try to secure your files there is still someone who can crack it.
Sorry, I don't want to use that kind of words like: crack, but life is life!
Posted: Mon Dec 05, 2005 10:38 pm
by utopiomania
Even how you try to secure your files there is still someone who can crack it.
This usually has no relevance at all, since it's obvious. The question is rather for how long a protected program can be
expected to stand up to attempts to crack it. As far as I can see, the best protectors are more than good enough.
I just wonder how much this .NET JIT compile is going to hurt those protectors. Too bad if it's back to square one.
Posted: Tue Dec 06, 2005 2:35 pm
by josku_x
Sadly I don't have .NEt to test it...
BTW, do you think MoleBox is good?
I use it to "secure" my apps.
Posted: Wed Dec 07, 2005 10:01 am
by utopiomania
Hi Josku_x, I haven't any experience with molebox, so I don't know. I looked it up, and it seems it to be good at packing and
protecting files, but I'm not so shure about it's ability to protect apps from beiing cracked, but it might be good enough.
Posted: Wed Dec 07, 2005 11:28 pm
by thefool
josku_x wrote:
BTW, do you think MoleBox is good?
I use it to "secure" my apps.
I just used some minutes on searching the usual places and google too, and i couldt find a molebox decrypter. However this of course doesnt say that it cant be debugged.
Could you use molebox on an exe created from the following example and upload? :
Code: Select all
OpenConsole()
Print("Password: ")
password.s=Input()
PrintN("")
If password="the_correct"
Print("Correct password!")
Input()
Else
Print("Wrong password!")
Input()
EndIf
Posted: Fri Dec 09, 2005 7:25 am
by josku_x
Posted: Fri Dec 09, 2005 1:41 pm
by josku_x
Ok, here is the file:
http://k.1asphost.com/joskux/MoleBoxTest.file
Just rename the ".file" to ".zip" after download, because my host doesn't allow archives.
---------------
The zip includes two files, one with no encryption and packing (MoleBoxTestNormal.exe) and one encrypted and packed file (MoleBoxTestPacked.exe)
So the MoleBoxTestPacked.exe is the file you want to look through.
Also, I changed the password in the PureBasic source, so you won't trick me
---------------
Have fun! Let's see if you can do it!
EDIT: The only down side with Molebox is it adds 50Kb to the exe, but that isn't bad..
Posted: Fri Dec 09, 2005 2:47 pm
by thefool
holy_cow 50 kbytes??
no it isnt much. however ill just try a quick disassembling session
normal test is cracked in about 20 seconds.
Posted: Fri Dec 09, 2005 2:51 pm
by thefool
WARNING UTOPIMANIA: here is a little warning about your beloved execryptor!
People beleive that "Code obfuscated by EXECryptor really becomes significantly more difficult to reverse compared to plain IA-32 code."
This isn't so tough to reverse so long as the reverser can sniff the opaque predicates or any other technique used by this software.
Regards
--
Girls - Ghosts in real life, Stay away from them
ยป login or register to post comments
Execryptor
Submitted by testrabbit on Sun, 2005-12-04 08:55.
After the crackmes have been defeated, it seems that Strongbit has gone out of business. I know someone who wanted to purchase a license, but they don't respond for weeks now.
the easier way would be to
Submitted by witeg on Thu, 2005-12-08 10:10.
the easier way would be to fix a serial-check procedure. its easy ;]
Posted: Fri Dec 09, 2005 3:28 pm
by josku_x
thefool, that what you cracked was the not encrypted file... try tthe other one, that is encrypted... so try MoleBoxTestPacked.exe
Let's see.
Posted: Fri Dec 09, 2005 3:34 pm
by thefool
josku_x wrote:thefool, that what you cracked was the not encrypted file... try tthe other one, that is encrypted... so try MoleBoxTestPacked.exe
Let's see.
I know
however i have tested about 10 different OEP finders, and no one have done anything yet. Still trying to dump the file :/
Posted: Fri Dec 09, 2005 3:38 pm
by josku_x
THose are good results to me..
Also, if any PB user is interested in MoleBox, check
http://www.molebox.com/
Here's a quote from the MoleBox help file:
MoleBox supports applications created with major C++ compilers (Intel C++, Microsoft Visual C++, Borland C++ Buider), Borland Delphi, Microsoft Visual Basic, Blitz Basic, Pure Basic. MoleBox is fully compatible with Win32 standard PE format.
MoleBox is also compatible with Visual FoxPro, WinDev, 3D GameStudio, Macromedia Director projects (packing these projects require to reserve the executable file name and add the exe file second time as a data file).
MoleBox packing utility and moleboxed program work on Windows systems including Windows 95, 98, ME, NT, 2000, XP, upto Windows XP SP2. Recommended systems are Windows 2000 and XP.
This doesn't just hear sweet, you can make patches and updates to your program without distributing it again! For example a 20MB game needs to be updated, like adding more audio, you can make just a 500Kb file instead of a new 20MB file!
And it is very very very easy to use!
Posted: Fri Dec 09, 2005 3:45 pm
by thefool
i know its quite good..
COULD you do me a favour of creating a version of the crackme wich uses an messagerequester?
Code: Select all
OpenConsole()
Print("Password: ")
password.s=Input()
PrintN("")
If password="the_correct"
messagerequester("Bingo!", "Correct password")
Input()
Else
messagerequester("sorry","Wrong password")
Input()
EndIf
edit: Notice i CAN read the password from the memory view so its not protected until used, its just deprotected on runtime.
Posted: Fri Dec 09, 2005 4:22 pm
by josku_x
Ok, it is uploaded.
Here is the file:
http://k.1asphost.com/joskux/HardCrackme.file
Again, after download rename ".file" to ".zip"
----------------
The zip includes HardCrackme.exe, which is not secured nor packed whatsoever and HardCrackmeP.exe, which is strongly encrypted with MoleBox.
----------------
Good luck.
