HI Al.
Yeah, you hit pretty much on the head what happens, although not sure about
the rebuilding of the EXE bit tho.
Normally the hacker/cracker does look for JE or JNE in ASM and comments this
out, i.e. if you have a rego code, the would disassemble the program, look
for a string reff. to "Enter Registration" or some such thing, and then note
the offsets, goto a hacking tool, goto that offset, and look ofor JNE (jump
if not equal) and chenge it to JE (jump if equal) or infact even change JE
to JNE.....owww sounds like I have done this before right ? Well I have ,
bsaically to explore the vunrability of my own programs.
And when you get to this stage, not matter HOW much encryption you put in,
it all most always comes down to JW or JNE in ASM.
BUT iN saying that, I downloaded VBox which is a wee tool that gives the
user say 30days to trial your software, after that it stops running.
The intersting thing about this tool is, that it embeds itself INTO your
program !
AND I had a hell ofa time trying to crack my program with VBOX in it...and
gave up !
Might be worth a look into.
BUT I have seen cracks around fot VBOX, but not suer if they work or not.
I noticed that Symatec's (Nortons) have started using it in their products
now.
Cheers, Jeremy Coulter
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Alistair George
> Sent: Friday, August 13, 1999 07:36
> To: Multiple recipients of list offtopic
> Subject: [DUG-OFFTOPIC]: Cracks
>
>
> Hi All. Not sure if this should be offtopic, but......
> Have found that there is a crack on the net for my software
> (fortunately its
> out of date).
> This is a surprise to me, because the reg code I use is very powerful and
> uses 32-bit encryption on several different checks, including the
> hdserialnumber.
> Which makes me think, and maybe you can confirm that:
> Do these buggers do a dissasembly, and check for program patterns which
> typify startup reg code. EG conditional jumps in the startup code
> which may
> indicate registration checks.
> It would appear so, because what their crack code does is rebuild the EXE.
>
> If so, that is interesting to me, because it leads to another aspect of
> software protection which is outside the regimes of software protection
> components, in that the protection is lost due to the vulnerability of the
> EXE itself. Or, to be clearer, if a regcheck is done at the start of a
> program by you, and it is correct, you set one boolean variable right? If
> that can be cracked, the whole program is then compromised.
> Thanks,
> Al+
>
> ------------------------------------------------------------------
> ---------
> New Zealand Delphi Users group - Offtopic List - [EMAIL PROTECTED]
> Website: http://www.delphi.org.nz
>
---------------------------------------------------------------------------
New Zealand Delphi Users group - Offtopic List - [EMAIL PROTECTED]
Website: http://www.delphi.org.nz
