Stealing EXE !

[neufuse Veteran]

just open an exe in debuger and you have the assembly code, real hard to do right? well that ASM code can very painfully be converted to any languge if you have the right converter... and it will never be exactly the same as the original source unless you have the symbols listing

[Elagizy]

but it can be used for cracking exe files.. :)

585263318[/snapback]

u say it can,right then i will not use it in cracking but i will call it anti cracking tricks

....

thank u man

[neufuse Veteran]

u say it can,right then i will not use it in cracking but i will call it anti cracking tricks

....

thank u man

585263354[/snapback]

"anti-cracking" is impossible theoretically on computers... everything can be cracked it just takes time

[Elagizy]

"anti-cracking" is impossible theoretically on computers... everything can be cracked it just takes time

585263360[/snapback]

you didn't complete the word "trick" , have you heard about tricks in programming, you can program a code ( i used it in making security ) that has no meaning, but has an important function about the security , or in other way "you made the cracker think in a wrong way" ;)

[dhavalhirdhav]

right.. nothing is unbreakable..

btwn Elagizy, you require to learn x86 Assembly, to do modification of exe and also you require plenty of knowledge before you try out anything.. it got lots of risk involved.. just taking backup is not enough.. if you try softice then beware.. its for very very advanced users..

[dhavalhirdhav]

nah.. nothing is uncrackable.. crackers are good enough to crack anything.. do you think that Windows, or Dreamweaver or Maya or 3D Max doesnt have good anti-cracking techniques? then think again.. dont be over confident.. just give it a thought.

[Elagizy]

nah.. nothing is uncrackable.. crackers are good enough to crack anything.. do you think that Windows, or Dreamweaver or Maya or 3D Max doesnt have good anti-cracking techniques? then think again.. dont be over confident.. just give it a thought.

585263404[/snapback]

BTW... i added "trick" word cause that word mean when the trick is recognized by the cracker ... its over, and about techniques .... is the "activation online" is great techniques in the world :D

[neufuse Veteran]

BTW... i added "trick" word  cause that word mean when the trick is recognized by the cracker ... its over, and about techniques .... is the "activation online" is great techniques in the world :D

585263421[/snapback]

online activation is crackable too... and tricks do nothing, people know what to look for and what to ignore

[dhavalhirdhav]

BTW... i added "trick" word  cause that word mean when the trick is recognized by the cracker ... its over, and about techniques .... is the "activation online" is great techniques in the world :D

585263421[/snapback]

a simple explanation why softwares are crackable..

user who uses the application, has got hold of .exe file or any file which is require for running the particular software, now if that software is checking that if this thing is done then only allow to run software.. use Win32DASM, and change that condition.. return always true in that conditoin and woohllaaaa.. it cracked...

now one more.. activation.. same way.. tell software that it has activated so it wont ask again for activation..

another one.. if you say software wont run, they needs to download file over the internet first then only software will run.. well, I will download file and pass it to my friend.. and it worked :)

ok this one.. have a hardware device attached to computer, which will check that hardware and then only will allow to use software.. hmm u can develop software, which will act as a hardware emulator...

now as you said earlier... your one just pointing it to some other function which makes cracker confused... well, what cracker will do is.. simple just dont allow that application to go in that conditoin or function..

and as you said.. you can tell the logic but not the code.. well, just tell me logic, and I will let you know how crackers will crack it.

[Post-It Note]

There are several languages that can be decompiled:

VB 1 to 4 (5 and 6, if compiled using p-code)

.NET (if it isn't protected and so forth) and anything that uses the .net framework (Delphi.net)

Java

and others. No-one actually disassemble programs then convert it to a higher level language. Most of the time, they just use tools like softice to see how very small parts of the code work.

Anyways, reverse engineering, for nearly all purposes, is illegal.

[Elagizy]

great man ...........

i will tell you 2 logics , cause i don't know ur skills in this ..

1- security system will depend on hardware ( HDD serial ) then encoding it to numbers and if every 1st 2 numbers ( after encoding ) will have an alternative number which is Authorization Code ( so we got 01 to 99 numbers ) ..... don't tell me making KEYgen will gonna work ..... and after programing that make a (EX VB : public sub ajskhdakjhad ()," or you can name it a feature in your prog ( and that is the trick " ) and on each button in your prog call this sub to check the authorization code which is saved in a file in other path .........

hope u solve it ;) Preparing the 2nd logic

[LAD]

lol, you should learn assembly first before you can talk about "cracking", because if all you know are the hi-level langs like C/C++ (or amateur VB), then you can stop wasting your time. Beside, what make you think that you can create an "unbreakable" protection while none of the big corp with money & resources can't?

[dhavalhirdhav]

great man ...........

i will tell you 2 logics , cause i don't know ur skills in this ..

1- security system will depend on hardware ( HDD serial ) then encoding it to numbers and if every 1st 2 numbers ( after encoding ) will have an alternative number which is Authorization Code  ( so we got 01 to 99 numbers ) ..... don't tell me making KEYgen will gonna work ..... and after programing that make a (EX VB :  public  sub  ajskhdakjhad ()," or  you can name it a feature in your prog ( and that is the trick " ) and on each button in your prog call this sub to check the authorization code which is saved in a file in other path .........

hope u solve it ;) Preparing the 2nd logic

585263540[/snapback]

HDD serial number, is a very old way of protecting.. which gets cracked easily.. simple as this.. do W32DASM.. and check the call for HDD Serial number.. just replace it with some dummy number or the one which already worked.. or just change its bytes to nill so that this function doesnt get call.. and also do same for VB.. and at some point exe file will be checking for the validation, whether this validation was perfect or not.. now what you can do in this is.. just replace the call of wrong validation with the right validation call.. and then whether condition is true or false it will go for right validation all the time.. or just replace the condition. .replacing condition will be pretty tough.. instead changing call to particular stuff will be much better.

[Banjo]

http://www.geocities.com/imdeathspawn/

with

http://home.t-online.de/home/Ollydbg/

http://webhost.kemtel.ru/~sen/ (shareware)

and

http://www.chmaas.handshake.de/delphi/free...xvi32/xvi32.htm

Complete the first link with programs listed and anything else it says you need in the tutorial. Move on the the application challenges at http://www.hackthissite.org and http://www.hackquest.de and try some other programs that you find

[Elagizy]

2-

A security system depends on the number of opened process ( ctrl+alt+del ), put a value ( authorization code ) for each number between ( 1 to 500 , i think no one will have more than 500 or he is crazy ) where no value has no relation to the other ( so there is no keygen can be made ) after that make a timer each 3 minutes check the value of authorization code which saved in a file and saved also in other file ( which is used by program in other functions ) by using a trick ( public sub ) and if the crack is found, then the program will know that, by making a variable which confirm that Authorization code is confirmed and checked , if the variable came with a code which means its not confirmed ( EX if a = "Form1.WMP.PLay" another trick ), then from a secret link in your website have a page which has another code ... let the program read this code and if its confirmed that is crack then let ur program read the code from the website then save it to file which saved file in another path , and finally make the prog check this code and then self damage to ur prog ( "PROGRAM CORRUPTED") ;)

[Elagizy]

http://www.geocities.com/imdeathspawn/

with

http://home.t-online.de/home/Ollydbg/

http://webhost.kemtel.ru/~sen/ (shareware)

and

http://www.chmaas.handshake.de/delphi/free...xvi32/xvi32.htm

Complete the first link with programs listed and anything else it says you need in the tutorial. Move on the the application challenges at http://www.hackthissite.org and http://www.hackquest.de and try some other programs that you find

585263647[/snapback]

Thanks man thats really helpful

[dhavalhirdhav]

2-

A security system depends on the number of opened process ( ctrl+alt+del ), put a value ( authorization code ) for each number between ( 1 to 500 , i think no one will have more than 500 or he is crazy ) where no value has no relation to the other ( so there is no keygen can be made ) after that make a timer each 3 minutes  check the value of authorization code  which saved in a file and saved also in other file ( which is used by program in other functions ) by using a trick ( public sub ) and if the crack is found, then the program will know that, by making a variable which confirm that Authorization code is confirmed and checked , if the variable came with a code which means its not confirmed ( EX if a = "Form1.WMP.PLay" another trick ), then from a secret link in your website have a page which has another code ... let the program read this code and if its confirmed that is crack then let ur program read the code from the website then save it to file which saved file in another path , and finally make the prog check this code and then self damage to ur prog ( "PROGRAM CORRUPTED") ;)

585263652[/snapback]

well, sorry I didnt get u... what u mean by process value?? if you mean by applicatin processes.. well, you can change those values.. Windows wont allow.. and abt relationship to each other... check out something called DDE, Win32 APIs and stuffs.. without relation of each other process you cant have multi tasking and multi threading.. as well, apps communication with each other.

btwn what cracker can do is.. simple dont allow that validation thing to execute.. rather it will be harder instead of that.. simple change that "PROGRAM CORRUPTED" thing to call the thing which perfect validation calls up :)

its very simple illustration man.. user or cracker got hold of whole thing.. he can do anything that he wants.. and no one will be able to stop.. if you want to play around with Windows as well.. try out reshack

it will allow you to change button positions of property dialog box and lots of things..

[Elagizy]

lol, you should learn assembly first before you can talk about "cracking", because if all you know are the hi-level langs like C/C++ (or amateur VB), then you can stop wasting your time. Beside, what make you think that you can create an "unbreakable" protection while none of the big corp with money & resources can't?

585263603[/snapback]

lol , u seem talking about programming languages and the skills in that , do you know that i respect Logicans who puts logics than programmers because the program is held by a logic , bad logic makes your program hangs or make your program slowly by giving a lot of codes ..... beginner make a prog in 1000 lines , prof can make it in 50 lines ( thats the logic ) and i didn't say that i'm perfect in putting logics or programming .... um just a small programmer who knows some small information and use this info in making gr8t thing who no body thought about it before ( and that is the idea )

why you see ppl play dos games until now and there is HL2 and doom 3 ... etc !!!

[zhangm Supervisor]

Only way to make anything uncrackable is to release it as freeware. ;)

Hardened security will only make crackers try harder.

[Coolme]

Reverse Enginnering

[Winston]

Elagizy, gosh, dude, i read the whole thread, not one of your posts made sense. Sorry.

Are you even here to ask about how decompilation works? Or are you trying to be smart and explain to us that you've implemented some unbreakable method that will prevent decompilation from happening?

[Elagizy]

well, sorry I didnt get u... what u mean by process value?? if you mean by applicatin processes.. well, you can change those values.. Windows wont allow.. and abt relationship to each other... check out something called DDE, Win32 APIs and stuffs.. without relation of each other process you cant have multi tasking and multi threading.. as well, apps communication with each other.

btwn what cracker can do is.. simple dont allow that validation thing to execute.. rather it will be harder instead of that.. simple change that "PROGRAM CORRUPTED" thing to call the thing which perfect validation calls up :)

its very simple illustration man.. user or cracker got hold of whole thing.. he can do anything that he wants.. and no one will be able to stop.. if you want to play around with Windows as well.. try out reshack

it will allow you to change button positions of property dialog box and lots of things..

585263700[/snapback]

seems not understanded logic 2 at all, that will be hard to be solved , cause if he call "program corruptred" , so what is the advantage of the timer which checks the value every 3 time ...

BTW cracker must made a solution before the sentences "if the crack is found, then the program will know that ....etc" and make another solution after that sentences cause calling a value from a website will not happen only if the program know that the prog is cracked ..... and so the cracker will make crack ("Finally i did it ") and after another 3 minutes of prog , self destruction ( the cracker shocked then he became confused ) ....... try reading the 2nd logic and wat about the 1st one ?

[Elagizy]

Elagizy, gosh, dude, i read the whole thread, not one of your posts made sense. Sorry.

Are you even here to ask about how decompilation works? Or are you trying to be smart and explain to us that you've implemented some unbreakable method that will prevent decompilation from happening?

585263744[/snapback]

no thats ur opinion , but if u read the whole thread you will find that i said i use "decompilation" in peace purpose like "anti-cracker tricks" ,they didn't belive me and then we are here .......

winston, i know u have great experience , but u know the disadvantages of forums is that there is posts and u seem confused as you are reading a story ( if we made forums seems like chating ;) ... it will be cool )

[dhavalhirdhav]

seems not understanded logic 2 at all, that will be hard to be solved , cause if he call "program corruptred" , so what is the advantage of the timer which checks the value every 3 time ...

BTW cracker must made a solution before the sentences "if the crack is found, then the program will know that ....etc" and make another solution after that sentences cause calling a value from a website will not happen only if the program know that the prog is cracked ..... and so the cracker will make crack ("Finally i did it ") and after another 3 minutes of prog , self destruction ( the cracker shocked then he became confused ) ....... try reading the 2nd logic and wat about the 1st one ?

585263759[/snapback]

abe not undestandig logic 2 is not coz its hard to solve.. because explanation is not proper.

ok.. what cracker will do in this case is.. ok he cracked the prob for the first ime.. then after 3 mins prog itself checks.. hmm so that timer it self is coded in the software right??? how about disabling it?? and well, let it be enabled only.. but when its going to a site.. that site address is coded in the software only right?? how abt redirecting it to some other site.. or how abt just simulating the software that it has redirected and got the value.. ok url is not coded in the software but its stored somewhere in the file.. so just change that file.. or anyhow u will get the url in the software.. just change that url.

[neufuse Veteran]

you're trying to win an impossible war, and the worst thing about it, is the fact your knowledge on it is obviously very low... people who have been doing this their entire lives and know the ins and outs of every single system still can't pull it off, so there is very little chance that you would do it... mainly because its impossible

[_Pablo]

2-

A security system depends on the number of opened process ( ctrl+alt+del ), put a value ( authorization code ) for each number between ( 1 to 500 , i think no one will have more than 500 or he is crazy ) where no value has no relation to the other ( so there is no keygen can be made ) after that make a timer each 3 minutes  check the value of authorization code  which saved in a file and saved also in other file ( which is used by program in other functions ) by using a trick ( public sub ) and if the crack is found, then the program will know that, by making a variable which confirm that Authorization code is confirmed and checked , if the variable came with a code which means its not confirmed ( EX if a = "Form1.WMP.PLay" another trick ), then from a secret link in your website have a page which has another code ... let the program read this code and if its confirmed that is crack then let ur program read the code from the website then save it to file which saved file in another path , and finally make the prog check this code and then self damage to ur prog ( "PROGRAM CORRUPTED") ;)

585263652[/snapback]

Think about it for a moment - you don't even understand what an EXE file is, let alone anything lower level, but you are going to defeat hardcore crackers who understand the thing from top to bottom.

Lame tricks don't work, security through obscurity is a non-starter - every cracker worth his salt would use a file monitor and network monitor to instantly spot this "scheme" and then just a couple of NOPs would render it useless. It may stop the casual copier - but a simple key stops 95% if them anyway.

But none of this matters as it's quite obvious you lack any in depth understanding of the problem at hand - you scheme assumes the crackers are stupid, the best crackers are as good as the best security makers - that's why the battle continues.