Talking about how to share software without being ravaged by violence

This article from the Spring Trade software Studio reprint please specify http://www.qmboy.com

Sharing software is the most popular topic in the software industry in the world at present, especially in China. Tens of thousands of programmers with great enthusiasm into the field, are looking forward to hard work to obtain a rich return, but, the reality is not so, the vast majority of people are drubbing. It is noteworthy that, in addition to the software design and technical reasons, the biggest reason is that the shared pieces are cracked (Crack) ...

Face crack

A share of the author, the face of the gang has formed a number of crack master, what the domestic CCG, BCG, foreign Egis, King, Core, TNT, damn and TMG, are the level of first-class crack organization. Not less than 80% of the world's pirated software by their cracked, technical strength even big software companies can not be belittled.

See here, have you been discouraged? Don't be afraid, although we are theoretically unable to completely avoid being cracked, but if we can effectively delay the time of the break, and fully combat the self-confidence of the cracker, it is possible for the cracker can not endure this torture and eventually give up.

Cracked, there are usually two ways of doing it-brute force (bursting) and writing register machine. The author of my own accumulated experience to explain in turn each of the principles and methods of cracking methods, some key examples of interpretation (Delphi code), using C + + and VB friends can modify a little bit by themselves. Hopefully this will help some novices to protect their work more effectively.

Understanding Brute force cracking

Brute force is called "blasting", which is the most common and easiest way to crack. This method is best for dealing with software that does not have CRC check, and the novice is willing to use it.

Generally shared parts, verify whether the registration is mostly using the IF condition statement to judge, even if you adopt what RSA or ECC and other powerful encryption algorithm, also unavoidable use if condition statement. This is the most dangerous place to share, and it is the goal that the novice of the blast seeks.
For example, your registration function is similar to the following:

Digital signature verification of registration code using RSA

If rsaverify MD5 Key MD5 Code e n Then
ShowMessage ' Registered success! '
Else
ShowMessage ' Registration failed! '

Here key is the user input registration code, is sent by you to the registered users, code is automatically calculated according to the user name entered the registration code, E is the RSA algorithm of the public key, and N is the RSA algorithm modulus.

First time

The above example registers the function even if uses the strong RSA algorithm to carry on the registration code verification, but is still very easy to be cracked, we only need to change here to:

Change logical judgment to No

If not rsaverify MD5 Key MD5 Code e n Then
ShowMessage ' Registered success! '
Else
ShowMessage ' Registration failed! '

At this time the dramatic results will be generated: Enter any registration code can be registered, instead of entering the correct registration code is not registered.

To crack such software must first disassembly or tracking your program, to find the registration code to determine the CMP, test and other assembly instructions after the key jump command, usually JE, JZ, such as assembly instructions, modify them to jne or jnz can, so often only need to modify a byte can be perfectly cracked.

At present, most of the shared pieces are judged by the above methods, which is why the software has been cracked online the main reason. Because it's so easy to hack ...

The second time to wrestle

In fact, as long as the software's key code embedded in the registration code or registration file can be fully prevented from cracking.

The simplest way is to make a small DLL (dynamic link library) with the key code (the most critical and simplest function of your software function), and encrypt it with the powerful symmetric algorithm (the key can be a fixed part of the main program or the character hash value of the shell) into a registration file (license file, This format is only known to you), or the BASE64 encoding forms a registry file that users can double-click to import into the registry.

The verification process is as follows: When the registered user verifies the registration code, it first verifies that there are no files and that no files are naturally restricted. If there is a registration file, a small temporary file is generated after decryption. If the main program is shelled or modified (blasting), the natural hash value of the password does not match, the decryption is definitely garbage code, no use. Only the main program that has not been modified can decode correctly, and of course
Only if the correct file is decrypted is a real DLL, the GetProcAddress function can find the address of the key function to be called. This allows only registered users to enjoy the full functionality of your software. This makes it difficult for cracker to hack your software.

First of all, if he does not have a registration file, even if he shelled the main program, because the restricted part and the registration file is related, he can not repair complete.

Second, even if he got your registration file, because it is the encryption file, he can not directly use, so he forced him to dismantle your algorithm, this is the last thing they want to meet AH! If this step, only the real research on cryptographic algorithms Cracker Master will continue to crack down.

Third, you can use the little tricks to make his hack work more complex. Here I recommend that you use the DSA public key encryption algorithm, which, like RSA, can be digitally signed (RSA can also be encrypted, DSA can only be digitally signed). The reason for this is that it has a very practical feature: the random number filling mechanism. That is, DSA each signature to use a random number k, because of the existence of this k, even if the same user name and machine identifier, the DSA is encrypted by each registration file will not be the same. This is a huge hurdle for cracker to dismantle your registration file.

Finally, even if he gets the decrypted DLL, he needs to drastically modify the main program or remove the key code from your DLL to add it to the main executable file. It depends on how well he understands the PE file format. Even so, if your program has a lot of hash check and death code, you are patiently waiting for our lovely comrade cracker to vomit blood ... ：）

Finally, remember: After using the DLL temporary files removed from memory immediately after the DLL and deleted, and note that before decryption, the system has no filemon this threat of a large detector:

Spring trade | software Customization | hack | Marketing Software | website design | SOFTWARE Services | data acquisition | Software Design | Research and development | Software Studio | MOBILE Development | protocol Analysis | Android iOS

Detection Filemon

function Detectfilemon Boolean
Begin
If CreateFile PChar ' \\.\filevxd '
Generic_read or Generic_wri
TE
File_share_read or File_shar
E_write
Nil
Open_existing
File_attribute_normal
0 <> Invalid_handle_value Then
Result = True//If there is, turn off the machine!
Else
Result = False
End

Of course, you can protect it better: instead of using a temporary DLL, use the WriteProcessMemory API function to write the decrypted key code to the specified location of the memory page of the main executable's own process (Committed). This makes it more difficult to crack because there are no temporary files decrypted on the disk. In fact, the most powerful professional protection software Amadillo in the world today is the way it is used. And this method can fully prevent the debugger from being dump. But it is difficult to implement, especially in the operating system after Winnt 5.
Because this method only associates the registration file with the restricted code, the Demoman gets your software only to stare. It is recommended that you add functional limits to your shared pieces, which is more secure than time and frequency limits.

 

=========================================================
Spring Trade Software Studio
to undertake small and medium-sized Windows desktop software development, software cracking and reverse. Kernel software development. offline, protocol analysis. Languages used: C + +, C.
undertake a variety of outsourcing projects, interface development projects. Development of various framework platforms for JAVA, C # language. The
provides solutions to various problems of the system, solves the system crash problem, and provides the installation plan.
Official website:  http:// www.svch0st.com   Contact Q1483187 191968212    phone 18810615383

Http://www.qmboy.com
=========================================================

This article is from the "Spring Trade software Studio" blog, please be sure to keep this source http://liquan165.blog.51cto.com/1591833/1683576

Talking about how to share software without being ravaged by violence