Trial Analysis of Microsoft software authorization and Protection Service (slps)

I have been racking my brains these days to design an authorization method to protect my components. Today I read my colleague's tech2007 lecture from Guangzhou, it mentions Microsoft's software authorization and Protection Service (slps) and is very interested in it.

Some friends in the garden once introduced: http://www.cnblogs.com/njnudt/archive/2007/07/12/815625.html

But to search online, there is only one page with relevant information, which is the lecture of the Shanghai Station, fortunately, found a connection http://www.microsoft.com/slps/
Open read the introduction, download now: http://www.microsoft.com/downloads/details.aspx? Familyid = 7ae70aaa-8b7c-4e3a-af83-b71b6877705b & displaylang = en

Install and try it out. I have to enter the user name and password as soon as I start, but no matter how I lose it, it is wrong. I had to cancel it and then read the manual to know that it was required to be authorized on the official server, if no authorization is available, this function can only protect the product, but cannot authorize and control the product, and can only protect three methods.

Add several Program Set, protect, and then use reflector to open the methods I chose to encrypt. No exception is reported.
The content of the method body is changed to the following: Public   Static   Void Writeline ( String MSG)
{
Object [] ARGs =   New   Object [] {MSG };
Slmruntime. svmexecmethod ( Null , " B0199ec367594bd1b03b3fb29ff12f86 " , ArgS );
}

When you use reflector to view various types of the SLP, you also find that all public methods are written in this way. Slmruntime. svmexecmethod This door god.
The first parameter is null in the static method and this in the instance method may be used for reflection. The second parameter seems to be a hash of the method name, the third method is the parameter array. Even if there is no parameter, an array without elements should be constructed.
This method Code : Public   Static   Object Svmexecmethod ( Object OBJ, String Sv1_hodid, Object [] ARGs)
{
Assembly callingassembly = Assembly. getcallingassembly ();
Trivialvirtualmachineparamsreader paramsreader =   New Trivialvirtualmachineparamsreader (OBJ, argS );
Return Internalsvmexecmethod (callingassembly, svw.hodid, paramsreader );
}

Go in again: Public   Static   Object Internalsvmexecmethod (Assembly declaringassembly, String Sv1_hodid, islmvirtualmachineparams paramsreader)
{
Using (Islmruntime Runtime =   New Slmruntime ( Null , Declaringassembly, True ))
{
Return Runtime. SVM. svmexecmethod (declaringassembly, sv1_hodid, paramsreader );
}
}

SVM alreadyIslmvirtualmachineInterface. We cannot find the implementation of SVM. svmexecmethod.
Looking back, after the Assembly is encrypted (for the moment, this is called), not only have those methods changed, but there are several more files, namely, encryption.
The 1cc06_2 of the third file is the default authorization obtained after I install the SLP, And the last file is the authorization manager. The first and second files are the same as those in the installation directory of the SLP. It seems that the third file is generated on a temporary basis, and the name in it is very confusing. The class names are both two letters, and the method name and attribute name are both uppercase letters.
Check the third file carefully and find that there is a fu class implementation in it.IslmvirtualmachineInterface, but only oneMicrosoft. Licensing.SlmruntimeredirectClass uses the fu class.SlmruntimeredirectThere is just a svmexecmethod method. Most of the double-letter class methods above call this method, which may be self-protected.
It seems that the fu class is the key. The contents are confused, so I won't say much.
The analysis noticed that the main method of Fu calls a BB class, And the BB class implements interfaces such as slmlicenses. Then let's look at the content of this class. Obviously, this is an authorization control file, this is probably the weakness of the SLP.

From the above analysis, we can see that the SLP is very powerful and easy to use, but it is still complete after all. net implementation, there are still weaknesses. I will not talk about how to use it, and I will not think about it. If you think of it, don't forget to tell me! Pai_^

QQ: 99363590
Email: gxuhy@21cn.com
Http://www.nnhy.org