Jump to content
Tuts 4 You

How did SnD crack my software?

sandeep

By sandeep
in Software Security

Recommended Posts

ghandi

ghandi

Posted
Posted

Um, no, why would it be?

There is software which operates like this everywhere. Where it is a problem to distribute proprietary algorithms securely, what is the problem of offering a service that users can access and receive resutls? Stock market software does this, SoftWrap PE protector does this, what is the issue with the bandwidth and disk space available these days?

IP logging and such is something which has to be done as a matter of security, you cannot simply let any anonymous person access your server. o0

Once again, i fail to see how this can be spying when the customer has already given their details when purchasing a license/subscription, especially if the license is hardware tied anyway.

Could you please elaborate a little on what you mean?

HR,

Ghandi

  • Replies 54
  • Created
  • Last Reply

Top Posters In This Topic

  • sandeep

    8

  • xsp!d3r

    4

  • mrexodia

    4

  • SkyProud

    4

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

kao
kao

I can't answer for SnD, but from a first look your "protection" seems to be trivial. de4dot takes care of .NET Reactor layer. After that - any .NET decompiler will produce readable and understandable

EmberTheVulpix
EmberTheVulpix

I don't see why people are recommending Themida for a .NET application. Themida will just shell the .NET app and offer no obfuscation. It would be a complete waste of money. Honestly, .NET as a whole

ghandi
ghandi

Read and watch as many tutorials on different copy protection systems, learn how to reverse engineer for yourself and gain the knowledge/skills necessary to identify and remove/rectify weaknesses in y

sandeep

sandeep

Posted
  • Author
Posted

Everyone's coming out with good points.

I was actually thinking of verifying with the server but I only want to veriify the license upon initial acitvation by receiving a encrypted string from the web server but still it is prone to being changed.

is there any way to avoid using the syntax:

if(license.isvalid())
{
   // valid license
}
xsp!d3r

xsp!d3r

Posted
Posted (edited)

@ghandi: never mind you've made it clear and it's not ;)

Edited by xsp!d3r
GIV

GIV

Posted
Posted

The best protection is a custom made protection. Not a comercial one but a custom made. If you prefer a "easy meal" just try Themida. It's not for every cracker. Or move to X64 and protect the app with lena151 LARP.

metr0

metr0

Posted
Posted

Further ideas regarding ghandi's post.

is there any way to avoid using the syntax:

Derive a special constant from the validation response and decrypt some important data with it (that constant may be per-user). Introduce magic values to ensure proper decryption.

The user will need a valid license to decrypt the data, given you're doing the crypto right. But he can still remove the validation and replace the encrypted buffer with a decrypted one. It's just a matter of time. Maybe your data changes in every few versions so you can get your server to respond with the encrypted buffer?

delldell

delldell

Posted
Posted

1 learn the basics about reversing

2 don't try to crack If you don't know the basics

3 improve your skills in programing

4 be creative

5 you have to invent something new

6 implement your new ideas in your program

example like themida

good luck

LulzCoder

LulzCoder

Posted
Posted

@Sandeep : eXodia is right, making two versions will be good. One just a free version with just free functions and make another one which will be supplied to the user when he pays for it. In this case a cracker need a stolen version or he have to buy it himself.

But bro nothing is safe, the last uncracked thing I found is IARP64 :disgust:

  • Like 1
  • 2 weeks later...
EmberTheVulpix

EmberTheVulpix

Posted
Posted

I don't see why people are recommending Themida for a .NET application. Themida will just shell the .NET app and offer no obfuscation. It would be a complete waste of money.

Honestly, .NET as a whole is pretty much completely owned. Many commercial .NET protectors are readily deobfuscate-able in seconds. Even the old "giants" like {SmartAssembly}, .NET Reactor, etc. all come tumbling down. Mostly all major commercial JIT hooking protectors (DNGuard HVM, Cli_Secure, CodeWall, MaxToCode...) are owned and code can easily be made into a readable format using publically available tools. Seeing the current state of .NET automated deprotection tools, it would potentially be a better idea to migrate to a native language like C++ that doesn't have a publically documented VM running JITting it. In fact, you could just go for a .NET frontend for a native backend DLL that handles everything not related to your software's GUI.

As a developer you need to put things into perspective especially in the business sense. Even if you used some commercial VM protector (WinLicense/Themida & VMProtect), they are not all bulletproof. They are good, but not unbreakable. Would it be worth the investment of time and money to write some custom protector and virtualization engine that may not be compatible with all your end users PCs? In a learning sense, I'm sure it would be, but could that be time better spent planning features and improvements for your next version? Will end users not be happy when they have to be constantly connected to the internet to use your program since you are streaming code to it when it is being used?

  • Like 4
  • 2 weeks later...
chickenbutt

chickenbutt

Posted
Posted

Put functionality on the server behind php license checks..

No protector or method will help. If you make it hard to crack better talents will just release it. The above nobody touches.

  • 5 months later...
SnD

SnD

Posted
Posted

Look at the protection, unpack, analyse the code and edit the code .


  • 4 weeks later...
cdwayne foremost

cdwayne foremost

Posted
Posted (edited)

New Link without pwd:

 

http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links'>>http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links

all the links are dead can someone  fix this please............

Edited by cdwayne foremost
cdwayne foremost

cdwayne foremost

Posted
Posted

1 learn the basics about reversing

2 don't try to crack If you don't know the basics

3 improve your skills in programing

4 be creative

5 you have to invent something new

6 implement your new ideas in your program

example like themida

good luck

hey i am with this all the way ,this is what reversing is all about.......

idrcelab

idrcelab

Posted
Posted

all the links are dead can someone  fix this please............

all links still works (accessed on 23 Feb 213)

  • 1 month later...
chickenbutt

chickenbutt

Posted
Posted

I was also once a developer with my own products. Work for a company or dont do it. Especially with todays markets and demands.


 


Putting the code on a server behind constant license-auth is the closest thing to uncrackable...


  • 11 months later...
Carga

Carga

Posted
Posted

New Link without pwd:

 

http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links'>>http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links

 

Please re-up this tutorial if someone has it?

  • 2 weeks later...
V33T-ROOT

V33T-ROOT

Posted
Posted

cracked in 2 min ,, 


 


cuEBilr.png


 


xwhXcAp.png


  • 4 weeks later...
  • 5 months later...
SkyProud

SkyProud

Posted
Posted

 Even the old "giants" like {SmartAssembly}, .NET Reactor, etc. all come tumbling down. Mostly all major commercial JIT hooking protectors (DNGuard HVM, Cli_Secure, CodeWall, MaxToCode...) are owned and code can easily be made into a readable format using publically available tools. 

except ILProtector

kao

kao

Posted
Posted

@metr0: fanboys need no justification. :D


SkyProud

SkyProud

Posted
Posted

Even if you used some commercial VM protector (WinLicense/Themida & VMProtect), they are not all bulletproof. They are good, but not unbreakable.

 

I was also once a developer with my own products. Work for a company or dont do it. Especially with todays markets and demands.

 

Putting the code on a server behind constant license-auth is the closest thing to uncrackable...

VMProtect Web License Manager

 

One just a free version with just free functions

http://vmpsoft.com/20130511/vmprotect-2-13-is-here/

 

The demo version is public and bad guys try to use it for protecting malware. That’s why sometimes antivirus applications detect files protected by the demo. This usually doesn’t happen with the full version of VMProtect which has completely different protected code structure.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing
×
×
  • Create New...