ghandi Posted June 25, 2012 Share Posted June 25, 2012 Um, no, why would it be?There is software which operates like this everywhere. Where it is a problem to distribute proprietary algorithms securely, what is the problem of offering a service that users can access and receive resutls? Stock market software does this, SoftWrap PE protector does this, what is the issue with the bandwidth and disk space available these days?IP logging and such is something which has to be done as a matter of security, you cannot simply let any anonymous person access your server. o0Once again, i fail to see how this can be spying when the customer has already given their details when purchasing a license/subscription, especially if the license is hardware tied anyway.Could you please elaborate a little on what you mean?HR,Ghandi Link to comment
sandeep Posted June 25, 2012 Author Share Posted June 25, 2012 Everyone's coming out with good points.I was actually thinking of verifying with the server but I only want to veriify the license upon initial acitvation by receiving a encrypted string from the web server but still it is prone to being changed.is there any way to avoid using the syntax:if(license.isvalid()){ // valid license} Link to comment
xsp!d3r Posted June 25, 2012 Share Posted June 25, 2012 (edited) @ghandi: never mind you've made it clear and it's not Edited June 25, 2012 by xsp!d3r Link to comment
GIV Posted June 25, 2012 Share Posted June 25, 2012 The best protection is a custom made protection. Not a comercial one but a custom made. If you prefer a "easy meal" just try Themida. It's not for every cracker. Or move to X64 and protect the app with lena151 LARP. Link to comment
metr0 Posted June 25, 2012 Share Posted June 25, 2012 Further ideas regarding ghandi's post.is there any way to avoid using the syntax:Derive a special constant from the validation response and decrypt some important data with it (that constant may be per-user). Introduce magic values to ensure proper decryption.The user will need a valid license to decrypt the data, given you're doing the crypto right. But he can still remove the validation and replace the encrypted buffer with a decrypted one. It's just a matter of time. Maybe your data changes in every few versions so you can get your server to respond with the encrypted buffer? Link to comment
xsp!d3r Posted June 25, 2012 Share Posted June 25, 2012 here is an idea that is similar to ghandi's http://www.logicprotect.com/howitworks.asp it's interesting Link to comment
delldell Posted July 2, 2012 Share Posted July 2, 2012 1 learn the basics about reversing2 don't try to crack If you don't know the basics3 improve your skills in programing4 be creative5 you have to invent something new 6 implement your new ideas in your programexample like themidagood luck Link to comment
LulzCoder Posted July 3, 2012 Share Posted July 3, 2012 @Sandeep : eXodia is right, making two versions will be good. One just a free version with just free functions and make another one which will be supplied to the user when he pays for it. In this case a cracker need a stolen version or he have to buy it himself. But bro nothing is safe, the last uncracked thing I found is IARP64 1 Link to comment
EmberTheVulpix Posted July 14, 2012 Share Posted July 14, 2012 I don't see why people are recommending Themida for a .NET application. Themida will just shell the .NET app and offer no obfuscation. It would be a complete waste of money.Honestly, .NET as a whole is pretty much completely owned. Many commercial .NET protectors are readily deobfuscate-able in seconds. Even the old "giants" like {SmartAssembly}, .NET Reactor, etc. all come tumbling down. Mostly all major commercial JIT hooking protectors (DNGuard HVM, Cli_Secure, CodeWall, MaxToCode...) are owned and code can easily be made into a readable format using publically available tools. Seeing the current state of .NET automated deprotection tools, it would potentially be a better idea to migrate to a native language like C++ that doesn't have a publically documented VM running JITting it. In fact, you could just go for a .NET frontend for a native backend DLL that handles everything not related to your software's GUI.As a developer you need to put things into perspective especially in the business sense. Even if you used some commercial VM protector (WinLicense/Themida & VMProtect), they are not all bulletproof. They are good, but not unbreakable. Would it be worth the investment of time and money to write some custom protector and virtualization engine that may not be compatible with all your end users PCs? In a learning sense, I'm sure it would be, but could that be time better spent planning features and improvements for your next version? Will end users not be happy when they have to be constantly connected to the internet to use your program since you are streaming code to it when it is being used? 4 Link to comment
chickenbutt Posted July 23, 2012 Share Posted July 23, 2012 Put functionality on the server behind php license checks..No protector or method will help. If you make it hard to crack better talents will just release it. The above nobody touches. Link to comment
SnD Posted January 22, 2013 Share Posted January 22, 2013 Look at the protection, unpack, analyse the code and edit the code . Link to comment
cdwayne foremost Posted February 17, 2013 Share Posted February 17, 2013 (edited) New Link without pwd: http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links'>>http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_linksall the links are dead can someone fix this please............ Edited February 17, 2013 by cdwayne foremost Link to comment
cdwayne foremost Posted February 17, 2013 Share Posted February 17, 2013 1 learn the basics about reversing2 don't try to crack If you don't know the basics3 improve your skills in programing4 be creative5 you have to invent something new 6 implement your new ideas in your programexample like themidagood luckhey i am with this all the way ,this is what reversing is all about....... Link to comment
idrcelab Posted February 23, 2013 Share Posted February 23, 2013 all the links are dead can someone fix this please............ all links still works (accessed on 23 Feb 213) Link to comment
chickenbutt Posted April 3, 2013 Share Posted April 3, 2013 I was also once a developer with my own products. Work for a company or dont do it. Especially with todays markets and demands. Putting the code on a server behind constant license-auth is the closest thing to uncrackable... Link to comment
Carga Posted March 25, 2014 Share Posted March 25, 2014 If you want to start reversing I suggest Lena's tutorials. These are not for .net but will learn you normal reverse engineering.http://tuts4you.com/search.php?q=lena&r=0&s=Search&in=&ex=&ep=&be=&t=downloads&adv=0For .net you could check out the following:http://tuts4you.com/search.php?q=DotNet+&r=0&s=Search&in=&ex=&ep=&be=&t=downloads&adv=0 Can this possibly be updated? Link to comment
Carga Posted March 25, 2014 Share Posted March 25, 2014 New Link without pwd: http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links'>>http://www.mirrorcreator.com/files/1EV2OCOJ/.net_Tut.rar_links Please re-up this tutorial if someone has it? Link to comment
mrexodia Posted March 30, 2014 Share Posted March 30, 2014 https://tuts4you.com/download.php?list.17 1 Link to comment
posixg0d Posted May 5, 2014 Share Posted May 5, 2014 Updated links: NET Keygen Tutorials by C0dr4cK TCCThttp://portal.b-at-s.net/download.php?view.508 NET Crack Tutorials by C0dr4cK TCCThttp://portal.b-at-s.net/download.php?view.507 2 Link to comment
SkyProud Posted October 23, 2014 Share Posted October 23, 2014 Even the old "giants" like {SmartAssembly}, .NET Reactor, etc. all come tumbling down. Mostly all major commercial JIT hooking protectors (DNGuard HVM, Cli_Secure, CodeWall, MaxToCode...) are owned and code can easily be made into a readable format using publically available tools. except ILProtector Link to comment
kao Posted October 25, 2014 Share Posted October 25, 2014 @metr0: fanboys need no justification. Link to comment
SkyProud Posted October 27, 2014 Share Posted October 27, 2014 Justify your statement? https://forum.tuts4you.com/topic/36331-unpackme-lprotect-v2014-last-version/ Link to comment
SkyProud Posted October 27, 2014 Share Posted October 27, 2014 Even if you used some commercial VM protector (WinLicense/Themida & VMProtect), they are not all bulletproof. They are good, but not unbreakable. I was also once a developer with my own products. Work for a company or dont do it. Especially with todays markets and demands. Putting the code on a server behind constant license-auth is the closest thing to uncrackable... VMProtect Web License Manager One just a free version with just free functions http://vmpsoft.com/20130511/vmprotect-2-13-is-here/ The demo version is public and bad guys try to use it for protecting malware. That’s why sometimes antivirus applications detect files protected by the demo. This usually doesn’t happen with the full version of VMProtect which has completely different protected code structure. Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now