Jump to content
View in the app

A better way to browse. Learn more.
Tuts 4 You

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Accde reverse engineering

warp123
warp123
in Software Security

Featured Replies

Posted

Hello. I have been in the field of reverse engineering for quite some time now, and I am familiar with the common tools for debugging - disassemble. 

I recently started developing an application using access vba, mainly for use in my business, but after some time of development I am considering if this could be a commercial software. 

Through my involvement with software reverse engineering, and protection analysis, it's becoming difficult for me to decide what kind of licensing - protection implementation to adopt. 

I made a research about how easy would be to reverse engineer the compiled accde file and I haven't found any resource or tools that can do the job, except from a company providing services to the owner of the code that can produce that actual vba code from the .accde file. 

My question is if someone can help me providing any information on how can i test my compiled version (.accde) of my software in order to harden my copy protection scheme. 

Thanks

Edited by warp123

produce that actual vba code from the .accde file

^paid services (everythingaccess.com/mdeconversion.asp) from the time of MDE, never see any result... btw  "Do you know I can fly."

accde format

consider hard to break it.

  • Author
50 minutes ago, whoknows said:

produce that actual vba code from the .accde file

^paid services (everythingaccess.com/mdeconversion.asp) from the time of MDE, never see any result... btw  "Do you know I can fly."

accde format

consider hard to break it.

Yes everythingaccess.com is the commercial services I had in mind. But as long as the process they use is not known and as far as I am concerned, I do have the source code, I can't make any use of it to test my program. 

Maybe if anybody had any idea about what techics they use to recover the vba code. 

Btw I have tested the accde file with the known decompilers and they fail to analyze the file. 

decompilers of what 'type' ?

  • Author
3 hours ago, whoknows said:

decompilers of what 'type' ?

Vb decompiler, IDA etc 

accde is not executable, thats why asked you. For the moment there is no app to decompile.

--

the super max you can get is :

github.com/bontchev/pcodedmp/
github.com/Big5-sec/pcode2code/

without saying that the accde itself is uncrackable...

    • Thanks 1
    • Author

    I have tried pcodedmp and it does not handle .accde files. 

    So no results from there. 

    btw as this guy saying 

    Quote

    Tables are fully accessible, as are queries.  You can connect through and mde to the table and extract data.

    answers.microsoft.com/en-us/msoffice/forum/msoffice_access-mso_other-mso_2007/is-it-possible-to-open-unencrypted-accde-files-in/1cad25d9-5ec2-4799-8c53-2d45a1b28877

    --

    I have done it on MDE in the past.

    --

    decide what kind of licensing - protection implementation to adopt.

    as I said, will be crackable. You can try to do a sample ACCDE and post it to REQUEST AREA

    --

    I have done it on MDE in the past. - exactly by 'linked tables' option^

    --

    check also at

    2014 - superuser.com/a/714222

    2018 - www.access-programmers.co.uk/forums/threads/access-file-security-mdb-mde-vs-accdb-accde.301611/

    Edited by whoknows

    • Thanks 1
    • Author

    I do not really care about the table contets because BE is a separate file and does not hold any code. Just data which either case belong to the user, and can access through the FE freely. It will be password protected by the way in order not to mess arround with it. 

    Its the FE that I will be protecting that hold the code. 

    If I decide that the code is easily exposed, I will try to implement a protection scheme that will be some sort of floating licensing system, through online server. 

    In the most extreme case I will consider migrating the BE on a SQL server, which seems to be the most effective solution. Anybody not licensed will not have access to the BE. 

    Just thoughts

    Edited by warp123
    Correction

    • 2 years later...
    • 3 weeks later...

    Create an account or sign in to comment

    Go to topic listing

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.