Jump to content
Tuts 4 You

The best software to protect executable and DLL files in 2022!!

Nakashi_omara

By Nakashi_omara
in Software Security

Recommended Posts

Nakashi_omara

Nakashi_omara

Posted
Posted

Hi,

1. Which software can largely prevent crackers? and makes crack work harder (Please comment on crackers or people who are familiar with software security) - [Enigma, Winlicense, VMProtect, ASProtect, ZProtect, PECompact, Obsidium, etc.]

2. Which software does the best licensing with high security?

There is definitely no software that can not be cracked, and I know there are very, very professional crackers around the world, especially (China and Russia) that there is no software that can not crack, but consider

the general situation (and we all know that professional crackers for Small or ordinary software does not take time)

3. Can combining two or more protector software be useful?

4. How effective is the Virtual Machine option in preventing cracking?

5. What is the best virtual box or bundler [bundler or virtual box allows you to embed DLLs and data files inside a protected application]? (Virtual Box or Bundler is used for file and registry systems virtualization and allows you to consolidate all files and registry used by your application into a single executable file without having to extract virtual files to the disk)

@SnD@LCF-AT@lena151@VirtualPuppet@kao@JohnWho and other professionals

 

Best regards

Link to comment
Bartosz Wójcik

Bartosz Wójcik

Posted
Posted

You didn't mention my product!

SDK - https://github.com/PELock/PELock-Software-Protection-and-Licensing-SDK

Flexible licensing - pelock-project-search-user.png

Virtual DLL Binder - pelock-virtual-dll-binder.png

Plenty of protection options - pelock-options-protection-advanced-prote

Best thing you can do is to integrate your source code and the protection SDK features (we have plenty and very unique protections https://github.com/PELock/PELock-Software-Protection-and-Licensing-SDK/tree/master/Examples/English/2. Protection integration).

  • Like 1
Link to comment
Nakashi_omara

Nakashi_omara

Posted
  • Author
Posted
13 hours ago, Bartosz Wójcik said:

You didn't mention my product!

Best thing you can do is to integrate your source code and the protection SDK features (we have plenty and very unique protections https://github.com/PELock/PELock-Software-Protection-and-Licensing-SDK/tree/master/Examples/English/2. Protection integration).

There are your products and many other products that may be great and I did not name them because the list was too long, so I used and... (etc)

Does your product support x64?

Of course, the effectiveness of a protector software must be confirmed by professionals and I am an amateur ☺️👍

  • Like 1
Link to comment
kao

kao

Posted
Posted

To answer your original questions:

1. Any protector must be properly applied to provide effective protection. If you apply the best protector in an insecure manner, it can be removed as easily as UPX. Some protectors have good support to x64 or .NET, some don't.

To be specific - latest versions of Themida with custom VMs are quite hard to unpack because of lack of automated tools. Obsidium VM has not been described publicly and no public tools exist. PECompact is a joke. Enigma and VMProtect are well known and most "crackers" are familiar with them. ZProtect is a Chinese product, I'm not a fan of those.

2. No idea. In most cases dealing with video-to-exe style of products, one licence will be purchased and leaked and that is usually enough to remove the protection.

3. In general, it will be as strong/weak as the first protector that was applied.

4. Very effective if and only if it's applied properly. You must choose the right pieces of code/data to protect, otherwise it's useless.

5. They don't provide any significant additional protection, just the convenience of distributing a single file instead of multiple ones. There are generic tools that can extract files from most of these solutions. 

  • Like 3
  • Thanks 1
Link to comment
Taitor

Taitor

Posted
Posted
4 hours ago, Nakashi_omara said:

There are your products and many other products that may be great and I did not name them because the list was too long, so I used and... (etc)

Does your product support x64?

 

10 hours ago, Bartosz Wójcik said:

We need to fix that. Together!

The main problem with PE Lock is that the software author must upload all of their software source code that they want protected, to the PE Lock servers.

Protection is done ONLINE on the PE Lock servers. So this means that we must trust the author of PELock with our source code.

Whether the PELock author should be or can be trusted or not is another matter but in many cases, software authors like to protect their code on their own computers without having to upload it to other servers. The author of PELock givens many reasons for his decision not to let PELock run completely offline on his clients' servers but the fact is that most other protectors run completely offline, without the need to upload a single line of the source code to the protectors' servers.

15 hours ago, whoknows said:

u still not get it ?? ur protector is not famous.

 

The reason I gave above is the main one why most authors of software do not want to use PELock. Most authors do not want to upload all of their source code to other servers, trusting the authors of the protector, just to pack their code.

  • Like 1
Link to comment
Nakashi_omara

Nakashi_omara

Posted
  • Author
Posted
48 minutes ago, kao said:

To answer your original questions:

1. Any protector must be properly applied to provide effective protection. If you apply the best protector in an insecure manner, it can be removed as easily as UPX. Some protectors have good support to x64 or .NET, some don't.

To be specific - latest versions of Themida with custom VMs are quite hard to unpack because of lack of automated tools. Obsidium VM has not been described publicly and no public tools exist. PECompact is a joke. Enigma and VMProtect are well known and most "crackers" are familiar with them. ZProtect is a Chinese product, I'm not a fan of those.

2. No idea. In most cases dealing with video-to-exe style of products, one licence will be purchased and leaked and that is usually enough to remove the protection.

3. In general, it will be as strong/weak as the first protector that was applied.

4. Very effective if and only if it's applied properly. You must choose the right pieces of code/data to protect, otherwise it's useless.

5. They don't provide any significant additional protection, just the convenience of distributing a single file instead of multiple ones. There are generic tools that can extract files from most of these solutions. 

Great as always 👍

@kao Do you have a suggestion for licensing and protecting DLLs and data files?

23 minutes ago, Taitor said:

 

The main problem with PE Lock is that the software author must upload all of their software source code that they want protected, to the PE Lock servers.

Protection is done ONLINE on the PE Lock servers. So this means that we must trust the author of PELock with our source code.

Whether the PELock author should be or can be trusted or not is another matter but in many cases, software authors like to protect their code on their own computers without having to upload it to other servers. The author of PELock givens many reasons for his decision not to let PELock run completely offline on his clients' servers but the fact is that most other protectors run completely offline, without the need to upload a single line of the source code to the protectors' servers.

The reason I gave above is the main one why most authors of software do not want to use PELock. Most authors do not want to upload all of their source code to other servers, trusting the authors of the protector, just to pack their code.

The points you made are very important and I did not know before, even amateur people like me are not willing to do it.

  • Like 1
Link to comment
Bartosz Wójcik

Bartosz Wójcik

Posted
Posted
14 hours ago, Taitor said:

 

The main problem with PE Lock is that the software author must upload all of their software source code that they want protected, to the PE Lock servers.

Protection is done ONLINE on the PE Lock servers. So this means that we must trust the author of PELock with our source code.

Whether the PELock author should be or can be trusted or not is another matter but in many cases, software authors like to protect their code on their own computers without having to upload it to other servers. The author of PELock givens many reasons for his decision not to let PELock run completely offline on his clients' servers but the fact is that most other protectors run completely offline, without the need to upload a single line of the source code to the protectors' servers.

The reason I gave above is the main one why most authors of software do not want to use PELock. Most authors do not want to upload all of their source code to other servers, trusting the authors of the protector, just to pack their code.

Hmm I didn't know that! Haha. So you cannot trust me because you need to upload your source code to my servers? Not even binaries?

Shit, I didn't know I've coded this cool feature in my product!

I'm fornicationin genius!

14 hours ago, kao said:

To answer your original questions:

1. Any protector must be properly applied to provide effective protection. If you apply the best protector in an insecure manner, it can be removed as easily as UPX. Some protectors have good support to x64 or .NET, some don't.

 

If no SDK features are detected - any decent protector should refuse to protect the code hehe :). I've seen countless examples of modern protections applied without any SDK integration and this leads to cracked software.

13 hours ago, Nakashi_omara said:

Great as always 👍

@kao Do you have a suggestion for licensing and protecting DLLs and data files?

The points you made are very important and I did not know before, even amateur people like me are not willing to do it.

I didn't know about that either. And I'm the software author! What a shame!

Link to comment
bb2018

bb2018

Posted
Posted (edited)

Not the best protection software I think software writers should protect themselves. and use add-ons such as Enigma, Winlicense, VMProtect, ASProtect, ZProtect, PECompact, Obsidium, etc. 

These software I can Bypasses all protectors, including x86 x64.

I recommend using Obsidium, I think it protects it well. But that depends on the software you write.

Every defense can be bypassed with X64DBG, Ghidra, IDA PRO etc.

Example of writing software protection yourself. Can create a lot of confusion haha😎b.png

 

Edited by bb2018
  • Like 2
Link to comment
drakonia

drakonia

Posted
Posted
On 12/26/2021 at 11:35 PM, Bartosz Wójcik said:

We need to fix that. Together!

I think you are the one responsible for your reputation. And with this blatant advertising here youre not doing yourself any favors in my opinion.

Anyways if you need more reasons not to trust this guy:

Bragging to a well recognized software vendor that you use a cracked version of their product...

I now know to stay as far away form your company as possible, promoting software piracy basically screams professionalism and really increases customer trust ^^

Also actively retweeting populist political content is generally not a great idea as a company, but I dont really care you a free to do whatever you want.

  • Haha 1
Link to comment
  • 5 weeks later...
Bartosz Wójcik

Bartosz Wójcik

Posted
Posted
On 1/3/2022 at 5:22 PM, drakonia said:

I think you are the one responsible for your reputation. And with this blatant advertising here youre not doing yourself any favors in my opinion.

Anyways if you need more reasons not to trust this guy:

Bragging to a well recognized software vendor that you use a cracked version of their product...

I now know to stay as far away form your company as possible, promoting software piracy basically screams professionalism and really increases customer trust ^^

Also actively retweeting populist political content is generally not a great idea as a company, but I dont really care you a free to do whatever you want.

I don't give a shit what you think, how about that? And I tweet whatever I want. Don't like it? Do your own god damn software protection? Oh, you can't? LOLZ :D PS. #MAGA

Link to comment
PeterN

PeterN

Posted
Posted
2 hours ago, Bartosz Wójcik said:

I don't give a shit what you think, how about that? And I tweet whatever I want. Don't like it? Do your own god damn software protection? Oh, you can't? LOLZ :D PS. #MAGA

If I were looking for a protector and found out that the author of one of my picks acts like this guy ......I'd have one less to choose from.

  • Like 1
Link to comment
ra1n

ra1n

Posted
Posted
6 hours ago, Bartosz Wójcik said:

I don't give a shit what you think, how about that? And I tweet whatever I want. Don't like it? Do your own god damn software protection? Oh, you can't? LOLZ :D PS. #MAGA

I respect your skill in RE (writing your own protector etc), but how can you say something like that when, last time I checked, all PELock does is obfuscate and pack the binary via junk code + mutation; not virtualization or anything special. Also cracking commercial software, or whatever it is you did, and then directing people to the download is rather pathetic, especially when it's software currently being maintained or something that's helped you in the past. Despite this, PELock is still a nice tool, not sure why you would purchase it over other, far more developed, alternatives such as VMProtect or Themida.

Link to comment
Bartosz Wójcik

Bartosz Wójcik

Posted
Posted
23 hours ago, ra1n said:

I respect your skill in RE (writing your own protector etc), but how can you say something like that when, last time I checked, all PELock does is obfuscate and pack the binary via junk code + mutation; not virtualization or anything special. Also cracking commercial software, or whatever it is you did, and then directing people to the download is rather pathetic, especially when it's software currently being maintained or something that's helped you in the past. Despite this, PELock is still a nice tool, not sure why you would purchase it over other, far more developed, alternatives such as VMProtect or Themida.

Show me one *WORKING* generic unpacker, unpacking script or a tutorial about cracking PELock v2. I think this is a good reason.

Link to comment
ra1n

ra1n

Posted
Posted
20 hours ago, Bartosz Wójcik said:

Show me one *WORKING* generic unpacker, unpacking script or a tutorial about cracking PELock v2. I think this is a good reason.

Not to be rude, but you tend to only find public tools, scripts, tutorials, etc for popular commercial products; but I understand your logic of "there's no public tools if the packer isn't popular".

Link to comment
Bartosz Wójcik

Bartosz Wójcik

Posted
Posted

Cry me a river with your imaginary private tools, now go on and boycott my software, make me laugh even more! Go on! Or make an unpacker haha, make me laugh even harder!

Link to comment
PeterN

PeterN

Posted
Posted (edited)
Just now, Bartosz Wójcik said:

Cry me a river with your imaginary private tools, now go on and boycott my software, make me laugh even more! Go on! Or make an unpacker haha, make me laugh even harder!

Long time ago, on a different forum, there was discussion about website(selling exe protector) on which the author implemented counter for how  long the protector had not been cracked....perhaps you could use the idea too.

Edited by PeterN
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing
×
×
  • Create New...