Delphi Programming question

Hello everybody,
 
I'm wondering how to create a Delphi 32bits program (MyApp.exe) to modify an application (App.EXE) for
which I don't have the source code so that this application ask you a password (and a username optionally) before you can launch it.

In order to be more precise, I've already developed such a password function (Mypasswd) which is available in a DLL (MyLib.DLL). How can I modify App.EXE so that it execute the function Mypasswd from MyLib.DLL and then accept to launch only when the result of the call to MyPasswd is true.

I know that modifying another companies executable is illegal... but I know too that's possible and I'm curious
to learn the tip...
 
Another way to solve my problem could be to write a program that scans for any given executable, and override the start of it, by intercepting the windows messages...  If they enter the correct password, you continue to process the file, if they don't, you stop the application
from running.... The problem with this solution, is that this special pgm must always run in background. How to be sure that is the case and that the user cannot stop this pgm...

Any help or information (a source code example) is welcome.

Thanks in advance for your help

Sevy
sevyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

avjCommented:
Well I wouldn't bother with the executable as such, but rather move it out of the way by renaming the original application (APP.EXE for example) to some nice inconspicuous one (musthave.dll), and to give your app (myapp.exe) the name of the original application (APP.EXE). this application would than check
password and launch the original file (now musthave.dll) when
ok.

0
d4jaj1Commented:
I am curious about your password application, as I'm building an app that sorely needs better security.  I'd rather use someone else's component rather than writing an elaborate security scheme myself.  Can you tell me about it?  My email is Jay.Jackson@mci.com.

Thanks
0
rammsteinCommented:
Hopefully the answer from d4jaj1 won't satisfy you, as this is one of the worst protection-schemes I have ever seen. If you really want to take a look at how cracker's are working you should take a look at
http://ourworld.compuserve.com/homepages/fravia/
There are also some very powerful protectionschemes.

 There are many programs on the market such as 20/20's Softsentry or TimeLock or whatever that alter any given *.exe into a somehow 'password-protected' version. Those wrappers arent really worth the money. If you want to test a protection wrapper try http://www.hallogram.com/sentry/

BTW... it takes something from 5 to 30 minutes to remove a 'wrapperprotection'.


0
sevyAuthor Commented:
Sorry, but that do not answer my question at all. Moreover,
what avj propose is not a good protection schemes and what a
mess if you have plenty of apps to protect...
0
KECommented:
In my point of view the solution would be to make a simple protect.exe file which is only used for calling a single authentification function in your DLL. The size of the protect.exe file should be as small as posible - i sugest that you use another environment than Delphi to produce the protect.exe - this is due to the huge overhead that Delphi produces, caused by the runtime librarys (can not be disabled - as far as i know).

The protect.exe file is then placed in front of the file you want to protect.
Example:
compound.exe = protect.exe + original.exe
When you launch compound.exe the OS will recognice it as protect.exe (with something appended to it) - protect.exe will then trigger your DLL which handles everything of concern, and if the password match, the DLL should extract the original.exe from compound.exe and launch it.

As an example you can experiment with copy:
COPY /B NOTEPAD.EXE + /B WRITE.EXE COMPOUND.EXE
Launch compound.exe and notepad shows.

You can always encrypt the original.exe before appending it to protect.exe to ensure a better protection.

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Delphi

From novice to tech pro — start learning today.