?
Solved

Delphi Programming question

Posted on 1997-09-03
5
Medium Priority
?
167 Views
Last Modified: 2010-04-04
Hello everybody,
 
I'm wondering how to create a Delphi 32bits program (MyApp.exe) to modify an application (App.EXE) for
which I don't have the source code so that this application ask you a password (and a username optionally) before you can launch it.

In order to be more precise, I've already developed such a password function (Mypasswd) which is available in a DLL (MyLib.DLL). How can I modify App.EXE so that it execute the function Mypasswd from MyLib.DLL and then accept to launch only when the result of the call to MyPasswd is true.

I know that modifying another companies executable is illegal... but I know too that's possible and I'm curious
to learn the tip...
 
Another way to solve my problem could be to write a program that scans for any given executable, and override the start of it, by intercepting the windows messages...  If they enter the correct password, you continue to process the file, if they don't, you stop the application
from running.... The problem with this solution, is that this special pgm must always run in background. How to be sure that is the case and that the user cannot stop this pgm...

Any help or information (a source code example) is welcome.

Thanks in advance for your help

Sevy
0
Comment
Question by:sevy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 

Expert Comment

by:avj
ID: 1343567
Well I wouldn't bother with the executable as such, but rather move it out of the way by renaming the original application (APP.EXE for example) to some nice inconspicuous one (musthave.dll), and to give your app (myapp.exe) the name of the original application (APP.EXE). this application would than check
password and launch the original file (now musthave.dll) when
ok.

0
 
LVL 3

Expert Comment

by:d4jaj1
ID: 1343568
I am curious about your password application, as I'm building an app that sorely needs better security.  I'd rather use someone else's component rather than writing an elaborate security scheme myself.  Can you tell me about it?  My email is Jay.Jackson@mci.com.

Thanks
0
 

Expert Comment

by:rammstein
ID: 1343569
Hopefully the answer from d4jaj1 won't satisfy you, as this is one of the worst protection-schemes I have ever seen. If you really want to take a look at how cracker's are working you should take a look at
http://ourworld.compuserve.com/homepages/fravia/
There are also some very powerful protectionschemes.

 There are many programs on the market such as 20/20's Softsentry or TimeLock or whatever that alter any given *.exe into a somehow 'password-protected' version. Those wrappers arent really worth the money. If you want to test a protection wrapper try http://www.hallogram.com/sentry/

BTW... it takes something from 5 to 30 minutes to remove a 'wrapperprotection'.


0
 

Author Comment

by:sevy
ID: 1343570
Sorry, but that do not answer my question at all. Moreover,
what avj propose is not a good protection schemes and what a
mess if you have plenty of apps to protect...
0
 
LVL 3

Accepted Solution

by:
KE earned 240 total points
ID: 1343571
In my point of view the solution would be to make a simple protect.exe file which is only used for calling a single authentification function in your DLL. The size of the protect.exe file should be as small as posible - i sugest that you use another environment than Delphi to produce the protect.exe - this is due to the huge overhead that Delphi produces, caused by the runtime librarys (can not be disabled - as far as i know).

The protect.exe file is then placed in front of the file you want to protect.
Example:
compound.exe = protect.exe + original.exe
When you launch compound.exe the OS will recognice it as protect.exe (with something appended to it) - protect.exe will then trigger your DLL which handles everything of concern, and if the password match, the DLL should extract the original.exe from compound.exe and launch it.

As an example you can experiment with copy:
COPY /B NOTEPAD.EXE + /B WRITE.EXE COMPOUND.EXE
Launch compound.exe and notepad shows.

You can always encrypt the original.exe before appending it to protect.exe to ensure a better protection.

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The uses clause is one of those things that just tends to grow and grow. Most of the time this is in the main form, as it's from this form that all others are called. If you have a big application (including many forms), the uses clause in the in…
Hello everybody This Article will show you how to validate number with TEdit control, What's the TEdit control? TEdit is a standard Windows edit control on a form, it allows to user to write, read and copy/paste single line of text. Usua…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses
Course of the Month9 days, 2 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question