slavikn
asked on
Protecting my software
Hello,
I write Shareware programs in Visual-Basic. How can I protect them (anti-debugger, ciphering, ...)?
I write Shareware programs in Visual-Basic. How can I protect them (anti-debugger, ciphering, ...)?
listening
ASKER
Hello ebosscher,
I suppose there is nobody to listen to. Nobody answers...
I suppose there is nobody to listen to. Nobody answers...
There is no absolute way to protect your shareware software from copying (except to not distribute it!) but there are ways to make it tough.
Are you looking for ways to prevent people from reverse-engineering, or from simply making illegal copies?
For the first, you'll need to make sure it's compile in Native Code (the default.)
For the second, the only reliable way I've found is to have the software look for a key on your local server (or something under your control) before it will launch, or at least sometime while it's running.
Are you looking for ways to prevent people from reverse-engineering, or from simply making illegal copies?
For the first, you'll need to make sure it's compile in Native Code (the default.)
For the second, the only reliable way I've found is to have the software look for a key on your local server (or something under your control) before it will launch, or at least sometime while it's running.
ASKER
> Are you looking for ways to prevent people from reverse-engineering, or from simply making illegal copies?
I don't want them to debug it, to get the source code, to make illegal copies.
What you advised doesn't prevent debugging and getting the source code. I know there is a good ciphering program for programs written in Delphi - EXECryptor. I want something simular for VB programs.
I don't want them to debug it, to get the source code, to make illegal copies.
What you advised doesn't prevent debugging and getting the source code. I know there is a good ciphering program for programs written in Delphi - EXECryptor. I want something simular for VB programs.
Maybe there's a misunderstanding here...
When you create a Visual Basic application, you add source code to essentially customize it.
When you want to deliver it, you *compile* it into object code. If compiles with the "Native" attribute, it build code that is essentially non-reversible. Certainly, the user cannot obtain things such as comments or the original variable names.
This object code, combines with dependency files, defines the project.
--
Using the automobile as an analogy, this is like creating a set of blue-prints for the car design. You use this to build the car, but you don't deliver the blueprints. People who buy the car can do a bit of reverse-engineering to recreate the functions, and possibly rebuild a nearly identical vehicle, but they will never recreate the original blue-prints.
If you deliver the product, you will not be able to prevent this. What you can prevent, to a large degree, is the unauthorized copying of the product.
When you create a Visual Basic application, you add source code to essentially customize it.
When you want to deliver it, you *compile* it into object code. If compiles with the "Native" attribute, it build code that is essentially non-reversible. Certainly, the user cannot obtain things such as comments or the original variable names.
This object code, combines with dependency files, defines the project.
--
Using the automobile as an analogy, this is like creating a set of blue-prints for the car design. You use this to build the car, but you don't deliver the blueprints. People who buy the car can do a bit of reverse-engineering to recreate the functions, and possibly rebuild a nearly identical vehicle, but they will never recreate the original blue-prints.
If you deliver the product, you will not be able to prevent this. What you can prevent, to a large degree, is the unauthorized copying of the product.
if your program is compiled to native code nobody will be able to decompile it, ofcource it can be disassembled
(i pity anyone trying to disassemble a vb program)
to protect againts it beeing run in a debugger:
Private Declare Function IsDebuggerPresent Lib "kernel32" () As Long
Private Sub Form_Load()
If IsDebuggerPresent <> 0 Then End
End Sub
>>. I know there is a good ciphering program for programs written in Delphi - EXECryptor. I want something simular for VB programs.
you can use any ciphering program to encipher native .exe's to encipher vb exe's compiled to native code
but i suspect programs enciphered by that program to need a deciphering program that launches that program
so just change the first byte(s) of your .exe to anything you want and make a program that changes them back to the original, and have that program shell the true program
however about securing programs:
if it is worth cracking a program it will be cracked
so the best anti-cracking protection simply is make your program extremely powerfull, extremely user friendly,and very cheap, and chances are it wont be cracked
also consider the following:
what would you rather have
10 legal and paid for copies of your program running
or 1000 unlegal copies and 100 paid for
this reminds me of lotus 123
they had very good copy protection, as a result they did sell almost nothing, so when on the brink of bankrupcy the ceo desided that if they were not able to sell copy protected copies the might as well try selling non-copy protected copy
as a result in a few months time it was the most sold program in history (then not now)(hundreds of thousands programs sold,and probably millions running)
(i pity anyone trying to disassemble a vb program)
to protect againts it beeing run in a debugger:
Private Declare Function IsDebuggerPresent Lib "kernel32" () As Long
Private Sub Form_Load()
If IsDebuggerPresent <> 0 Then End
End Sub
>>. I know there is a good ciphering program for programs written in Delphi - EXECryptor. I want something simular for VB programs.
you can use any ciphering program to encipher native .exe's to encipher vb exe's compiled to native code
but i suspect programs enciphered by that program to need a deciphering program that launches that program
so just change the first byte(s) of your .exe to anything you want and make a program that changes them back to the original, and have that program shell the true program
however about securing programs:
if it is worth cracking a program it will be cracked
so the best anti-cracking protection simply is make your program extremely powerfull, extremely user friendly,and very cheap, and chances are it wont be cracked
also consider the following:
what would you rather have
10 legal and paid for copies of your program running
or 1000 unlegal copies and 100 paid for
this reminds me of lotus 123
they had very good copy protection, as a result they did sell almost nothing, so when on the brink of bankrupcy the ceo desided that if they were not able to sell copy protected copies the might as well try selling non-copy protected copy
as a result in a few months time it was the most sold program in history (then not now)(hundreds of thousands programs sold,and probably millions running)
ASKER
Hello pierrecampe,
You wrote:
Private Declare Function IsDebuggerPresent Lib "kernel32" () As Long
Private Sub Form_Load()
If IsDebuggerPresent <> 0 Then End
End Sub
Can the user start a debugger when the program is already running? If yes, I should use a timer (Interval=5000, for example) to use your code there. Right?
You wrote:
Private Declare Function IsDebuggerPresent Lib "kernel32" () As Long
Private Sub Form_Load()
If IsDebuggerPresent <> 0 Then End
End Sub
Can the user start a debugger when the program is already running? If yes, I should use a timer (Interval=5000, for example) to use your code there. Right?
no, it only works if your program is started in the context of a debugger
and it wont protect against harware debuggers(i think)
but i dont readily see how a debugger started after/before your program could run your program
also that api is very well known in cracker circles(or so i suppose)so it would be relatively easy to jump around or nop out the function call simple by scanning a disassembler listing
and it wont protect against harware debuggers(i think)
but i dont readily see how a debugger started after/before your program could run your program
also that api is very well known in cracker circles(or so i suppose)so it would be relatively easy to jump around or nop out the function call simple by scanning a disassembler listing
ASKER
Thanks for the anti-debugger code, but still crackers (even beginners) can change strings in the EXE file etc...
Points are increased to 125!
Please help!!!
Points are increased to 125!
Please help!!!
I think that you're missing one issue:
When you distribute object code, the user cannot retrieve the source code.
If you're concerned about people tracing through your object code, probably your best bet is to apply the ASP (application service provider) concept which is to put the app on your own server and create a portal for others to access it. When it runs, it runs on your server (with no way for the user to trace it.) It will produce outputs that are delivered to the user, usually through an HTML page.
Obviously, for this to work, you'll need to create a web-based client-server application, which has been quite a challenge when dealing with lots of users across the Internet.
When you distribute object code, the user cannot retrieve the source code.
If you're concerned about people tracing through your object code, probably your best bet is to apply the ASP (application service provider) concept which is to put the app on your own server and create a portal for others to access it. When it runs, it runs on your server (with no way for the user to trace it.) It will produce outputs that are delivered to the user, usually through an HTML page.
Obviously, for this to work, you'll need to create a web-based client-server application, which has been quite a challenge when dealing with lots of users across the Internet.
ASKER
My users don't have access to the Internet.
Then another choice is to give them a system that is essentially a black box that prevents them from getting into the file system. From there, you have full control over everything. To do that, you'll have to deliver the software with all the hardware, like the XBox...however, Microsoft tried this with its XBox and it was cracked within a few weeks. I hear that people are now looking into loading Linux on these inexpensive machines!
Yet another choice could be to use donglization, which is what we're doing where I work. We use something call a Wibu-key which is a hardware key used to decrypt an executable that we previously encrypted using their encryption tool. Without the dongle, the software doesn't run.
Yet another choice could be to use donglization, which is what we're doing where I work. We use something call a Wibu-key which is a hardware key used to decrypt an executable that we previously encrypted using their encryption tool. Without the dongle, the software doesn't run.
ASKER
The program is 150KB. I cannot sell it with a computer. What I want to do is to chipher the code. Something like EXECryptor (for Delphi). It allows:
· polymorphic encryption with no constant signatures in encrypted fragments.
· encrypted fragment will only be decrypted immediately before its execution; after the execution of the particular fragment it will be encrypted again (at any time during the execution there is only one protected fragment decrypted).
· encryption has unlimited nesting (encrypted block inside encrypted block inside...).
· single-use fragments: it is possible to mark a fragment of code so that fragment will be erased after the very first execution.
· user-key encryption.
· detect SoftIce, NtIce, FrogIce, TD and other debugger.
· detect registry/filesystem/API monitors.
· counteraction to dumping application with tools like ProcDump.
· anti-tracing measures.
· anti-disassembler measures.
· direct WinAPI support working around import table.
· full integration with HardKey registration keymanager.
· polymorphic encryption with no constant signatures in encrypted fragments.
· encrypted fragment will only be decrypted immediately before its execution; after the execution of the particular fragment it will be encrypted again (at any time during the execution there is only one protected fragment decrypted).
· encryption has unlimited nesting (encrypted block inside encrypted block inside...).
· single-use fragments: it is possible to mark a fragment of code so that fragment will be erased after the very first execution.
· user-key encryption.
· detect SoftIce, NtIce, FrogIce, TD and other debugger.
· detect registry/filesystem/API monitors.
· counteraction to dumping application with tools like ProcDump.
· anti-tracing measures.
· anti-disassembler measures.
· direct WinAPI support working around import table.
· full integration with HardKey registration keymanager.
I am not familiar with such a product for VB. And, again, the compiled version of your code will not show any of your original source code--it will only show machine opcodes.
And the dongle concept used to be very popular among shareware programmers.
And the dongle concept used to be very popular among shareware programmers.
ASKER
I know there is a program in which you select an EXE file (Native code of VB) and it returns the full code in VB.
>>I know there is a program in which you select an EXE file (Native code of VB) and it returns the full code in VB.
allow me to say that i extremely doubt that
and the reason is that there is no such a thing as a vb compiler
vb5-6 does not have its own compiler it 'borrows' the 'C' compiler C2.EXE
it is possible to disassemble a .exe, and although 'in theorie' it should be possible to decompile an .exe i have never known it to be done
but lets suppose it has been done then the source the decompiler generates would be totally unreadable, there would be no things such as 'understandable' variables, it would be spaghetti code 'to the extreme', just because machine code IS spaghetti, and dozens of high-level-language constructs translate to the same spaghetti machine code
to test just write any imaginable loop construct in vb and have a look at the generated machine code
what i just mean to say is that if there was such a thing as a vb decompiler the generated source would be parsecs away from the original source
if you still have doubts just think about the following:
if it were possible to decompile an .exe, what would stop me to decompile say MSWord to say cobol and then recompile it, and MS would be utterly defenceless cause then i can 'prove' i wrote it (after all i have the source)
allow me to say that i extremely doubt that
and the reason is that there is no such a thing as a vb compiler
vb5-6 does not have its own compiler it 'borrows' the 'C' compiler C2.EXE
it is possible to disassemble a .exe, and although 'in theorie' it should be possible to decompile an .exe i have never known it to be done
but lets suppose it has been done then the source the decompiler generates would be totally unreadable, there would be no things such as 'understandable' variables, it would be spaghetti code 'to the extreme', just because machine code IS spaghetti, and dozens of high-level-language constructs translate to the same spaghetti machine code
to test just write any imaginable loop construct in vb and have a look at the generated machine code
what i just mean to say is that if there was such a thing as a vb decompiler the generated source would be parsecs away from the original source
if you still have doubts just think about the following:
if it were possible to decompile an .exe, what would stop me to decompile say MSWord to say cobol and then recompile it, and MS would be utterly defenceless cause then i can 'prove' i wrote it (after all i have the source)
ASKER
> if it were possible to decompile an .exe, what would stop me to decompile say MSWord to say cobol and then recompile it, and MS would be utterly defenceless cause then i can 'prove' i wrote it (after all i have the source)
Don't you think that they encrypted the EXE files 100 times? Of course they did! That is why I also want to encrypt my EXE files.
Don't you think that they encrypted the EXE files 100 times? Of course they did! That is why I also want to encrypt my EXE files.
if you are still not convinced try the following:
get your hands on the source of any program written in assembler
then disassemble that program and compare the sources
you'l find that even the disassembled assembler source will be miles away from the original assembler source
(of cource it IS possible to write assembler source in such a way it gets assembled to the same,but for that the programmer has to be a masochist)
get your hands on the source of any program written in assembler
then disassemble that program and compare the sources
you'l find that even the disassembled assembler source will be miles away from the original assembler source
(of cource it IS possible to write assembler source in such a way it gets assembled to the same,but for that the programmer has to be a masochist)
ASKER
So what you say is that I don't have to worry about distributing my software without using any protection?
>>Don't you think that they encrypted the EXE files 100 times? Of course they did!
well just try it
run some .exe's trough a disassembler and reassemble the generated source
>>That is why I also want to encrypt my EXE files
well just go ahead, i told you the easy way to do it
well just try it
run some .exe's trough a disassembler and reassemble the generated source
>>That is why I also want to encrypt my EXE files
well just go ahead, i told you the easy way to do it
ASKER
> And the dongle concept used to be very popular among shareware programmers.
Where can I get his "dongle"?
I will accept your answer if this helps.
Where can I get his "dongle"?
I will accept your answer if this helps.
>>So what you say is that I don't have to worry about distributing my software without using any protection?
what i am saying is that i'd rather have 1000 illegal copies of my program running and 100 paid for,
than have 10 legal copies running and 10 paid for
(but that is just my idea,feel free to disaggree)
what i am saying is that i'd rather have 1000 illegal copies of my program running and 100 paid for,
than have 10 legal copies running and 10 paid for
(but that is just my idea,feel free to disaggree)
ASKER
The program is written for a specific company. It has 15-20 branchs. I want them to pay for every copy. No one except for them needs this program.
I still don't understand about the "dongle". Sorry...
I still don't understand about the "dongle". Sorry...
dongle protection is advertised in almost every programming magazine
sorry i have no examples
please if you accept the dongle, remember it was rspahitz who suggested it not me
slavikn please excuse me for leaving now, urgent things to do
sorry i have no examples
please if you accept the dongle, remember it was rspahitz who suggested it not me
slavikn please excuse me for leaving now, urgent things to do
ASKER
rspahitz wrote:
...We use something call a Wibu-key which is a hardware key used to decrypt an executable that we previously encrypted using their encryption tool. Without the dongle, the software doesn't run.
Where can I get this encryption tool? How do I decrypt it later? Please give me links.
P.S. I am sorry that I ask too much.....
...We use something call a Wibu-key which is a hardware key used to decrypt an executable that we previously encrypted using their encryption tool. Without the dongle, the software doesn't run.
Where can I get this encryption tool? How do I decrypt it later? Please give me links.
P.S. I am sorry that I ask too much.....
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Very helpful.
Thanks for the "A" and good luck. ...and go with a license agreement if you can deal with the legal mumbo-jumbo.
ASKER
:-))))
It's few techniks to protect programs like your one.
I suppose that for not too popular applications you could use some algorithms based on open+private code combination for demo/fully-functional versions.
We use same techniks for our cheaper sw products.
For the more serious and more costly applications I could refer you to the dongle based solution and techniks like:
http://www.guardant.com/protection/index.htm
Their descisions both quite cheap and safe (and if I'm not err available around the Europe now).
Regards
I suppose that for not too popular applications you could use some algorithms based on open+private code combination for demo/fully-functional versions.
We use same techniks for our cheaper sw products.
For the more serious and more costly applications I could refer you to the dongle based solution and techniks like:
http://www.guardant.com/protection/index.htm
Their descisions both quite cheap and safe (and if I'm not err available around the Europe now).
Regards