?
Solved

Securing an exe

Posted on 2003-03-07
16
Medium Priority
?
285 Views
Last Modified: 2010-04-02
Hi,

How do I secure an exe? I have a program that wrappes an exe to make trial ware of it. When a wrapped exe opens, it extracts the original one and executes it.
Can I disable read acces from that original exe? Or maybe even open it in memory without writing it to the hard disk?

Thanks,

Walter Brebels
0
Comment
Question by:FrEaK85
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
  • 3
  • +3
16 Comments
 

Expert Comment

by:curmudgeon42
ID: 8090003
I did something similar to this one time.  I made one program to "encrypt" the wrapped exe by switching some of the bytes to invalid bytes.  That way it wouldn't execute.  Then I changed the extension to .dat.  Then, I made the wrapper exe do the opposite of the encrypt exe.  It was pretty easy and worked.  I don't know how secure this is, but it is uncrackable to the avg windoze user I would say.

jk
0
 

Author Comment

by:FrEaK85
ID: 8090236
I know, but when I want to execute the exe I need to extract the exe, then execute it, and when it's done, delete it.
The problem is when the original exe is running someone can just copy it and paste it somewhere else
0
 

Expert Comment

by:curmudgeon42
ID: 8090782
yes, i forgot about that, but i of course enountered the same issue

what i did was extract the exe to the user's temp directory.  i named it some random characters like 1lKJGA.exe or whatever.

this is still crackable, when the user runs the file, he can look at running processes and see that there is the regular process, i.e. "Wrapper EXE Name" or whatever, but also another process with a weird name

a good user could track this down.  i decided to live with that potential security issue and use this technique anyways

sorry i forgot about that

jk
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Expert Comment

by:curmudgeon42
ID: 8090792
the only other option i can think of is to build the trialware abilities into the main exe, and not use the wrapper exe

however, i understand that you probably would have done that if you had the option

this is the only solution i came up with when i had a similar problem
0
 
LVL 49

Expert Comment

by:DanRollins
ID: 8091106
Do you have any control over the source code of the main program?  A very small change in it would simplify this task and make it much harder to break to protection.

-- Dan
0
 
LVL 46

Expert Comment

by:Kent Olsen
ID: 8091337

You can always set registry values during the install and have the .exe file check them.  If the values aren't set, or aren't set correctly, the .exe quits.

Write the "obvious" stuff in the registry,

HKEY_LOCAL_MACHINE\\SOFTWARE\\COMPANY_NAME\\PROGRAM_NAME

Then write an obscure variable in some other place like

HKEY_CURRENT_USER\\SOFTWARE\\COMPANY_NAME\\PROGRAM_NAME


Not foolproof, but it will slow most fools.

Then again, you can get REALLY creative in what you place in the registry, where, and how.  ;)

Kdo
0
 

Expert Comment

by:curmudgeon42
ID: 8091338
I'd have to agree w/ Dan on that one.  If you can control the source of the main prog that is a much better option.
0
 
LVL 46

Expert Comment

by:Kent Olsen
ID: 8091453

You can always set registry values during the install and have the .exe file check them.  If the values aren't set, or aren't set correctly, the .exe quits.

Write the "obvious" stuff in the registry,

HKEY_LOCAL_MACHINE\\SOFTWARE\\COMPANY_NAME\\PROGRAM_NAME

Then write an obscure variable in some other place like

HKEY_CURRENT_USER\\SOFTWARE\\COMPANY_NAME\\PROGRAM_NAME


Not foolproof, but it will slow most fools.

Then again, you can get REALLY creative in what you place in the registry, where, and how.  ;)

Kdo
0
 
LVL 49

Expert Comment

by:DanRollins
ID: 8091945
I always wondered of the system would read an EXE from a NamedPipe.  If it would, then you could create one containing the in-memory image of your decompressed/decrypted EXE so that it would never be written to disk.  Just a thought (I don't have time to test this theory today).

-- Dan
0
 

Author Comment

by:FrEaK85
ID: 8093562
I can't extract the exe to a temp directory, since most exe's rely on the path of the app for their external files.

I have no control over the source code
0
 
LVL 49

Expert Comment

by:DanRollins
ID: 8094722
>>since most exe's rely on the path of the app for their external files.

That's going to be a problem regardless of the technique used, isn't it?  Certaintly any technique that excutes the exe directly from RAM would be a bit confused...  But if it has a problem when being loaded from a temp directory, it would also have a problem when being loaded from a non-temp directory.

I think you have just ruled out all possible solutions.  I therefore propose this as the answer (feel free to write it down and laminate it for your wallet):

It can't be done.

-- Dan
0
 

Author Comment

by:FrEaK85
ID: 8098185
Nop, that isn't an answer, since

1. I still have the problem
2. Perhaps it's possible to disable read access or something? I just don't know how...
0
 
LVL 49

Accepted Solution

by:
DanRollins earned 400 total points
ID: 8098872
Imagine that your question had been "How can I carry an ice cube in my bare hands into the center of the sun without getting a suntan".  Then the correct and only answer would be "It can't be done" even if you "still have the problem"  Why?  Because SPF 1,000,000,000,000,000 won't be approved by the FDA anytime soon.  But that is neither here nor there.

There is no complete solution -- otherwise such a program would be commonly available.  Have you noticed that all "TrialWare" solutions require at least a minor change to the program that is being demoed?  That is, the program itself must take part in the protection scheme.  You have ruled that out!

However, here is something that is not commonly known:  While it is not poosible to modify the on-disk EXE file of a running process, it is possible to rename it.  So your loader could write the file to a temp directory, then execute it and delay a while and then rename it to "ReadMe.Txt" or "~$W3TMP.DOC" That would prevent some people from copying it.

If the program relies on one or more DLLs, then I suppose that you could make some carefully-crafted mods that would cause them to fail when the loader program ws not present.  Or when you compress/encrypt the EXE, you could introduce error is it that could only be overcome with the support of your loader.  For instance, if you clobbered some essential resources in the on-disk image, then use UpdateResource (available in Win2k+).  THis option would require some specific knowlege of the how the EXE works and some cutomization of the loader for each such EXE.

-- Dan
0
 

Expert Comment

by:Barcaboy
ID: 9310684

i can be done.

look at UPX
this program packs the executable and modify's the entry point to execute the upx code, and when this executable is execute this upx code unpacks the original executable and execute's it.

but i don't know how to do that :s
0
 
LVL 11

Expert Comment

by:bcladd
ID: 9892894
No comment has been added lately, so it's time to clean up this TA. I will
leave a recommendation in the Cleanup topic area that this question is:

Answered: Points to DanRollins: Grade A

Please leave any comments here within the next seven days.

Experts: Silence means you don't care. Grading recommendations are made in light
of the posted grading guidlines (http://www.experts-exchange.com/help.jsp#hi73).

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

-bcl (bcladd)
EE Cleanup Volunteer
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Written by John Humphreys C++ Threading and the POSIX Library This article will cover the basic information that you need to know in order to make use of the POSIX threading library available for C and C++ on UNIX and most Linux systems.   [s…
This article will show you some of the more useful Standard Template Library (STL) algorithms through the use of working examples.  You will learn about how these algorithms fit into the STL architecture, how they work with STL containers, and why t…
The goal of the video will be to teach the user the concept of local variables and scope. An example of a locally defined variable will be given as well as an explanation of what scope is in C++. The local variable and concept of scope will be relat…
The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question