Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

auto check file?

Posted on 2006-07-04
14
Medium Priority
?
285 Views
Last Modified: 2010-04-05
hello.

i would like to check my program (md5 hash?) when it runs, so it would close if it detects any changes...
i know reverse engeneering can break that protection but it would help.

but there is an obvious problem... how can i insert the md5 hash in the exe without making any change in the md5!

so i was searching a bit and i found this:
http://www.programmersheaven.com/zone24/cat277/4329.htm

its supposed to work for turbo pascal, but i also found this:
http://groups.google.com/group/borland.public.delphi.winapi/browse_thread/thread/8280661dafb11331/130a294eedce4996?

there was (2002 xD) an example for delphi but the link is broken :'(

so i was wondering if there is another way to do that? or someone knows how to modify the turbo pascal and the .inc file to work with delphi?

any hint would be appreciated a lot  :)
greetings.
0
Comment
Question by:lobo_estepario
  • 6
  • 5
  • 2
  • +1
14 Comments
 
LVL 3

Expert Comment

by:Ubethatway
ID: 17039870
Hi,

One thing you can try is to "pre-enter" a string the same size as the MD5 hash in your application somwhere (make sure the string is recognisable). Then compile your application and take the hash of it. You can then use a tool, such as ResHacker, to replace "pre-entered" string with the correct Md5 hash.

ResHacker is available here: http://www.angusj.com/resourcehacker/

I had a look at the Turbo Pascal tool you provided, but unless there iss a tool to convert the files automatically, doing it by hand would be long and arduous.

Hope that helps, Mark
0
 
LVL 28

Expert Comment

by:2266180
ID: 17040498
best way in my opinion is to use something like this (command line build batch):

- compile program
- calculate md5
- crypt md5
- append crypted md5 to end of program
then
- at program load time, program will seek to it's size - length md5 hash (this length is constant ;) ) and loar md5 hash
- then it will calculate md5hash for the program exe - length md5 hash
OR
- it will copy the exe without the hash to a temp file, calculate the hash and then delete the temp file
crypting algorithm can bve something simple, just so the user will not be able to just replace the hash ;)

for such a solution and demos, see the answers of this question:http://www.experts-exchange.com/Programming/Programming_Languages/Delphi/Q_21905932.html


in Ubethatway's solution you will also have to skip the place where the hash is stored but in that case the place can be anywhere within the exe and is thus harder to implement.
0
 
LVL 16

Expert Comment

by:CodedK
ID: 17048593
Ubethatway if you calculate the hash of your application and then store the hash to the string
(using ResHacker) or anything else then... that would change the hash of your application again ! :)

What if you store the hash in a file outside of your app ?
Of course you should encrypt the hash so noone would understand its an md5 hash.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 28

Expert Comment

by:2266180
ID: 17048792
codedk, using my "algorithm", the hash of the application does not change as I explained it, you don't calculate the hash of the file that contains the exe and the hash, but just the first part, the exe. so the hash will be the same always.
0
 
LVL 16

Expert Comment

by:CodedK
ID: 17048846
I know ciuly, i was talking about Ubethatway suggestion.
0
 
LVL 28

Expert Comment

by:2266180
ID: 17048872
sorry, didn't scroll to see who the asker was :D
0
 

Author Comment

by:lobo_estepario
ID: 17056882
allright im trying to make it work... ill take a look at that link ciuly ;-)

so ill let you know once i finish reading and trying all that stuff lol

greetings.
0
 

Author Comment

by:lobo_estepario
ID: 17070109
well, i had some hardware issues so i couldnt use my pc in two days :-(

anyway, i tried your sample, ciuly. the one called: "modify exe string" and everytime i used a to insert the text "edit1" in b, it corrupts the file :-(

i will try to solve that but what i really wanna know is how can i be able to do this: "then it will calculate md5hash for the program exe - length md5 hash".

i mean how can i get the md5 hash of it if its not really a file (i cant copy the exe to other place, i need to work with just the exe).

thanks.
bye
0
 
LVL 28

Expert Comment

by:2266180
ID: 17071008
that is most probably because you didn;t follow the instructions step by step as explained there. you MUST follow those step in that exact order:
download project files from http://www.ciuly.com/delphi/ModifyExeString.zip
compile B. then write the size manuallt in size.pas then compile B again.
THEN compile A (this was specified in one of the first posts :) )

regarding your second question. you have several ways to do that:
- you create another class, derived from tfilestream (or from TStream and passing a filename, or whatever), readonly, that will aways retrieve the content of that file up until the filesize-length(md5sum) (this length IS constant. it's 128 bit = 16 bytes)
- you modify the md5 hash algorithm to only read until the filesize - 16 (length of md5 hash)

and there are variations of the above and of course other implementations that can be more or less complicated. the above are the 2 most simple ones in my opinion.
0
 

Author Comment

by:lobo_estepario
ID: 17076598
oops, my bad, sorry  :-(

so yes, that demo works fine!

now im gonna try to modify the md5 hash algorithm  :-)
0
 
LVL 28

Expert Comment

by:2266180
ID: 17077530
if the md5hash algorithm you are using supports calculating on a stream, I suggest using the first option: it is much more faster to implement and more secure (since you wil not be modifying the md5hash algorithm, there are no chances for you to introduce bugs there) and more flexible ;)
0
 

Author Comment

by:lobo_estepario
ID: 17078784
mmm, well im using this unit: http://www.sawatzki.de/Download/Delphi_MD5.zip

but, to be honest... im not quite sure where to make the changes  :-(

i will try to figure it out though.

greetings.

0
 
LVL 28

Accepted Solution

by:
2266180 earned 1200 total points
ID: 17079559
0
 

Author Comment

by:lobo_estepario
ID: 17086157
Thanks  :-)

Im gonna analyze the code and then ill add some crypting and all that.

Thanks again.
greetings  ;-)

0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A lot of questions regard threads in Delphi.   One of the more specific questions is how to show progress of the thread.   Updating a progressbar from inside a thread is a mistake. A solution to this would be to send a synchronized message to the…
Introduction The parallel port is a very commonly known port, it was widely used to connect a printer to the PC, if you look at the back of your computer, for those who don't have newer computers, there will be a port with 25 pins and a small print…
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …
Suggested Courses

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question