• 0

Stealing EXE !


Question

  • 0

just open an exe in debuger and you have the assembly code, real hard to do right? well that ASM code can very painfully be converted to any languge if you have the right converter... and it will never be exactly the same as the original source unless you have the symbols listing

Link to comment
Share on other sites

Recommended Posts

  • 0
you're trying to win an impossible war, and the worst thing about it, is the fact your knowledge on it is obviously very low... people who have been doing this their entire lives and know the ins and outs of every single system still can't pull it off, so there is very little chance that you would do it... mainly because its impossible

585263781[/snapback]

actually i made it (in most of my important progs ), you seem confused , and if you want me to prove it , tell me anything of the logic and i will send you the code ( but in VB .net as i have small knowledge about it )

Link to comment
Share on other sites

  • 0
actually i made it (in most of my important progs ), you seem confused , and if you want me to prove it , tell me anything of the logic and i will send you the code ( but in VB .net as i have small knowledge about it )

585263802[/snapback]

send that exe to any professional cracker.. and check it out.. and do one thing.. send it to me.. let me try if I can crack it up.. I am not pro, but I have pretty good knowledge about it..

pro crackers will surely be able to do that...

Link to comment
Share on other sites

  • 0
Think about it for a moment - you don't even understand what an EXE file is, let alone anything lower level, but you are going to defeat hardcore crackers who understand the thing from top to bottom.

Lame tricks don't work, security through obscurity is a non-starter - every cracker worth his salt would use a file monitor and network monitor  to instantly spot this "scheme" and then just a couple of NOPs would render it useless. It may stop the casual copier - but a simple key stops 95% if them anyway.

But none of this matters as it's quite obvious you lack any in depth understanding of the problem at hand - you scheme assumes the crackers are stupid, the best crackers are as good as the best security makers - that's why the battle continues.

585263787[/snapback]

man i said before its a TRICK , recognized = its OVER , and BTW i respect you for saying "file monitor and network monitor " cause thats a part of solution but if the crackers know that how they conclude the mechanism !!! i know its hard but i didn't said its impossible , um just saying "does any one hears about this tricks ?"

and also you know that crack and virus makers are the most intelligent people in programming .....

trick means "the hours which make your cracker seeking for the solution"

Link to comment
Share on other sites

  • 0
send that exe to any professional cracker.. and check it out.. and do one thing.. send it to me.. let me try if I can crack it up.. I am not pro, but I have pretty good knowledge about it..

pro crackers will surely be able to do that...

585263828[/snapback]

cool man are u serious ........ ok please give me ur name and ur e-mail , i was really seeking to find people do that because you know that no one can rate him self , other rate him

Link to comment
Share on other sites

  • 0
actually i made it (in most of my important progs ), you seem confused , and if you want me to prove it , tell me anything of the logic and i will send you the code ( but in VB .net as i have small knowledge about it )

585263802[/snapback]

I seem confused? I'm a PhD candidate in computer science... I have a degree in Computer Science and Information Security... please dont tell me IM confused... Your program is even in VB.NET which is one of the easiest things to take into MSIL and convert back to code that is very easy to hack... if you think you are going to pull something off in .NET you are badly mistaken...

Link to comment
Share on other sites

  • 0

Gosh Elagizy, give it up dude, not to be harsh, before you start correcting people here, start working on your english, you're not making any sense, and you think you've got enough knowledge to tackle a few of these experienced members? Think again.

Link to comment
Share on other sites

  • 0
no thats ur opinion , but if u read the whole thread you will find that i said i use "decompilation" in peace purpose like "anti-cracker tricks" ,they didn't belive  me and then we are here .......

winston, i know u have great experience , but u know the disadvantages of forums is that there is posts and u seem confused as you are reading a story ( if we made forums seems like chating ;) ... it will be cool )

585263777[/snapback]

I wish i can understand what on earth your reply is about, so i could at least form a coherent response to that... :blink:

Link to comment
Share on other sites

  • 0
If you're so confident in your program, post it here, and see how fast we rip it apart

585263863[/snapback]

deal , ......... i will made it and post it in the forum between 4 - 5 days ( exams here ;) ) and that will be great , agree ?

Link to comment
Share on other sites

  • 0
deal , ......... i will made it and post it in the forum between 4 - 5 days ( exams here ;) ) and that will be great , agree ?

585263887[/snapback]

no, not a deal, that gives you enough time to run away and hope we forgot about this thread... if you actually had something now then you'd be able to post it now... as you are already spending so much time just on this single thread, it doesn't show me that you are necessarily strapped for time.

Link to comment
Share on other sites

  • 0
Opening any executable in notepad and changing any character corrupts the file....as you found out on your own.

EDIT: actually, doing that with any file, pretty much.

585262907[/snapback]

What about txt files :p

Link to comment
Share on other sites

  • 0

this whole asking about decompliers is a little fishy. it seems like Elagizy is trying to reverse engineer softwares and use the source codes. (just my opinion; i didn't read the entire thread).

Link to comment
Share on other sites

  • 0
man i said before its a TRICK , recognized = its OVER , and BTW i respect you for saying "file monitor and network monitor " cause thats a part of solution but if the crackers know that how they conclude the mechanism !!! i know its hard but i didn't said its impossible , um just saying "does any one hears about this tricks ?"

and also you know that crack and virus makers are the most intelligent people in programming .....

trick means "the hours which make your cracker seeking for the solution"

585263835[/snapback]

No crackers and vxers are not the most intelligent people in programming - SOME of them MAY be AMONGST the best programmers/engineers/problem solvers in the field, but it's not a given. It's just that when developing security, obscurity is nothing more than hide and seek and you should always think (true or not) that your enemy is cleverer, craftier and more skilled than you.

Many crackers take on the task of cracking simply as an intellectual challenge, it doesn't matter if it takes minutes, hours, days or weeks.

If you were talking about physical security, then "the hours which make your cracker seeking for the solution" may help - in the real world a safe cracker couldn't take days. But software security is the equivalent of giving a safe cracker the safe to take home, then he has all the time in the world to bring the strongest tools to bear on the problem...you can bet the safe is opened sooner rather than later.

The only recent case I have seen where protection offered a hard enought challenge to make the time less than worthwhile, has been StarForce 3 copy protection. SF3 protected games appear on warez a long time after their release (unlike Safedisk and Securom) and with entertainment software, it's this "time to warez" that hurts the most.

Link to comment
Share on other sites

  • 0
deal , ......... i will made it and post it in the forum between 4 - 5 days ( exams here ;) ) and that will be great , agree ?

585263887[/snapback]

If you post it here and it doesn't get cracked that doesn't say anything about your scheme.

You would do better, posting it to a some dedicated cracker forums with the title "UNCRACKABLE PROTECTION - give it a try" - if it's not as lame as it sounds, you should get a response within the hour. But it may well be such a lame scheme that no one bothers to respond - kind of like when someone tells an awful joke and nobody responds.

Link to comment
Share on other sites

  • 0
i was wondering the same lol

585263946[/snapback]

you both : txt is identified in regeitry ( the extension only) , try in dos "EX: copy c:\>a.txt con ", and exe as an example identified by registry and the file codes ...

i have no much time ...... neofuse u see me in the programmers forum , and please don't forgot , if u will then PM me after 4 days

Link to comment
Share on other sites

  • 0
you both : txt is identified in regeitry  ( the extension only) , try in dos "EX:  copy c:\>a.txt con ", and exe as an example identified by registry and the file codes ...

i have no much time ...... neofuse u see me in the programmers forum , and please don't forgot , if u will then PM me after 4 days

585263978[/snapback]

you really don't havea clue what you're talking about do you?

Link to comment
Share on other sites

  • 0
Funniest thread ever

so true, well at least in the programming section of neowin.

and also you know that crack and virus makers are the most intelligent people in programming .....

as _Pablo said

No crackers and vxers are not the most intelligent people in programming - SOME of them MAY be AMONGST the best

look Elagizy, with out flaming, you need to be a bit more humble and listen to the people on neowin. Your "arrogance" is causing this thread to become a bit of a joke. if you are serious about what you are trying to do, be humble and listen.

The idea that you think that a bag of tricks can make your program un-crackable is really making people reading this thread laugh. just say ok, so how can I best protect my program if that is what you really want to do.

BTW: your knowledge of computer science (not just programming) appears to be seriously lacking. I suggest you follow the tutorial links people have posted for you.

Link to comment
Share on other sites

  • 0

unless you first now how to code, and im not exactly sure that you do, you probably shouldnt even be touching assembly code. Use any debugger, VS will do. But changing the assembly code is practically useles if you're trying to make improvements, you have to hook a program normally. It sounds to me like you're trying to write a crack or something. In which case just change the jump lines, such as xxxx73 to xxxx74, i think, i cant remember exactly, i havnt touched assembly code for a while...

Link to comment
Share on other sites

  • 0
great man ...........

i will tell you 2 logics , cause i don't know ur skills in this ..

1- security system will depend on hardware ( HDD serial ) then encoding it to numbers and if every 1st 2 numbers ( after encoding ) will have an alternative number which is Authorization Code  ( so we got 01 to 99 numbers ) ..... don't tell me making KEYgen will gonna work ..... and after programing that make a (EX VB :  public  sub  ajskhdakjhad ()," or  you can name it a feature in your prog ( and that is the trick " ) and on each button in your prog call this sub to check the authorization code which is saved in a file in other path .........

hope u solve it ;) Preparing the 2nd logic

585263540[/snapback]

You clearly have very little idea of what you're talking about. Whatever system you put in place can be circumvented... all it takes is time. Cracking can take two main approaches.... either you work with the security that has been put in place (such as a keygen) or you circumvent the security (such as by adding code to bypass any checks).

Your first example is far too simple to present much of a challenge to a cracker.

Link to comment
Share on other sites

  • 0
2-

A security system depends on the number of opened process ( ctrl+alt+del ), put a value ( authorization code ) for each number between ( 1 to 500 , i think no one will have more than 500 or he is crazy ) where no value has no relation to the other ( so there is no keygen can be made ) after that make a timer each 3 minutes  check the value of authorization code  which saved in a file and saved also in other file ( which is used by program in other functions ) by using a trick ( public sub ) and if the crack is found, then the program will know that, by making a variable which confirm that Authorization code is confirmed and checked , if the variable came with a code which means its not confirmed ( EX if a = "Form1.WMP.PLay" another trick ), then from a secret link in your website have a page which has another code ... let the program read this code and if its confirmed that is crack then let ur program read the code from the website then save it to file which saved file in another path , and finally make the prog check this code and then self damage to ur prog ( "PROGRAM CORRUPTED") ;)

585263652[/snapback]

I haven't coded in years, however I'll try and tell you the problems I see with your logic:

For one this is very, very inefficient. So a user's process list changes, then the program becomes unusable for 3 minutes? A secret link on your webpage with code to "complete" more code? What happens if the site is down? The user has to wait for it to be back up? Oh the user can't wait, because the last part of the "trick" involves corrupting itself?

Alright well say someone actually wanted a program that does this. The cracker disables the timer, so it only checks once. Now the program stays authorized. And now it checks the website for some sort of secret code. Well let's say it can't be decompiled, well simple monitoring of WinSOCKS should tell you what URL its trying to snag. So now the secret code is snagged and then placed locally and the HOSTS file is changed for that URL to resolve locally to the local code saved. More than likely the URL will be changed via Hex or whatnot anyway.

Not only is this method defeated, it is now actually more effecient.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.