Re[2]: Shrouded code...

new topic     » topic index » view thread      » older message » newer message

Some weeks ago, (finally) my commercial program in Euphoria has been
cracked.

It is not binded, but translated to C and compiled.

In my experience, cracking programs is not too difficult, about half
of them can be cracked by:

1. find a references the string that states it is expired or wrong
code, etc
2. find a "cmp" assembly code followed by conditional jump on some
lines above it.
3. modify  the  jump  to the opposite of it (eg. je change to jne) or
change to no operation (#90)

String  on step 1 is very easy to find on a compiled Euphoria program.
because it is visible on the exe file.

Therefore, I have a suggestion to RDS, to make C code generated by
translator has (at least simple) string encryption.

In init_.c:

    _2202 = NewString("An unknown GUI function ID used.");
    _2199 = NewString("Couldn't link to C procedure '%s'");
    _2196 = NewString("Couldn't link to C function '%s'");

Lines like that would be better to be changed, I think, to:

    _2202 = NewEncString("usf0uj2e49uic0921i0cmk912iu30c11");
    _2199 = NewEncString("d08uc032umdoqwe0cu0(RU)UC)$@U)Us'");
    _2196 = NewEncString("E(Q&^(!C#JUNOXAEU*)CUQ)QEJiJCOIQ");

or  whatever it is, the point is that the string is not visible on the
exe file directly.







>>Just how secure is shrouded code? How difficult would it be for
>>someone to reverse-engineer small sections of shrouded code, to try
>>and determine an algorithm used?

P> I imagine it is pretty difficult.
P> I shrouded the simplest program I could think of, "?1" and got this:

P> 00000000  FE6D3E54 5E240A6E  FA6A58E8 6EFE22EF	*.m>T^$.n.jX.n.".*
P> 00000010  B254C384 AFBB 						*.T.... 		 *

P> I shrouded it again, and got this:

P> 00000000  FE286554 5E240A85  ECFDC6C0 4D78577A	*.(eT^$......MxWz*
P> 00000010  EAF70F73 BC67 						*...s.g 		 *

P> So as you can see almost every byte is scrambled differently each
P> time. Plus, as Rob is fond of saying, any code you (or someone else)
P> did manage to recover would have short, meaningless names.

P> Pete

new topic     » topic index » view thread      » older message » newer message

Search



Quick Links

User menu

Not signed in.

Misc Menu