Software protection from reverse engineering

Question

3.50/5 (2 votes)

See more:

I want to protect my code (written in C/C++)by a packer, there are many,but I didn't get the difference between them, can you help me to choose the best one (I know that there is no perfect protection, but I want a reliable one that won't be cracked easily). Thanks a lot

Posted 12-Aug-12 7:37am

Member 9324753

Add a Solution

2 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Mehdi Gholam · Accepted Answer · 2012-08-12T07:42:00

Solution 1

Anything a computer can execute can be reversed, admittedly it could take time for the hacker and you could make things more difficult but nothing can stop it completely.

Anything you find now will probably be broken in 6 months time.

It is better for you to promote your brand and expertise and support so people come to you for your product and not some one else.

Posted 12-Aug-12 7:42am

Mehdi Gholam

Comments

Member 9324753 12-Aug-12 18:03pm

I think 6 months is not bad,it can be released an update for the protector.

Albert Holguin 14-Aug-12 20:10pm

I agree, too many people focus on trying to protect their IP and not enough on innovation and follow-through with their product. It's always a matter of time... might as well put a simple layer of protection and not dwell on it. It took me minutes to find a workaround to a protection system that costs thousands of dollars.... you just need to make sure your customers like the product and keep coming back for more.

Mehdi Gholam 14-Aug-12 22:08pm

Eloquently said!

enhzflep · Accepted Answer · 2012-08-12T08:35:00

Solution 2

The protector I'd be using would be IARP64 Pro.

It was written by a seasoned old cracker and author of dozens of reverse-engineering tutes - Lena151. About 4 years ago a free copy was offered to anybody that could crack it - I'm not aware of a single copy being given away to date!
This was offered in a community that regularly creates Adobe activation keygens and defeats pretty much any other publisher's protection one cares to name.

You can check it out here: Softpedia - IARP64 Pro[^]

But most important of all - far more important than which protector you choose - DON'T ROLL YOUR OWN! This will be cracked in under a week by somebody that wants in. Leave it to a free or paid version of a product that is created by someone that makes a living from it.

The one I linked to uses the experience gained when unravelling the schemes used by many, many publishers. Obfuscation, compression, a virtual machine, etc, etc. It really is a 'nasty' piece of work if you'd like to break in.

Posted 12-Aug-12 8:35am

enhzflep

Comments

jkirkerx 12-Aug-12 15:31pm

Will something like that work on a asp.net dll that I compiled?

I have a DLL, that I want to be able to do a couple of things to, 1 is to be able to change 2 constants, after it's compiled, so each customer has a unique constant value, and the dll is different for every customer.

enhzflep 12-Aug-12 21:12pm

Hmmm. I expect that this one wouldn't work. I've done a quick search and not seen anything that's caught my eye. I guess it may be possible, I'm not familiar enough with .NET to say. I do know that .NET stuff is among the easiest to reverse-engineer often. Strong signature removal tools are commonplace, .NET reflector used to allow in-place editing of the exe - either in MSIL or whatever it's called (equiv to PCODE in VB) or in C# or vb.net - I've seen the tool used to MsgBox the calulated serial number, rather than compare the value the user entered. A modification that makes the program tell you the serial for a given username/email/machine ID combo. I suspect it would be easier to protect if it could be made into an exe. But again, I'm not familiar enough with .NET. :)

Member 9324753 12-Aug-12 17:59pm

Thanks,your answer is very helpul, but can you explain to me more please, why did you choose this particular protector?

enhzflep 12-Aug-12 21:17pm

You're welcome. I would choose this protector because I've followed about 20 of her tutes and spent some time reading the programming forums where she used to hang out. Themida, Armadillo, SecuRom, Adobe, and many other vendors whose names I've since forgotten had their protection schemes cracked for sport. (sure beats fishing!)

Yet as mentioned, even in such a community with huge boasting rights I'm not aware of anybody having snagged a free copy. Though to be fair, it's probably been 4 years since I was up to date with protection/anti-protection schemes.
:)

Member 9324753 13-Aug-12 8:21am

May be because it is an 64-bit-only protector, and there is not yet a 64 bit debugger,yes/no ? that's what I found after few researchs about it. what do you think?

enhzflep 13-Aug-12 15:28pm

Not quite certain which post yours is in response to, please forgive me if I've misunderstood.
There certainly are 64 bit debuggers - you can debug 64 bit projects using Visual Studio. You can decompile - (I.e .exe --> .c not just disassemble - .exe -> .asm) them using IDA Pro Advanced, you can also choose to debug them them instead of dissasemble/decompile

(one of) The killer things about IARP is that it uses extensive anti-debugging tricks - things that cause the program to quit when it detects a debugger running in the system. These tricks are hand-written, instead of relying on API functions - this means they can't be found by checking the imports section.

It also uses what are known as stolen bytes and a virtual machine. Parts of functions are 'removed' and placed in an entirely different part of the executable, complete with 'wiring-up' code to redirect program execution to and from these moved sections. It also implements it's own virtual machine - it's own set of instructions that achieve the same as native win32/64 code.

It's the sort of thing that makes manually counting the grains of sand in a bucket look like fun!

Member 9324753 13-Aug-12 17:04pm

@enhzflep
I'm sorry for confusing you,and yes I was discussing your post. Again thank you, you helped me a lot, really :)
If you have more tutoriels about larp64 pro, could you give me the link

enhzflep 13-Aug-12 17:20pm

It's no problem, really. :)
Everything I've learnt about LARP, I've learned through reading forum posts. I also mentioned the author as having authored a couple of dozen tutes - You can find those tutes here:
http://tuts4you.com/download.php?list.17 (1-40 of 40)
[EDIT: The tutes don't deal with LARP]

You can search for posts by Lena151 to get more info on LARP.

Not sure if you need to sign-up to download. However, they're quite possibly of no real use to you - though they can provide some insight into the sorts of processes going on 'behind the scenes' - it can also be an eye-opening experience to anybody tempted to 'roll-their-own' - These guys will crack the thing before breakfast, since Sudoku and cross-words are so boring and easy.

You'll find a stunning wealth of knowledge on that board, with some very talented coders. They'll likely have the answer to every question you could think to ask regarding copy-protection schemes.

Member 9324753 14-Aug-12 7:04am

How can I buy LARP64 Pro, I didn't found a valid link.