PDA

View Full Version : www.hexalock.com


IcyDee
November 22nd, 2001, 05:42
Does anyone know of any titles protected by this 'new' copy protection system?

It will be interesting to see if it stands up for more than a day or so once it is released

Reading between the lines it appears to be an API approach. The developers of the program include copy protection code in their code. I can't see this being any more secure than a wrapper, indeed it will probably be less secure.

IcyDee

DakienDX
November 23rd, 2001, 10:27
Hello IcyDee !

I don't know any titles, never heard of the protection.

A wrapper should be more secure, since nobody can patch any code in it (most time ).

But someone can easily make a program which will remove the wrapper from any program, at least with the same version.

Using the API method can be done in two ways. A bad one and a (nearly) good one.

Calling an external DLL can be easily defeated by replacing the DLL with an own DLL which emulates all the calls.

The better method is the 'object' method, where the copy-protection is linked with the main program. You can't write a replacement, since there is no external DLL. You can't 'unwrap' it, since there's no wrapper.

You need to know which functions belong to the copy-protection, so you can patch them in the main program. This must be done for every program protected, if you don't write a generic function finder/replacer which can be used on all protected files with the same version.

IcyDee
November 23rd, 2001, 12:16
The strength of a particular program probably depends upon how it is attacked. Certainly if a generic wrapper is used then it is possible to create a generic unwrapper which makes cracking new titles very easy. If the protection is 'compiled in' to the original program then a generic crack is more difficult, however...

I think the number of things that an API can do are limited. There can't easily be very much encryption of the code, the copy protection code will be easily spotted by IDA since it will (nearly) always look the same. I would guess that this would make manual removal of the copy protection very easy. Take SafeDisc for example. In Version 2 they include an API as well as the wrapper. If you look at how these titles have been cracked the removal of the API code is only a minor inconvenience dismissed in a few lines of description in the tutorials.

IcyDee.

GoldStar611
June 20th, 2007, 00:16
If interested I can make an image of a CD I have protected with this company. In the autorun.inf, Start_Here.exe, by hexalock called HCPS Loader, is loaded and this must be the main stub of the program. I'm guessing it just redirect's several calls to itself to prevent copy/paste of the files and so forth. The cd I have is from a friend and the material is for an academy.

Sorry to bring up dead post..google blows.