Page 4 of 7 FirstFirst 1234567 LastLast
Results 46 to 60 of 103

Thread: Is it really that tough? ;)

  1. #46
    : Code Injector : nikolatesla20's Avatar
    Join Date
    Apr 2002
    Location
    :ether:
    Posts
    815

    DAMNIT

    damnit ryan, right now your ocx is useless. I can't create a project in VB with the demo code-lock.

    The Initialize never returns true, even when I use your own demo files. I'm using vb5. Are there special requirement for this or what ?????!?? (like vb6)

    Also, having a registered ocx is not good on your system - for example, I installed Slice It demo, and then installed Code-Lock demo, and both ocx's apparently registered because now I get weird error messages

    LOL see this message came up when I clicked the "register" button lol

    [IMG]//webpages.charter.net/nikolatesla20/duh.jpg[/IMG]

    tee hee

    -nt20
    Last edited by nikolatesla20; July 19th, 2002 at 00:47.

  2. #47
    Ryan
    Guest

    Re: DAMNIT

    Originally posted by nikolatesla20
    damnit ryan, right now your ocx is useless. I can't create a project in VB with the demo code-lock.

    The Initialize never returns true, even when I use your own demo files. I'm using vb5. Are there special requirement for this or what ?????!?? (like vb6)

    -nt20
    Calm down.

    The ocx will not be active if it is run during design time. This is because there are a few traps set and will be "dangerous". So, I deactivate it when it is in design time. Compile the project and you will get Initialize to return TRUE, else, it will be EMPTY. It's all said in the help file. :P

    If you compile the "full version", it won't run until it has been converted to a data file and then recreated by code-lock itself. That will create the "full version" meant for your computer.

    If you compile the demo, it will run then moment it is compile.

    Regards and many thanks
    Ryan
    Feel free to ask me any questions.

    Unlike what one of the crackers think, I am not so cheap that I don't want to employ someone to test out my protection. The reason why I don't want to pay is because I wouldn't know if the one I paid can find the weak areas of my protection or crack it. And I am not ashamed to say that no one had purchased or use Code-Lock yet, pushing me to convert my own freeware to become a demoware (which I hate). If Code-Lock had been paid by programmers, I wouldn't mind sharing the money with anyone who can crack it.

    Append:
    damn. you are altering your message while I was replying to yours. heehee.

    Ya, I thought of that bug after I release Slice-n-Save using Code-Lock. Maybe I should release a full version to the public but include something else to active Code-Lock when the user is registered.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  3. #48
    : Code Injector : nikolatesla20's Avatar
    Join Date
    Apr 2002
    Location
    :ether:
    Posts
    815

    k

    Thanks for the reply ryan.

    Actually, I had thought about that design time feature - but I still can't seem to get it to work during run time, I put in a messagebox telling me the result of the INitialize function and it always returns false even during run time (compiled)

    I will look into it more later, maybe it was just a problem cause by having the multiple ocx's like I said before. I have to unregister one of them and then see what happens

    but I do also have a few ideas for "cracking" it too.. I'd give a few hints but I dont want to give anything away yet until I try my ideas.

    -nt20
    Last edited by nikolatesla20; July 19th, 2002 at 01:09.

  4. #49
    : Code Injector : nikolatesla20's Avatar
    Join Date
    Apr 2002
    Location
    :ether:
    Posts
    815

    humf

    I still cant get code-lock to initiallize, with the demos or with my own code. It doesn't seem to like vb5? hmm I have no idea. I made a "full" version, then simply made a dat file for it with the code "12345678", and then just removed one text label and recompiled it as the demo version. Both versions had references to code-lock.ocx component. I have a messagebox the displays the return value of the Initialize() call. The demo version always still returns false.

    I know your slice-n-save program runs fine, but that was vb6 - I just can't get the ocx to initialize yet for some reason at all.
    The instructions are easy to follow, but I swear it just won't work..

    Even if I just try to run the demo.exe that comes with the code-lock example files, it does not run at all, it just exits.

    I also unregistered the code-lock.ocx that came with slice-n-save so the computer doesn't get confused



    -nt20
    Last edited by nikolatesla20; July 19th, 2002 at 05:23.

  5. #50
    Ryan
    Guest

    Re: humf

    Originally posted by nikolatesla20
    I still cant get code-lock to initiallize, with the demos or with my own code. It doesn't seem to like vb5? hmm I have no idea. I made a "full" version, then simply made a dat file for it with the code "12345678", and then just removed one text label and recompiled it as the demo version. Both versions had references to code-lock.ocx component. I have a messagebox the displays the return value of the Initialize() call. The demo version always still returns false.

    I know your slice-n-save program runs fine, but that was vb6 - I just can't get the ocx to initialize yet for some reason at all.
    The instructions are easy to follow, but I swear it just won't work..

    Even if I just try to run the demo.exe that comes with the code-lock example files, it does not run at all, it just exits.

    I also unregistered the code-lock.ocx that came with slice-n-save so the computer doesn't get confused



    -nt20
    >The demo version always still returns false.

    Hi,
    do you mean that the full version you did return TRUE while the demo version returns FALSE? I don't think the problem is that it is vb5 because the ocx itself is vb6.

    One thing... did you at any point of time run smartcheck on the program? I am not supposed to tell you this... but if you did, the initialize will always fail. :P

    Regards and many thanks
    Ryan
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  6. #51
    : Code Injector : nikolatesla20's Avatar
    Join Date
    Apr 2002
    Location
    :ether:
    Posts
    815

    details :)

    No, the full version I made also returns false - actually I'm not sure because you really cant "run" the full version once protected? I thought you had to use the demo version and then enter your code to get the watermark and then you could really use the full version.

    Nope - I am not doing any type of debugging at all right now. I don't have SI running at all, I dont have smartcheck or anything like that. Of course the best way to *defeat* a protection is to gain as much knowledge about how it works as you can, so I thought I would USE code-lock and get familiar with it. But for some reason it doesn't like me Slice-n-save runs fine , that's why I wondered if it was a vb5 problem or something like that.

    I am going to load vb6 at work today and try again and see what happens.

    I'm not very knowlegeable with vb cracking yet, for example, reading vb resources and the like, but I know about ocx's and com pretty well so I do have some ideas I'd like to try, but I wish I could get an app to work first

    -nt20

  7. #52
    Ryan
    Guest

    Re: details :)

    No, the full version I made also returns false - actually I'm not sure because you really cant "run" the full version once protected? I thought you had to use the demo version and then enter your code to get the watermark and then you could really use the full version.

    Yup, you are right. The full version will run if you use the demo version to create it from the .dat file. BTW, there is a demo.exe in the sample.zip file... It should run without any problems...


    Nope - I am not doing any type of debugging at all right now. I don't have SI running at all, I dont have smartcheck or anything like that. Of course the best way to *defeat* a protection is to gain as much knowledge about how it works as you can, so I thought I would USE code-lock and get familiar with it. But for some reason it doesn't like me Slice-n-save runs fine , that's why I wondered if it was a vb5 problem or something like that.

    The version of code-lock from the site is a bit older than what I use in slice-n-save. But that shouldn't stop you from using it in your own project. Besides, it is a demo version, should run without any problems at all.


    I'm not very knowlegeable with vb cracking yet, for example, reading vb resources and the like, but I know about ocx's and com pretty well so I do have some ideas I'd like to try, but I wish I could get an app to work first


    Good luck.

    Regards
    Ryan
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  8. #53
    sandworm
    Guest
    ahhhh Dear Ryan you raised me a good laugh!!!
    but ok the fucking froggy will give you some hints:

    1/

    still wondering why you haven't sold any code-lock??
    you seem to be a clever guy, Imagine your a shareware
    programmer wanting a good protection for free what do you do ?

    You download the demo of code-lock and after you download a software
    protected with a registered codelock ocx and thank you Ryan u've got
    a code-lock for free!!!!

    One solution could be to fuse the ocx with the exe with fusion but you
    can only do it on your own productions, seem that u'll have to cripple
    the data file creator or advertise more on the fact that registered users will
    have a personnalised codelock!!


    2/ well if I understand well you compress the full_version exe with zlib
    and after encrypt it, then if the user register, the ocx decrypt and decompress
    the full exe. This full exe is itself protected by the ocx againts other use
    of it on another pcs

    ok well done for the first part, didn't even try to decrypt the exe I'm just a newbie
    but I'm sorry to say that U're protection is almost totally useless to protect the full
    version exe:

    Well I cracked your full_version demo program in less than 5 minutes. How ?
    I haven't even bothered debugging you ocx, I simply wrote my own codelock ocx, responding what your app whant to hear.... it is so easy...Excepted for the the getstring (moreover when like me u haven't downloaded the full ocx ;-) ) but be sensible, I'm pretty sure no one among your future customers will use it because it's painfull and when a guy spend 200$ for a protector he wants a turn key solution. And moreover even if he is willing to add some code he will use the simplier auth method well simplier for the crackers too...

    As a conclusion The getstring is your only rempart against my method so manage to automate
    the process for your customers to really use it (sadly however it me refrain newbies but will be piece of cake for more experienced crackers and you beautiful work is sadly compromised, don't waste more time on useless anti-debugging tricks!!!)

    Ok, I've teased you a little, hope you won't get angry, because I respect your work. Good luck and good work you seem to be smart u'll certainly find other tricks. And be careful not giving your codelock for free if you want to sell it !!!

    ps: Will I receive a reward for this analysis ;-)
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  9. #54
    Athlon
    Guest
    lol sucks for you ryan you go sandworm
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  10. #55
    Ryan
    Guest

    not exactly right...

    still wondering why you haven't sold any code-lock??
    you seem to be a clever guy, Imagine your a shareware
    programmer wanting a good protection for free what do you do ?

    You download the demo of code-lock and after you download a software protected with a registered codelock ocx and thank you Ryan u've got a code-lock for free!!!!


    You are wrong there... I presume that you have not seen the full version of Code-Lock? There are some inputs that need to be fed into Code-Lock for it to work as full version. Also, do you think a self-respecting, easy to trace company would dare to use a unpaid version of Code-Lock and distribute its own sharewares?



    One solution could be to fuse the ocx with the exe with fusion but you can only do it on your own productions, seem that u'll have to cripple the data file creator or advertise more on the fact that registered users will
    have a personnalised codelock!!

    They do get their persionalised version. Just that I don't declare it loudly to the public.



    2/ well if I understand well you compress the full_version exe with zlib and after encrypt it, then if the user register, the ocx decrypt and decompress the full exe. This full exe is itself protected by the ocx againts other use of it on another pcs

    ok well done for the first part, didn't even try to decrypt the exe I'm just a newbie but I'm sorry to say that U're protection is almost totally useless to protect the full
    version exe

    Well analysed. Yes, this is the basic function of Code-Lock.


    Well I cracked your full_version demo program in less than 5 minutes. How? I haven't even bothered debugging you ocx, I simply wrote my own codelock ocx, responding what your app whant to hear.... it is so easy...Excepted for the the getstring (moreover when like me u haven't downloaded the full ocx ;-) ) but be sensible, I'm pretty sure no one among your future customers will use it because it's painfull and when a guy spend 200$ for a protector he wants a turn key solution. And moreover even if he is willing to add some code he will use the simplier auth method well simplier for the crackers too...

    Well, not quite right. I have already thought of this loop hole which is why I introduced the getstring function. Well, if someone is willing to pay $200 I am sure he will use every single function there is. And will pain-stakingly do it. My own app (Slice-n-Save) is FULL of such functions.


    As a conclusion The getstring is your only rempart against my method so manage to automate the process for your customers to really use it (sadly however it me refrain newbies but will be piece of cake for more experienced crackers and you beautiful work is sadly compromised, don't waste more time on useless anti-debugging tricks!!!)

    It won't be a piece of cake because, they won't know which string is which for what and getstring can be used in hidden functions not seen on the controls at all.
    I didn't put much anti-debugging tricks in Code-Lock. If you are talking about SoftIce detection, it is due to telock and not my code. I have only a few anti-tricks which I would say is quite interesting.



    Ok, I've teased you a little, hope you won't get angry, because I respect your work. Good luck and good work you seem to be smart u'll certainly find other tricks. And be careful not giving your codelock for free if you want to sell it !!!

    ps: Will I receive a reward for this analysis ;-)

    I am not angry at all. I am very flattered someone actually thinks through the whole protection and can come up with a method rather than just watching by the side like Athlon giving useless comments.

    But your analysis is based on the fact that you have already got a full version of the program which means that you have already paid of it and is intending to warez it out to the public. If you don't have the full version of the program you intend to release, you will never be able to figure out the getstring functions.

    Keep up the good work. If you are a newbie, you will go far. I personally don't think you are a newbie.

    As for reward, I am quite reluctant to do so because you only pointed out the loophole that I already know. But how can I point it out to you that I know of it before you tell me without telling you the loophole itself? ;P Well, since you are my first "decent" theoretical cracker, I promise you a US$30 payment the minute I get my first Code-Lock customer other than myself. heh. Now, go figure a way for me to pay you when the time comes without me knowing who you are.

    Best regards,
    Ryan
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  11. #56
    sandworm
    Guest
    Was just some little jokes to tease you,

    1/ I don't want any money

    2/ Effectively I haven't seen you full version ocx just
    some assumptions of my part to tease you. But don't trust
    too much in your customers, the world is full of surprises and of
    bad intentionned people.

    3/ I unterstood you implemented the gettsring because of my method and it was pretty well done.

    The reason why I said no one will use it is what I've seen with asprotect:

    Alexey have implemented such ways of improving asprotect and it was much much painless than your method, the curstomers just had to add labels to the source code and the app would have been harder to unpack. And finally among the customers who used it ? nearly No one, people just push the protect button and don't take care of the options. that's what happen in the real world. So, automate the process so the customers will have nothing to do!!!

    Finally you'r wrong thinking that your getstring will do the trick against the building of a new ocx. once I have the full version running u're dead "if it's run it can be defeated" : sooner or later u'll have to decrypt a string and here is how it will be defeated.

    1/find in the exe a routine decrypting a string, the assembler equivalent of secure.getstring(i) that the only difficulty because visual basic is weird to trace and I don't want to waste my time on this but I'm sure it's far to be impossible.

    Once done u're dead, the cracker will tamper this part right in memory like blackcheck first did with redirected api of safedisc

    here the traduction in vb of what the cracker will do:

    for i=1 to big_number

    array(i)=secure.getstring(i)

    next i

    after the last string decrypting there will be a page fault the cracker will land back in debugger and will dump the memory zone containing the array to a file

    Now he have a well structured file with all the strings decrypted
    and he can emulate your getstring function very easely

    Don't dream it's nearly impossible to protect a running program against piracy especially in vb not because you're a bad programmer but because vb is an high level langage and wasn't conceived to take control of what happen at a lower level where the battle take place

    To finish you said :

    But your analysis is based on the fact that you have already got a full version of the program which means that you have already paid of it and is intending to warez it out to the public. If you don't have the full version of the program you intend to release, you will never be able to figure out the getstring functions.

    It's clear but if a bad intentionned guy manage by illegal(false credit card number) or legal way to have the full version of your program he will crack your prot and spread the full version on the net.

    There no avantages between your codelock and the old way of doing: sending the full version with a serial to the customer once paid. You claim that your code-lock can avoid the spreading of a single version to other computers but if the full version is cracked it's wrong and your protection is useless or if not doesn't deserve to be paid 200$ because your competitors are more secure and moreover with them the customer can try a fully functionnal trial.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  12. #57
    sandworm
    Guest
    just forgot one thing

    i've not seen how exactly the getstring is implemented so just making assumptions but i think you add a section with them at the end a the file. So, I hope that you add them encrypted if not it's even easier
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  13. #58
    : Code Injector : nikolatesla20's Avatar
    Join Date
    Apr 2002
    Location
    :ether:
    Posts
    815

    good one.

    Actually sandworm, this is the approach I was taking. I was creating a Code-Lock.ocx emulator. I wrote my own ocx which responds with the appropriate answers

    However, yes, the problem will be GetString. GetString, according to the documentation, takes in an integer and returns a string. What I wanted to do was create a layer in between the app and code-lock. I have successfully done this on the demo program when I compiile it (I can capture all communication between the program and code-lock), BUT it would be more difficult to do on an already compiled program. COM likes to use GUIDS everywhere. No big deal, you can compile your new emulator to be binary compatible, so the interface stays the same. BUT now you need to somehow still create the old code-lock ocx within your new ocx. Since you haven't changed the GUID you are screwed. I tried a few things, I went into regedit and changed the CLSID GUID manually, etc, but then code-lock's Class Factory fails. Really I don't know why it should but it does.

    See if you created a successful layer on a precompiled app you could just capture the communication and make a table with the strings so you could emulate it. Right now the rules of COM are what stand in your way - BUT I still have a couple other ideas to try - perhaps use late binding to create code-lock object, this way you can create by name, not hardcoded GUID. The system looks up the guid in the registry. I haven't tested that yet tho.

    the ideas behind this protection are good - for example , not having functions at ALL in the demo. That is the correct way to do it. And the full version is encrypted and compressed so there is no way to crack it first off unless you can decrypt it (which, by the way, could be done - look at safedisc).

    I think the real answer is that if this protection were used on large commercial valuable programs, it would be defeated quickly because there would be a want to defeat it. Right now it's kinda just practice ?

    Ultimately OCX is a dll, and everyone knows "DLL protections are dead !"
    -nt20
    Last edited by nikolatesla20; July 25th, 2002 at 14:58.

  14. #59
    Ryan
    Guest

    Re: good one.

    I applaud both nikolatesla20 and Sandworm... I am impressed with you guys or gals.

    And yes, the strings for GetString is encrypted.

    And yes, I have been thinking of automating the getstring function. However, I have to admit that I have limited skills in this area and I have limited time to test it out. Programming is my second job after my hard day's of work.

    I am very very happy that my little Code-Lock is getting attention from the two of you. If it was to be cracked, I would be happy that it was by either one of you.

    Most people will go straight to unpacking it and patch the hell out of it. But little do they know that the moment they unpack it, they land straight into my little trap and will never get a function Code-Lock. :P

    Best regards and thanks
    Ryan

    Tonight, I will be able to sleep with a smile on my face.
    I promise that I have read the FAQ and tried to use the Search to answer my question.

  15. #60
    sandworm
    Guest
    first to nikolatesla20:

    whaouh well done man you're far better than I, I'm not enough skilled in programming in general and in ocx in particular to follow you on this path!!
    But with your approach there's still a weak point: you will have to test all forms all option all buttons etc to find all the strings and with a big app you can miss some strings. for sharewares however it is a very good solution, will be very happy to see the result of your researchs keep us informed!!

    Ultimately OCX is a dll, and everyone knows "DLL protections are dead !"

    I completely agree!!!!!

    to Ryan:

    that's too much honour for a little newbie like me and in fact I havn't done a lot , my self code ocx just consist of several subs with only one or two lines of codes in each. The only problem is for getstring but as I said once a piece of code decrypting a line is found in memory it's finished. Don't want to test that because first I don't have a registered codelock ocx and secondly I am not sure to have the skills to find it I explain why :

    Here is your big error Ryan you thinked most people will unpack then patch your ocx but you are wrong nobody will even try. Why ? because it's vb6 and it's very very hard to trace a vb prog because you allways shift between msvb dlls kernel.dll user32.dll and the main exe which is a succession of call to vb dlls.

    On the contrary making a new ocx is dead simple and all crackers immediatly see it. You thinked it was a pure accident if me and nikolatesla20 both followed the same way ? And I think that's a reason why more experienced crackers don't even take care, they have seen that your prot rezide in an ocx and already knew how it could be bypassed.

    Now if you absolutly want your last function getstring to be cracked and if nikolatesla20 fail with his approach I advice you to try to contact acid burn the specialist in vb cracking and he will quickly achieve your dying code-lock by explaining how to find theses famous locations or perhaps with another home made good trick

    Finally for the decryption of the full version all you need is a sha specialist try to ask to mike in his forum if he is willing to try to defeat your encryption
    I promise that I have read the FAQ and tried to use the Search to answer my question.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •