Results 1 to 9 of 9

Thread: A new software protection method (Objantihack)

  1. #1

    A new software protection method (Objantihack)


    1. Design goal


    For preventing a software from being cracked or from being reverse engineered, the author do lot of things on software encrytion. But until now, The software encrypt method is very limited, The common method is packing the software, The limitation is the original code must be restored at runtime, So the cracker can write a memory patch tool to modify the code or dump the entire code, even unpack it completely. For resolving this, We have developed the Obj file encrypt software named ObjAntiHack, It can encrypt a .obj file, You can link the encrypted obj file to your project, The instruction code is distorted completely, and the instruction code is unable to be distinguished, is unable to be analyzed. It has the anti-static analysis ability, and it is impossible to obtain the procedure principle easily via the dynamic analysis. Facing this kind of code, most of crackers will give it up thoroughly.

    http://www.codeproject.com/useritems/objantihack.asp

  2. #2

    Question

    Uhm, after unpacking your post (removing the marketing fuss ) it sounds like "we are once more selling you our famous old stuff as new stuff". I don't see how this changes anything... Code still has to be decrypted to run it.

    P.S.
    Running the real code in stack
    Isn't that exactly what many exploits try to do and MS intends to prevent these days?
    Last edited by laola; November 30th, 2006 at 16:58. Reason: enhanced misspelling ;)
    Double the killers!

  3. #3
    Yep. One of the best "protection" methods available it to completely prevent the software from running at all. Then "no one" can recover the decrypted code. If it does run, it has to be in proper code in there somewhere, at some point in time, even if it's just little pieces at a time. The more complex they make that process, the slower it would have to eventually be running.

    Regards,
    JMI

  4. #4
    reknihT esreveR SiGiNT's Avatar
    Join Date
    Sep 2004
    Location
    Wherever I am
    Posts
    750
    Facing this kind of code, most of crackers will give it up thoroughly
    Sombody doesn't understand the nature of typical reverse engineer - the ones that "can't be done" are the most fun.

    SiGiNT
    Unemployed old fart Geek - Self Employed Annoyance
    Team: Noobisco Crackers
    If someone can't do it for you, you'll never learn!

  5. #5
    King of Redonda
    Join Date
    Jul 2006
    Posts
    109
    Blog Entries
    4
    Well guys, there is a crackme here: http://liutaotao.com/objantihack/samples.zip

    EDIT: Very easy to patch, keygen will be a bit harder. Does anyone know what that readme says?
    Last edited by fr33ke; November 30th, 2006 at 18:31. Reason: Santa stole my socks
    <[TN]FBMachine> i got kicked out of barnes and noble once for moving all the bibles into the fiction section

  6. #6
    reknihT esreveR SiGiNT's Avatar
    Join Date
    Sep 2004
    Location
    Wherever I am
    Posts
    750
    Very easy to patch, keygen will be a bit harder
    Then what's the point?????

    Sigint
    Attached Images Attached Images  
    Unemployed old fart Geek - Self Employed Annoyance
    Team: Noobisco Crackers
    If someone can't do it for you, you'll never learn!

  7. #7
    Quote Originally Posted by laola View Post
    Uhm, after unpacking your post (removing the marketing fuss ) it sounds like "we are once more selling you our famous old stuff as new stuff". I don't see how this changes anything... Code still has to be decrypted to run it.

    P.S.Isn't that exactly what many exploits try to do and MS intends to prevent these days?
    Just to clarify things a bit... I am not the author I just posted it here after seeing it on codeproject because I thought it could be interesting.

    Regards

  8. #8
    reknihT esreveR SiGiNT's Avatar
    Join Date
    Sep 2004
    Location
    Wherever I am
    Posts
    750
    Hopefully the sample file is just a bad example, and my little bit of fun with it really doesn't mean it's a bad approach, patching a message and patching functionality are 2 different things, but if it is only a really hard to crack registration system that ultimately interfaces with running code that can be patched, then it's nothing new, there are plenty of reg. routines out there that are nearly impossible to fish or keygen, but are patchable and at least one that's not - Arma with hardware ID. It'll be interesting to see if anyone buys into this one,

    SiGiNT
    Unemployed old fart Geek - Self Employed Annoyance
    Team: Noobisco Crackers
    If someone can't do it for you, you'll never learn!

  9. #9
    I am a bit surprised that the author of the TRW2000 debugger (recognised the style and name immediately) would come up with this...

    Advanced features: These methods can be used repeatedly!
    Haha... o wow

    Quote Originally Posted by fr33ke
    Does anyone know what that readme says?
    Use distortion converter encryption example

    How many lines in source code CrackMe.cpp has removed, you can write these lines?

    You can write the registration machine?

    CrackMe.exe translation method:
    1. VC6 opens the Crackme.dsw project, the translation
    2. With twists under the converter release table of contents OBJ encryption transformation
    3. The VC6 LIB table of contents direction already the LIB table of contents which encrypts, in VC6 midpoint connection

Similar Threads

  1. Is RSA safe in software protection ? - on XP crypto.api example
    By popierdulka in forum RCE Cryptographics
    Replies: 8
    Last Post: September 19th, 2008, 17:21
  2. Replies: 1
    Last Post: January 21st, 2007, 08:24
  3. Announcement: New software protection
    By ramon in forum Malware Analysis and Unpacking Forum
    Replies: 2
    Last Post: July 13th, 2002, 22:38
  4. new method for softlocx
    By HypnoticZ/TNT in forum Malware Analysis and Unpacking Forum
    Replies: 0
    Last Post: October 6th, 2001, 12:21
  5. Help for a software protection market research
    By keyser in forum Advanced Reversing and Programming
    Replies: 0
    Last Post: March 14th, 2001, 03:17

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •