 |
|
|
u can use getFunctionPointer-getDelagateFroFunctionPointer to obtain function address also u can encrypt your memory address files with DES for example and then customer who paid can receive private key
winx
|
|
|
|
|
|
|
Nice trying, but i don´t think is very save. 
EBI
|
|
|
|
|
|
|
As a "retired" h@cker, I'd say that distributing a map of hidden function is an interesting way of making your program hard to debug for lamers.
Usually disassembling software and cross referencing function entries is enough to find out functions that never get called without licience file or that get called dynamically at run time. there!
Another thing, the base reallocation of your code segment might backfire on certain operating systems, so even with licence file you'r program would miserably crash!
THough, I should say: good try.... keep posting
|
|
|
|
|
 | what ?  |  | Anonymous | 1:39 20 Sep '03 |
|
|
since when did programs run at absolute addresses on PC ? how would this ever work without creating the key everytime you run the program, which defeats the whole object of it.
|
|
|
|
|
|
|
Every program runs in its own clean address space so it is possible that an exe can be loaded in the same address. The thing that worries me is dlls and different versions of windows. With these there is a possibility of the code not being where you would expect.
John
|
|
|
|
|
|
|
John M. Drescher wrote:
there is a possibility of the code not being where you would expect
I'm sure there is a compiler option that allows the developer to set the base address of the application. So would this be much of an issue.
--Colin Mackay--
"In the confrontation between the stream and the rock, the stream always wins - not through strength but perseverance." (H. Jackson Brown)
|
|
|
|
|
|
|
Yes, but there is a possibility that the operating system will ignore the value that you set as a base and load it where it wants. I know it happens with DLLs but not sure if it will do that with applications.
John
|
|
|
|
|
|
|
If your key fille get's corrupted -> GPF land.
If we are talking about difference btw shareware & release in may be one function like "save" hacker can still make a pretty good guess....
Besides, shareware is pretty much dead... When was the last time you donloaded shareware program.
Brian
|
|
|
|
|
|
|
Brian Shifrin wrote:
Besides, shareware is pretty much dead...
That's news to me...and to all my customers!
|
|
|
|
|
|
|
Brian Shifrin wrote:
Besides, shareware is pretty much dead... When was the last time you donloaded shareware program.
When is the last time you downloaded a free trial version of any software before you bought it? Guess what, that's the classic definition of shareware!
-Anatoly
Anatoly Ivasyuk is co-founder of DTLink Software, a company specializing in Internet software and technologies. He is the author of DTLink's Windows products: NeoPhoto, AnswerTool, FAQTool, and Personal Stock Monitor
|
|
|
|
|
|
|
otherwise a cracker just needs to halt the execution when the message pops up and changes the branching being done there.
-- modified at 9:16 Saturday 8th October, 2005
|
|
|
|
|
|
|
pFile=fopen("C:\\pass.txt","r")If you afterwards read something out that could contain any bytes (addresses _can_ contain any bytes), you should open the file in binary mode.
Fix:pFile=fopen("C:\\pass.txt","rb")![Rose | [Rose]](/script/Forums/Images/rose.gif)
|
|
|
|
|
|
|
DWORD dwHidden=0;
fread((void*)&dwHidden,4,4,pFile); So you load 4*4 = 16 bytes from the file and pack it into a buffer which is only 4 bytes long...
|
|
|
|
|
|
|
Basic idea is that we call hidden shareware functions by its address, which we pass to user in key file. In this case, hacker can't crack the program because he cannot determine the necessary address of a protected function.
So, the address is stored in the pass.txt. If the pass.txt isn't encrypted, the hacker can just read that file out and get the addresses. Not that hard...
If the file is encrypted, the hacker has the same problem as always: he has to find out how it is encrypted. This is equivalent to the problem finding a matching serial number...
So nothing really new here...
Or have I missed something?
|
|
|
|
|
|
|
Works in Release mode.
William
Fortes in fide et opere!
|
|
|
|
|
|
|
The one thing a hacker has, is "patient". If he/she wants something badly, it is amazing the amount of time he/she will spend (using sheer brute force, cunning, and some luck) to break a code, or obtain an address.
I once tried to see if I could determine the address of every variable and functions inside an object (be them public, protected, or private), and the toughest thing for me to obtain was the base address of the object itself (which wasn't too very hard). Once I had that information, it was simply a matter of using word boundaries to determine the (possible) offset of the next class member.
OK, so it took me a little while to successfully locate the first three member addresses, but it wasn't that difficult. It simply took persistency (lots of it), some smart guesses and a little mathematics.
After successfully obtaining the third member address, I felt I had sufficiently succeeded with what I wanted to prove "was achievable", and called it "quits".
It also helps if you know how an object is constructed.
No, I'm not a hacker. But I'd like to think I know sufficiently about their methods to catch them at their own game.
William
Fortes in fide et opere!
|
|
|
|
|
General 
News 
Suggestion 
Bug 
Answer 
Joke 
Rant 
Admin