[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [exelist] Any Secure EXE Protection?

To: <exelist@yahoogroups.com>
Subject: Re: [exelist] Any Secure EXE Protection?
From: "example" <example@...>
Date: Sun, 12 May 2002 21:39:03 +0300
References: <abj5si+jlaf@...>

There exist really secure methods. But that is another story.
Encryption is almost synonym to security.

The protection scheme that you will choose depends from the way you
will handle your software distribution policy.

For example if you want to control the number
of stations where your software is running
you need some kind of hardware or software dongle (crypkey for example
latest version tries to be immune to patches but it is overpriced).
Encrypted software with hardware dongles is almost
uncrackable if the cracker does not have the key.

Software protected only with the dongle api is fairly easy
to be cracked even for a novice cracker.

Serial or key file protection  schemes even complete secure encryption
algorithms on
unencrypted executables suffers from good guy/bad guy patches
even if there is crc or hash function checkings because most of
these implementations i have seen suffers for the same problem themselves.

Now even the encrypted programs can be cracked.
This because in order to run they must be in unencrypted form.
So if there was a way to move the unencrypted program
from memory to disk then it can be reconstructed in order run.

All secure methods are based one encryption.

The PE packer IS a PE encyptor. These tools are executable
encryptors PE Header obfuscators and in most cases adds antidebugging
code into the executable for just one click. In order
to help you understand some differences on commercial
PE encryptors i will mention two good and widely used
products from the same author. These are aspack and asprotect.
The main difference between them is that the later is the first but
provides also and some means to the developer to control some
features of his software for example expiration, demo mode etc.

The main reason that are so many PE packers is to face
the creation of ready made unpacking tools.
For an experienced cracker -reverser  just the use of a PE encryptor
have no chance.

----- Original Message -----
From: "gshawn2" <gshawn2@...>
To: <exelist@yahoogroups.com>
Sent: Saturday, May 11, 2002 4:21 PM
Subject: [exelist] Any Secure EXE Protection?


>
> Hello, I just found out about this mailing list and I have to say I
> am excited to participate in it. There is so much to learn in this
> area!
>
> I am currently developing an application for Windows... I am trying
> to implement a decent protection so that my software will not be
> hacked easily. I realize that there is no truly safe protection
> scheme, however I'd like your input on the following two questions:
>
> 1) what does a PE-encryptor do, that is different from what a PE-
> packer does? is it usually considered better protection to first
> wrap the PE with an encryptor, and then with a packer?
>
> 2) which PE-encryptor/PE-packer is considered to offer the best
> protection against hackers/crackers today? It seems there are so
> many and it is difficult to evaluate the strengths and weaknesses of
> each one of them!
>
> Thanks for your help
>
> G S
>
>
>
>
>
>
> Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
>
>

Follow-Ups:
- Nice Aspack unpacker
  - From: Nisses Insane <nisses@...>
- Nice Aspack unpacker
  - From: Nisses Insane <nisses@...>

References:
- Any Secure EXE Protection?
  - From: "gshawn2" <gshawn2@...>

Prev by Date: Any Secure EXE Protection?
Next by Date: Nice Aspack unpacker
Previous by thread: Any Secure EXE Protection?
Next by thread: Nice Aspack unpacker
Index(es):
- Date
- Thread