Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account



Photo

EXECryptor software protection

- - - - -

  • Please log in to reply
31 replies to this topic

#1
Jean5

Jean5
  • Member
  • 1 posts
  • Joined 07-April 06
Hi all

I'm looking forward to purchase ExeCryptor (www.strongbit.com) to protect my shareware. But before I'd like to know independent opinions/experience if any.

My question is: Anybody uses execryptor? Can you tell me smth about? Are there some problems? Is it cost-effective?

Thank you in advance for any reply

Jean


How to remove advertisement from MSFN

#2
LLXX

LLXX

    MSFN Junkie

  • Banned
  • PipPipPipPipPipPipPipPipPip
  • 3,399 posts
  • Joined 04-December 05
Easily unpacked :P just like Armadillo and Asprotect.

But it'll be enough to scare away the n00b crackers :lol:

IMHO all software protections do not really "protect"... they just serve as challenges for the crackers and reversers :D

"What man creates, man can destroy"

Also, if your users are very pleased with your software, you need not encourage them to pay... they will do it automatically :thumbup

#3
HyperHacker

HyperHacker

    Just plain nuts

  • Member
  • PipPipPip
  • 473 posts
  • Joined 01-May 05

IMHO all software protections do not really "protect"... they just serve as challenges for the crackers and reversers :D

For that matter, if a given "protection" software is particularly popular, they'll probably be able to crack it that much easier simply because they've done it a few times.
[insert something funny here]

#4
BillyColl

BillyColl
  • Member
  • 3 posts
  • Joined 03-July 06
However ExeCryptor unlike Armadillo and others remains unckracked 2 years. It uses a sort of obfuscation called 'Code Morphing' that is conceptually different form other packers.

The main cores are:
A program is obfuscated on machine code level (not on just the source code)
The original source of a protected by execryptor program is never restored in its original statement even when an app runs.

Really its analysis is NP-hard problem for crackers and remains still open question for them

#5
RogueSpear

RogueSpear

    OS: SimplyMEPIS

  • MSFN Sponsor
  • 1,529 posts
  • Joined 18-September 04
My organization purchased software using this protection. The short story is that we promptly returned the software. The long story is that the computer that the software was installed on died shortly after installing the software. Ok, good excuse to get a new computer and upgrade. Installing it the second time was a real pain in the a**. It ended with a tech support call that was aggravating to say the least. So we returned the software and took our $7,000 elsewhere. In fact we ended up saving $5,500 and got better software with no silly protection.

After that fiasco, I'm generally consulted on software purchases now and I always give a thumbs down on anything with protection like this. So you may prevent a certain amount of piracy, but you may also be turning away a certain number of potential customers. I suppose it depends on what market your software is aimed at. I think certain markets have a larger propensity for unauthorized usage than others.

#6
LLXX

LLXX

    MSFN Junkie

  • Banned
  • PipPipPipPipPipPipPipPipPip
  • 3,399 posts
  • Joined 04-December 05

However ExeCryptor unlike Armadillo and others remains unckracked 2 years. It uses a sort of obfuscation called 'Code Morphing' that is conceptually different form other packers.

The main cores are:
A program is obfuscated on machine code level (not on just the source code)
The original source of a protected by execryptor program is never restored in its original statement even when an app runs.

Really its analysis is NP-hard problem for crackers and remains still open question for them

ExeCryptor is not "remains uncracked", because it doesn't need to be cracked. It's only an obfuscator and packer, and it doesn't matter whether or not the original program code can be restored, as long as it works.

#7
Emulator ®

Emulator ®
  • Member
  • 2 posts
  • Joined 20-July 06
You can try to use upx with "--strip-loadconf" option + Yoda Protector, is more difficulty unpack this!

#8
LLXX

LLXX

    MSFN Junkie

  • Banned
  • PipPipPipPipPipPipPipPipPip
  • 3,399 posts
  • Joined 04-December 05

You can try to use upx with "--strip-loadconf" option + Yoda Protector, is more difficulty unpack this!

You must've never tried to unpack that combination before, because Execryptor is MUCH more difficult than both of those combined. UPX unpacking takes at most a few seconds, y0da cryptor maybe a minute. Execryptor... 10 minutes to an hour to "unprotect"

Edited by LLXX, 22 July 2006 - 04:10 PM.


#9
Scubar

Scubar

    - Local Smartass -

  • Member
  • PipPipPipPipPip
  • 829 posts
  • Joined 20-May 05
Bottom line is that all forms of exe protecting type programs can be got around, Its pointless why companies do it , if it can be done it can be undone, its that simple.

#10
fly

fly

    Member

  • Member
  • PipPip
  • 177 posts
  • Joined 21-December 04
Can someone explain to me what this software does and what it protects exactly?

#11
LLXX

LLXX

    MSFN Junkie

  • Banned
  • PipPipPipPipPipPipPipPipPip
  • 3,399 posts
  • Joined 04-December 05

Can someone explain to me what this software does and what it protects exactly?

It's *supposed* to make software harder to crack.

#12
ripdajacker

ripdajacker

    Software developer

  • Member
  • 30 posts
  • Joined 15-March 05
You could also make a shareware version with less functionality compiled into it, so by letting the users by it, they get the full version. In that way they can't crack it, since it quite hard to add functionality to binary code.

#13
#rootworm

#rootworm

    Member

  • Member
  • PipPip
  • 206 posts
  • Joined 16-July 06
yup, limited functionality is the way to go. some companies make the mistake of allowing a registration code to "unlock" the limited version, but this will always be easy to crack. true limited functionality is a good measure.

making software "call home" to check a registration number can be very secure as well, but sometimes it isn't feasible to require your customers to have internet access. and of course this method can still be cracked, but at least it's harder than just cracking the check-digit algorithm for the reg code.

a software developer who is -expecting- his software to be cracked can make life hell for the crackers. it's no fun tracing code for hours on end and getting nowhere. instead of having one single protection on your software, it's wise to have many failsafes distributed throughout the code.

a supremely skilled programmer can add checks into his software to see if his code is being debugged. that combined with a check for known debuggers adds to the difficulty for crackers.

but like ripdajacker said, limited functionality is perhaps the best way to go, because some people are just driven to break protections, even if it takes days.
bpx messageboxa

#14
RogueSpear

RogueSpear

    OS: SimplyMEPIS

  • MSFN Sponsor
  • 1,529 posts
  • Joined 18-September 04

a software developer who is -expecting- his software to be cracked can make life hell for the crackers. it's no fun tracing code for hours on end and getting nowhere. instead of having one single protection on your software, it's wise to have many failsafes distributed throughout the code.

a supremely skilled programmer can add checks into his software to see if his code is being debugged. that combined with a check for known debuggers adds to the difficulty for crackers.


And before too long you've almost doubled the size of your code, possibly introduced multiple bugs, slowed the whole thing down, etc. I've managed to find open source and / or free software for just about anything out there. For the very few titles that I have found worth purchasing, they all share a couple of common characteristics. They are fairly priced and they don't have any excessively rude or intrusive copy protection.

Dameware NT Utilities is a perfect example of this. It's outstanding software that works better than it's competition which all cost double or triple depending on volume. And their support is outstanding to boot. I think in the end if you make a good product and don't attempt to gouge your customers, you won't have to get Machiavellian with your copy protection.

#15
#rootworm

#rootworm

    Member

  • Member
  • PipPip
  • 206 posts
  • Joined 16-July 06
doubled the size of my code? what an ignorant thing to say. you clearly have no experience in software protections. they are neither large, slow, nor buggy.

with -extensive- protection i would expect my compiled exe to grow by no more than 1% for a standard utility. for a sizable application, the size difference would be inconsequential....we're talking 20-25k max, and that's a lot of code.

it's very easy to have effective software protection that has ZERO impact on usability or performance. In fact, the majority of effective copy protection tricks i know of are done in assembly, which lends itself to fewer bugs and faster execution.

nothing i've talked about is "rude" or "intrusive". In fact, the only type of "intrusive" copy protection i can think of is rootkit based, and i would never recommend such a scheme. Copy protection can only be "rude" to those trying to break it.

It's fine to have an opinion, but classifying all software protection as bloated and buggy is just inaccurate. I have found that programmers who develop effective copy protection tend to be the most talented in the business.
bpx messageboxa

#16
RogueSpear

RogueSpear

    OS: SimplyMEPIS

  • MSFN Sponsor
  • 1,529 posts
  • Joined 18-September 04
You obviously speak as someone with an agenda and your claim that there is even such a thing as "effective" copy protection clearly illustrates your own ignorance. So what is your hidden agenda? A little bit of disclosure would be helpful.

#17
#rootworm

#rootworm

    Member

  • Member
  • PipPip
  • 206 posts
  • Joined 16-July 06
i think sir, you confuse "invulnerable" with "effective".

i would never dream that any effective method is unbreakable. what i myself would call effective is making the cracker's job exceedingly difficult. that is after all about the best one can aim for.

my only agenda is to expose trolls who spout ignorant opinion portrayed as fact.
bpx messageboxa

#18
LLXX

LLXX

    MSFN Junkie

  • Banned
  • PipPipPipPipPipPipPipPipPip
  • 3,399 posts
  • Joined 04-December 05

doubled the size of my code? what an ignorant thing to say. you clearly have no experience in software protections. they are neither large, slow, nor buggy.

with -extensive- protection i would expect my compiled exe to grow by no more than 1% for a standard utility. for a sizable application, the size difference would be inconsequential....we're talking 20-25k max, and that's a lot of code.

For example take Armadillo which is very popular and supposedly "excellent" protection:

1. size

Armadillo 3.70a packed calc.exe with all options enabled (extensive enough?)
Original size 92Kb
"Packed" size: 'dillo stub 393Kb + packed data 64Kb = 457Kb

2. speed

DebugBlocker/CopyMemII + Nanomites + Code Splicing
DebugBlocker adds extra process
CopyMemII utilises pagefaults (incremental unpacking concept)
Nanomites utilises interrupts
Code Splicing = extra jumps = increased execution time

Someone should pack Prime95 with 'dillo maximum protection and compare results with unpacked :lol:

3. buggy?

Some programs will not work correctly after being packed.
Armadillo is usually reliable though.
Some packers are worse, those using ring-0 drivers are the most intrusive.

Can be unpacked in 5 minutes.

Effort spent trying to "protect" software can be better spent making the software itself better. Trying to make it "exceedingly difficult" for the cracker is also going to make it "exceedingly difficult" for the programmer, even more so.

it's very easy to have effective software protection that has ZERO impact on usability or performance

It's very easy, just "protect" a 0-byte file. No impact on usability or performance, because there was none to begin with :o

#19
RogueSpear

RogueSpear

    OS: SimplyMEPIS

  • MSFN Sponsor
  • 1,529 posts
  • Joined 18-September 04

i think sir, you confuse "invulnerable" with "effective".

i would never dream that any effective method is unbreakable. what i myself would call effective is making the cracker's job exceedingly difficult. that is after all about the best one can aim for.

my only agenda is to expose trolls who spout ignorant opinion portrayed as fact.


Well aren't we lucky to a have such a philanthropic soul such as yourself :puke: If you want to sell your ignorant opinions and propaganda, I doubt you'll find many buyers around here. The only reason someone would gush with half truths and lies regarding the merits of copy protection is because they profit from it.

Your argument sounds just about as genuine to me as the one Microsoft tries to make for it's "Benefits of being genuine".

#20
ripdajacker

ripdajacker

    Software developer

  • Member
  • 30 posts
  • Joined 15-March 05
A really effective protection is to implement it in the functionality.

I saw that Godfather the game had some issues when it was cracked. You were unable to get out of a car and so on, but it's only a matter of time before someone breaks the protection, if the software is of good quality, you will sell it without a doubt.

#21
RogueSpear

RogueSpear

    OS: SimplyMEPIS

  • MSFN Sponsor
  • 1,529 posts
  • Joined 18-September 04
Well it seems that rootworm would rather send me insulting PMs rather than make a public post. I just love that type. Defending the indefensible, then hiding in the shadows. He would have done quite well in 1940's Germany.

#22
fly

fly

    Member

  • Member
  • PipPip
  • 177 posts
  • Joined 21-December 04

Well it seems that rootworm would rather send me insulting PMs rather than make a public post. I just love that type. Defending the indefensible, then hiding in the shadows. He would have done quite well in 1940's Germany.

pwnage is best served warm, cold, or nazi-style.

#23
RogueSpear

RogueSpear

    OS: SimplyMEPIS

  • MSFN Sponsor
  • 1,529 posts
  • Joined 18-September 04
The word that came to my mind was pussyage.

#24
BillyColl

BillyColl
  • Member
  • 3 posts
  • Joined 03-July 06

Can someone explain to me what this software does and what it protects exactly?


EXECryptor is a software tool that provide developers with software protection from reverse engineering, analysis and modifications. Its main difference from other protection tools is its code transformation called "Code Morphing". This technology protects the code on the CPU-command level. It is known the x86 processors command system is redundant and allows the execution of the same ‘code’ using various different system commands. It breaks up the protected code into several processor commands or small command snippets and replace them by others, while maintaining the same end result. Thus the protector obfuscates the code not on the source level but on the level of the CPU commands.

The Code Morphing is multilevel technology containing hundreds of unique code transformation patterns. In addition this technology includes the special layer that transforms some commands into Virtual Machine commands (like P-Code). Code Morphing turns binary code into an undecipherable mess that is not similar to normal compiled code, and completely hides execution logic of the protected code.

There is no concept of code decryption with this system Protected code blocks are always in the executable state, and they are executed as a transformed code. The original code is completely lost and code restoration is an NP-hard problem.

The weak point of such scheme is that it significantly increases the size and affects the speed of a program. But protecting an application author usually doesn't need to transform its entire code. It is enough to protect only critical parts of your code, responsible for serial number verification, trial expiration date, and other evaluation restrictions. The rest of application code remains intact and software execution speed remains the same.


Below is a code sample generated by Delphi and a partial (the full listing contains over 500 instructions) listing of the transformed code.

Source code :

writeln('Test OK');

After compilation

mov eax, [$ 004092ec]
mov edx, $00408db4
call @WriteOLString
call @WriteLn
call @_IOTest

After the code transformation (partial):

db 3
add al, $30
xlat
call +$000025b2
jmp +$00000eec
call +$00000941
or al, $4a
scasd
call -$304ffbe9
rol eax, $14
mov edi, [ebx]
jmp +$00001738
mov ebx, eax
shr ebx, $03
push ebx
jmp +$0001b5e
call -$000001eb
jmp +$00003203
jmp +$00005df8
call +$00000910
adc dh, ah
fmul st(7)
adc [eax], al
les eax, [ecx+$0118bfc0]
stosb

http://www.strongbit.com

#25
DRauch

DRauch

    Newbie

  • Member
  • 34 posts
  • Joined 16-August 06
Yoda's Crypter 1.3.

I love it. Used it for 3 years now. It's not uncrackable but has to be manually unpacked and is long and very difficult.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users