| down vote | You can't. There are steps you can take to make it alittlemore difficult but ultimately any executable on the local machineis crackable. Eventually that code has to be converted into native machine code and every application that is runnable is vulnerable. What you want to do is just make it difficult enough to crack to make it not worth peoples trouble. Some suggestions I have for you to help protect your app:
Ultimately though, if people want your application cracked they will. Look at all the commercial software out there that has a vastamount of resources to protect their applications and yet they are cracked before the applications are even released to the public. A skilled reverse engineer can fire upIDA-Proand slice throughyour application like butter no matter what you do. A packed application can be unpacked and obfuscation only prevents it from makingit a walk in the park. All your hard work with your complex license code can be undone with a single byte patch. You just need to accept that there is a very real chance people are going to pirate your software. There are some people whoarenevergoing to pay for your application no matter what and these are the people you don't need to worry about. There are however, many businesses out there who would never risk a lawsuit and happily buy software licenses and many computer userswho either don't want to risk it, find it wrong or are not tech savvy enough to pirate. These are your true customers and you shouldfocus your efforts on providing them with a good user experience and ignore the people cracking your software. I've had my application pirated before and I took it as a personal affront. Here I was, a small-time developer, pouring my heart andsoul into an application and these people had the gall to pirate from me?! They were taking money directly from my pocket! I immediately added in a bunch of draconian DRM code and attempted to sabotage any person using an illegitimate or cracked copy. Ishould of been working on making my application better instead of trying to stop the inevitable. Not only that, but I was hurtingmytruecustomers will all these extra protections I was putting in. After a long battle I realized I was fighting the tides and all this time wasted was for naught. I took out all the phone-home codeexcept for the barebones license functions and never looked back. |
Below is the disassembled code. PLease help me to defuse the binary bomb phase_4 so the right input should be 6 numbers with a certain pattern 08048cdb <phase_4>: 8048cdb: 53 push %ebx 8048cdc: 83 ec 38 sub $0x38,%esp 8048cdf: 8d 44 24 18 lea 0x18(%esp),%eax 8048ce3: 89 44 24 04 mov %eax,0x4(%esp) 8048ce7: 8b 44 24 40 mov 0x40(%esp),%eax 8048ceb: 89 04 24 mov %eax,(%esp) 8048cee: e8 11 07 00 00 call 8049404 <read_six_numbers> 8048cf3: 83 7c 24 18 00 cmpl...
Below is the disassembled code. PLease help me to defuse the binary bomb phase_7 08048e88 <phase_7>: 8048e88: 83 ec 2c sub $0x2c,%esp 8048e8b: 8d 44 24 18 lea 0x18(%esp),%eax 8048e8f: 89 44 24 0c mov %eax,0xc(%esp) 8048e93: 8d 44 24 1c lea 0x1c(%esp),%eax 8048e97: 89 44 24 08 mov %eax,0x8(%esp) 8048e9b: c7 44 24 04 61 a6 04 movl $0x804a661,0x4(%esp) 8048ea2: 08 8048ea3: 8b 44 24 30 mov 0x30(%esp),%eax 8048ea7: 89 04 24 mov %eax,(%esp) 8048eaa: e8 c1 f9 ff...
I need help finding the input that wont result in explode_bomb in this assembly 08048cd3 <phase_4>: 8048cd3: 57 push %edi 8048cd4: 56 push %esi 8048cd5: 53 push %ebx 8048cd6: 83 ec 10 sub $0x10,%esp 8048cd9: 8b 74 24 20 mov 0x20(%esp),%esi 8048cdd: 89 34 24 mov %esi,(%esp) 8048ce0: e8 f6 03 00 00 call 80490db <string_length> 8048ce5: 83 c0 01 add $0x1,%eax 8048ce8: 89 04 24 mov %eax,(%esp) 8048ceb: e8 10 fb ff ff call 8048800 <malloc@plt> 8048cf0: 89 c7...
When using objdump to disassemble the binary, how to find what the address of a specific function is? For example, 08048934 <function2>: 8048934: 55 push ebp 8048935: 89 e5 mov ebp,esp 8048937: 53 push ebx 8048938: 83 ec 04 sub esp,0x4 804893b: e8 1f 00 00 00 call 804895f <__x86.get_pc_thunk.ax> 8048940: 05 c0 06 09 00 add eax,0x906c0 8048945: 83 ec 0c sub esp,0xc 8048948: 8d 90 70 31 fd ff lea edx,[eax-0x2ce90] 804894e: 52 push edx 804894f: 89 c3...
A function, fun_a, has the following overall structure: int fun_a(unsigned x) I int val 0 while retura Th e Gcc Ccompiler generates the following assembly code: %ebp+8 novi movl test1 x at 8 (%ebp), %eax 80, %eax %edx, %eax 2 L.7 5 .L10 %eax, %edx し10 xor1 %eax shr1 Shift right by1 ne 9.L7 10 andl $1, %eax Reverse engineer the operation of this code and then do the following: A. Use the assembly-code version to fill in the missing...
Risk management in Information Security today Everyday information security professionals are bombarded with marketing messages around risk and threat management, fostering an environment in which objectives seem clear: manage risk, manage threat, stop attacks, identify attackers. These objectives aren't wrong, but they are fundamentally misleading.In this session we'll examine the state of the information security industry in order to understand how the current climate fails to address the true needs of the business. We'll use those lessons as a foundation...