CRC checking executable's running code

Kp · September 17, 2005, 04:25 PM

Quote from: tA-Kane on September 16, 2005, 11:25 PMA CRC check is also quite a bit simpler than inline function encryption/decryption, in my opinion. If you know of a rather simple (and free) method of doing such with varying start and end encrypted regions and varying degrees of encryption levels (eg, whether using different keys, different length keys, or even different algorithms for different regions) and still maintains a decent runtime speed to the end-user on very old machines, then please be my guest and point me in the right direction. Searching google for this kind of information would take a lot of time and effort in the best case, especially since I doubt what I specifically want already exists and is free.

Skywing wrote quite a bit of code along this line several years ago. If you can find him and get his OK for it, I can make it available to you. He may want to keep some/all of it secret though, since at least parts of it ended up in BinaryChat's anti-leak design.

rabbit · September 17, 2005, 05:05 PM

Quote from: Kp on September 17, 2005, 04:25 PMIf you can find him

HAHAHAHAHAHAHA!! Yeah, right

UserLoser. · September 17, 2005, 05:27 PM

Quote from: Kp on September 17, 2005, 04:25 PM
Quote from: tA-Kane on September 16, 2005, 11:25 PMA CRC check is also quite a bit simpler than inline function encryption/decryption, in my opinion. If you know of a rather simple (and free) method of doing such with varying start and end encrypted regions and varying degrees of encryption levels (eg, whether using different keys, different length keys, or even different algorithms for different regions) and still maintains a decent runtime speed to the end-user on very old machines, then please be my guest and point me in the right direction. Searching google for this kind of information would take a lot of time and effort in the best case, especially since I doubt what I specifically want already exists and is free.

Skywing wrote quite a bit of code along this line several years ago. If you can find him and get his OK for it, I can make it available to you. He may want to keep some/all of it secret though, since at least parts of it ended up in BinaryChat's anti-leak design.

Which BinaryChat? Because I know some people who cracked some old binary ZeroBot and BinaryChat 2.00

TheMinistered · September 20, 2005, 12:08 PM

An older version of binary chat was defeated by zorm, mainly. I helped a little but wasn't much interested-- if you want a similar version of skywing's protection then i'll post it in a couple days, I just need to find the cd.

tA-Kane · September 20, 2005, 12:18 PM

I'm interested ... but if it's derived from someone else's source code (even, especially, via disassembling a private executable), I don't think I should accept it without authorization from the origional author.

Arta · September 20, 2005, 12:27 PM

What is your goal in these endeavours?

rabbit · September 20, 2005, 08:55 PM

70 /\/\4|<3 1337 |-|4><, |)|_||-|!

tA-Kane · September 21, 2005, 03:21 AM

Quote from: Arta[vL] on September 20, 2005, 12:27 PM
What is your goal in these endeavours?

1) Learn (advanced programming techniques are an interesting read for me)
2) Protect (help protect the program I'm working on against unauthorized use and/or deviations from its intended use)
3) Assist (others could benefit from the knowledge gained here)

Arta · September 21, 2005, 05:22 AM

Well, 1 & 3 are great, but 2 is a waste of time

Nonetheless: I don't see the value in a CRC. Once you've generated it, it'll come down to "if(CRC != what I'm expecting) quit" - which is trivially bypassed. Strong encryption of your code is the only way to go.

tA-Kane · September 21, 2005, 07:39 AM

Why quit? That's so obvious. I was thinking more along the lines of if (CRC != what I'm expecting), introduce specific bugs into the program.

Arta · September 21, 2005, 11:08 AM

Well, ok, but whatever you do won't be very hard to crack, is my point. Strong encryption, on the other hand, could be.

Blaze · September 22, 2005, 05:39 PM

Could you explain a method of Strong Encryption Arta? I can't seem to think of anyway but what you just said sucked (I agree, btw).

rabbit · September 22, 2005, 07:10 PM

CRC code and then UPX? Not sure if it will work, never tried it.

Arta · September 22, 2005, 07:16 PM

Encrypt your exe and decrypt it, or sections of it, at runtime, a la BC. Note that this isn't uncrackable either, but it's harder to break.

UserLoser. · September 22, 2005, 08:23 PM

Quote from: rabbit on September 22, 2005, 07:10 PM
CRC code and then UPX? Not sure if it will work, never tried it.

UPX? What's the point of using public compression when you can just decompress it via "upx.exe -d yourbot.exe"

Quote from: Arta[vL] on September 22, 2005, 07:16 PM
Encrypt your exe and decrypt it, or sections of it, at runtime, a la BC. Note that this isn't uncrackable either, but it's harder to break.

Yeah, but BC is also scrambled at the specific sections and must be descrambled before decrypting which makes it even more complicated. But yeah, a method like this is really good and could take a while to crack

CRC checking executable's running code

UserLoser.

UserLoser.