• Welcome to Valhalla Legends Archive.
 

Visual Basic Program Protection

Started by MysT_DooM, January 05, 2006, 03:15 PM

Previous topic - Next topic

rabbit

The user can alter hosts to point to their own auth page, so online checking isn't the most effective method ever.
Grif: Yeah, and the people in the red states are mad because the people in the blue states are mean to them and want them to pay money for roads and schools instead of cool things like NASCAR and shotguns.  Also, there's something about ketchup in there.

Tazo

use  the hardware method, check it a different way-perhaps code in all the valid serials into the prog?

Blaze

Okay, reverse engineer it and make a program that generates the code for your hardware.
Quote
Mitosis: Haha, Im great arent I!
hismajesty[yL]: No

Tazo

Now come on, how many people are really going to know how to do that, or yet, do it effectively?  :-\ Thats an effective auth method and has worked for me so far.  ;D If I can find the code (reformat) I will help you out..

MysT_DooM

thx , ill research more into some of ur guys ideas and implement them.

and networks "Give the guy some slack, I highly doubt any leet crackers are THAT interested in his application."

ouch thas low :(   
well maybe some of u know maybe not but i am making a very unique Key Generator...the general decription is on www.BnetWarfare.cjb.net
On the site the current ver is 1.0 but its up to 1.3 now and i added the decode and encode options to it plus User Specified Generating so u can generate as many keys as u like.  I didnt implement any of the algo or similarties into the generating yet, but if u guys want to take a look at the prog so far, pm me.


vb6, something about that combination of numbers and letters is sexy

Networks

Quote from: MysT_DooM on January 06, 2006, 10:20 AM
thx , ill research more into some of ur guys ideas and implement them.

and networks "Give the guy some slack, I highly doubt any leet crackers are THAT interested in his application."

ouch thas low :(   
well maybe some of u know maybe not but i am making a very unique Key Generator...the general decription is on www.BnetWarfare.cjb.net
On the site the current ver is 1.0 but its up to 1.3 now and i added the decode and encode options to it plus User Specified Generating so u can generate as many keys as u like.  I didnt implement any of the algo or similarties into the generating yet, but if u guys want to take a look at the prog so far, pm me.

Yeah....well...wasn't REALLY meant like that but you can tell that if you don't know how to create a better auth protection then a plain text password to your program chances are that your program probably isn't that great as well.

It's probably better to suit your auth protection needs based on your users, that way you don't go through to much trouble for something possibly frivolous. No offense. :D

rabbit

off-topic: Not only is that website horrible, it's flying text shit is annoying as hell.

on-topic: No matter how strong your protection is, all that is required to override it is to change 1 instruction if all you do is an "if(legitimateProgram() == true)" sort of thing.
Grif: Yeah, and the people in the red states are mad because the people in the blue states are mean to them and want them to pay money for roads and schools instead of cool things like NASCAR and shotguns.  Also, there's something about ketchup in there.

MysT_DooM

Rabbit, if you read the second pop up it tells you site was never ment to be fancy or nice looking.....


vb6, something about that combination of numbers and letters is sexy

Tazo

#23
not sure how efficient this is, you dont need all the API of course
the registry code is not mine, got it off pscode  :P




Option Explicit

'----[ API's ]----'
Private Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Private Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, ByVal samDesired As Long, phkResult As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
Private Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
Private Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
Private Declare Function RegEnumKeyEx Lib "advapi32.dll" Alias "RegEnumKeyExA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, lpcbName As Long, ByVal lpReserved As Long, ByVal lpClass As String, lpcbClass As Long, lpftLastWriteTime As Any) As Long
Private Declare Function RegEnumValue Lib "advapi32.dll" Alias "RegEnumValueA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpValueName As String, lpcbValueName As Long, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
Private Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, ByVal lpData As String, lpcbData As Long) As Long
Private Declare Function RegQueryValueExA Lib "advapi32.dll" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, ByRef lpData As Long, lpcbData As Long) As Long
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, ByVal lpData As String, ByVal cbData As Long) As Long
Private Declare Function RegSetValueExA Lib "advapi32.dll" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, ByRef lpData As Long, ByVal cbData As Long) As Long
Private Declare Function RegSetValueExB Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, ByRef lpData As Byte, ByVal cbData As Long) As Long
Private Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long

'----[ Constants ]----'
Private Const ERROR_SUCCESS = 0&
Private Const ERROR_BADDB = 1009&
Private Const ERROR_BADKEY = 1010&
Private Const ERROR_CANTOPEN = 1011&
Private Const ERROR_CANTREAD = 1012&
Private Const ERROR_CANTWRITE = 1013&
Private Const ERROR_OUTOFMEMORY = 14&
Private Const ERROR_INVALID_PARAMETER = 87&
Private Const ERROR_ACCESS_DENIED = 5&
Private Const ERROR_NO_MORE_ITEMS = 259&
Private Const ERROR_MORE_DATA = 234&
Private Const KEY_QUERY_VALUE = &H1&
Private Const KEY_SET_VALUE = &H2&
Private Const KEY_CREATE_SUB_KEY = &H4&
Private Const KEY_ENUMERATE_SUB_KEYS = &H8&
Private Const KEY_NOTIFY = &H10&
Private Const KEY_CREATE_LINK = &H20&
Private Const READ_CONTROL = &H20000
Private Const WRITE_DAC = &H40000
Private Const WRITE_OWNER = &H80000
Private Const SYNCHRONIZE = &H100000
Private Const STANDARD_RIGHTS_REQUIRED = &HF0000
Private Const STANDARD_RIGHTS_READ = READ_CONTROL
Private Const STANDARD_RIGHTS_WRITE = READ_CONTROL
Private Const STANDARD_RIGHTS_EXECUTE = READ_CONTROL
Private Const STANDARD_RIGHTS_ALL = &H1F0000
Private Const KEY_READ = STANDARD_RIGHTS_READ Or KEY_QUERY_VALUE Or KEY_ENUMERATE_SUB_KEYS Or KEY_NOTIFY
Private Const KEY_WRITE = STANDARD_RIGHTS_WRITE Or KEY_SET_VALUE Or KEY_CREATE_SUB_KEY
Private Const KEY_EXECUTE = KEY_READ
Private Const KEY_ALL_ACCESS = ((STANDARD_RIGHTS_ALL Or KEY_QUERY_VALUE Or KEY_SET_VALUE Or KEY_CREATE_SUB_KEY Or KEY_ENUMERATE_SUB_KEYS Or KEY_NOTIFY Or KEY_CREATE_LINK) And (Not SYNCHRONIZE))

'----[ Enums ]----'
Public Enum rcMainKey       'root keys constants
    HKEY_CLASSES_ROOT = &H80000000
    HKEY_CURRENT_USER = &H80000001
    HKEY_LOCAL_MACHINE = &H80000002
    HKEY_USERS = &H80000003
    HKEY_PERFORMANCE_DATA = &H80000004
    HKEY_CURRENT_CONFIG = &H80000005
    HKEY_DYN_DATA = &H80000006
End Enum

Public Enum rcRegType       'data types constants
    REG_NONE = 0
    REG_SZ = 1
    REG_EXPAND_SZ = 2
    REG_BINARY = 3
    REG_DWORD = 4
    REG_DWORD_LITTLE_ENDIAN = 4
    REG_DWORD_BIG_ENDIAN = 5
    REG_LINK = 6
    REG_MULTI_SZ = 7
    REG_RESOURCE_LIST = 8
    REG_FULL_RESOURCE_DESCRIPTOR = 9
    REG_RESOURCE_REQUIREMENTS_LIST = 10
End Enum

'----[ Dim's ]----'
Private hKey             As Long
Private mainKey          As Long
Private sKey             As String
Private lBufferSize      As Long
Private lDataSize        As Long
Private ByteArray()      As Byte
Private createNoExists   As Boolean
Dim blnTime As Boolean

'---------------------'

Public Function ReadString(ByVal sPath As String, ByVal sName As String, _
                           Optional sDefault As String = vbNullChar) As String
   
    Dim sdata As String, lDuz As Long
   
    hKey = GetKeys(sPath, sKey)
   
    'try to open key
    If (RegOpenKeyEx(hKey, sKey, 0, KEY_READ, mainKey) = ERROR_SUCCESS) Then
        sdata = Space(255)     'make buffer
        lDuz = Len(sdata)      'get buffer size (255)
        'try to query data
        If (RegQueryValueEx(mainKey, sName, 0, REG_SZ, sdata, lDuz) = ERROR_SUCCESS) Then
            RegCloseKey mainKey 'close key
            sdata = Trim$(sdata) 'trims string
            ReadString = Left$(sdata, Len(sdata) - 1) 'returning readed value
        Else
            ReadString = sDefault 'return default value (error)
        End If
    Else
        ReadString = sDefault 'return default value (error)
    End If

End Function
Private Function GetKeys(sPath As String, sKey As String) As rcMainKey
Dim pos As Long, mk As String
   
    'replace long with short root constants
    sPath = Replace$(sPath, "HKEY_CURRENT_USER", "HKCU", , , 1)
    sPath = Replace$(sPath, "HKEY_LOCAL_MACHINE", "HKLM", , , 1)
    sPath = Replace$(sPath, "HKEY_CLASSES_ROOT", "HKCR", , , 1)
    sPath = Replace$(sPath, "HKEY_USERS", "HKUS", , , 1)
    sPath = Replace$(sPath, "HKEY_PERFORMANCE_DATA", "HKPD", , , 1)
    sPath = Replace$(sPath, "HKEY_DYN_DATA", "HKDD", , , 1)
    sPath = Replace$(sPath, "HKEY_CURRENT_CONFIG", "HKCC", , , 1)
   
    pos = InStr(1, sPath, "\") 'get pos of first slash

    If (pos = 0) Then 'writting to root
        mk = UCase$(sPath)
        sKey = ""
    Else
        mk = UCase$(Left$(sPath, 4)) 'get hkey
        sKey = Right$(sPath, Len(sPath) - pos) 'get path
    End If
   
    Select Case mk 'return main key handle
        Case "HKCU": GetKeys = HKEY_CURRENT_USER
        Case "HKLM": GetKeys = HKEY_LOCAL_MACHINE
        Case "HKCR": GetKeys = HKEY_CLASSES_ROOT
        Case "HKUS": GetKeys = HKEY_USERS
        Case "HKPD": GetKeys = HKEY_PERFORMANCE_DATA
        Case "HKDD": GetKeys = HKEY_DYN_DATA
        Case "HKCC": GetKeys = HKEY_CURRENT_CONFIG
    End Select
   
End Function

Private Sub cmdCheck_Click()
txtKey.Text = StrToHex(ReadString("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\SYSTEM", "SystemBiosVersion"))
txtKey.Text = txtKey.Text & StrToHex(ReadString("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0", "Identifier"))
txtKey.Text = txtKey.Text & StrToHex(ReadString("HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0", "ProcessorNameString"))
lblCount.Caption = "Length of String: " & Len(txtKey.Text)
End Sub

Public Function StrToHex(ByVal String1 As String) As String
Dim strTemp As String, strReturn As String, i As Long
For i = 1 To Len(String1)
strTemp = Hex(Asc(Mid(String1, i, 1)))
If Len(strTemp) = 1 Then strTemp = "0" & strTemp
strReturn = strReturn & strTemp
Next i
StrToHex = strReturn
End Function

You could either store all the valid key strings in a string array, or use inet to check them on a website, or use winsock to check on a website [by connecting to the server via port 80, sending a GET request, easier than using inet because tis 1 less file your user might not have].

Newby

If you used a hash-based authentication (translate the password into a hash and compare it with the hash so all they see is the hash value when they disassemble it) I bet they'll give up.
- Newby

Quote[17:32:45] * xar sets mode: -oooooooooo algorithm ban chris cipher newby stdio TehUser tnarongi|away vursed warz
[17:32:54] * xar sets mode: +o newby
[17:32:58] <xar> new rule
[17:33:02] <xar> me and newby rule all

Quote<TehUser> Man, I can't get Xorg to work properly.  This sucks.
<torque> you should probably kill yourself
<TehUser> I think I will.  Thanks, torque.

Yegg

Quote from: MysT_DooM on January 06, 2006, 10:15 PM
Rabbit, if you read the second pop up it tells you site was never ment to be fancy or nice looking.....

What he was getting at is that it causes an annoyance.

Blaze

Quote from: Newby on January 07, 2006, 02:42 PM
If you used a hash-based authentication (translate the password into a hash and compare it with the hash so all they see is the hash value when they disassemble it) I bet they'll give up.
Quote from: MyndFyre on January 05, 2006, 05:07 PM
One byte in a hex editor.
Quote
Mitosis: Haha, Im great arent I!
hismajesty[yL]: No

Warrior

Here's a totally new and radical idea: Pack your code.
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

rabbit

I used to do that, but Newby kept screaming at me like "I'LL JUST UNPACK IT!!"  That combined with me not caring that much, I stopped packing.  It was just an extra step in my release process.  Although, for some of my larger programs (the beastly 2meg FoFoBot), doing a upx brought that down to a nice 800kb.
Grif: Yeah, and the people in the red states are mad because the people in the blue states are mean to them and want them to pay money for roads and schools instead of cool things like NASCAR and shotguns.  Also, there's something about ketchup in there.

Warrior

Don't use UPX when one parameter can depack it :p
Quote from: effect on March 09, 2006, 11:52 PM
Islam is a steaming pile of fucking dog shit. Everything about it is flawed, anybody who believes in it is a terrorist, if you disagree with me, then im sorry your wrong.

Quote from: Rule on May 07, 2006, 01:30 PM
Why don't you stop being American and start acting like a decent human?

|