Hex Protection

SiMi · January 27, 2003, 05:40 PM

Does anyone have Hex Protection for Vb...So when the user hexes your bot with a hex editor , they wont be able to overwrite your current settings...If you dont have a comment to help me , then please dont post it

Noodlez · January 27, 2003, 06:00 PM

The simple way to do it would be to caluculate the MD5 checksum of the original exe, and have it checked upon execution of the bot. If it's changed, it's been hexed.

Mesiah / haiseM · January 27, 2003, 06:15 PM

There are plenty of ways around that as shown in them program hacking site thingies, im willing to guess you dont know anything about that, anyways. The best way would be to find a site like www.gamehacking.com and use a compresser and/or encrypter. I'd look for an unpopular one, because them fiendish hex editors have gotten around the encryption methods used by the big boys.

Noodlez · January 27, 2003, 06:36 PM

Maybe you shouldnt do a simple "If" then? And if you intend on using a packer or compressor, write your own.

Mesiah / haiseM · January 27, 2003, 08:26 PM

Maybe you shouldn't assume that he knows anything about calculating executable checksums then? I was just providing an alternative if he doesn't.

Noodlez · January 27, 2003, 10:05 PM

QuoteMaybe you shouldn't assume that he knows anything about calculating executable checksums then?

then he'll ask for more help

Mesiah / haiseM · January 28, 2003, 10:25 AM

Maybe.

RhiNo · January 28, 2003, 04:36 PM

QuoteIt would be kinda pointless but you could do Form_Load() and then do all that stuff like form1.Caption = "Project Name" and all that stuff.

that wont stop a half way decent hexer ^^

iago · January 29, 2003, 05:36 AM

Form1.caption = chr(&h40) & chr(&h41) & ...

would be slightly more secure

or have a string:
dim Str = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
and do form1.caption = mid(Str, 5, 1) & mid(Str, 20, 1) & mid(Str, 2, 1) & mid(Str, 10, 1).. etc

That makes it fairly difficult to find what's going on, then put a couple dummy strings so they *think* they've found the right spot, but really they're just changing "form1.tag" or something

RhiNo · January 29, 2003, 06:03 AM

thats not a bad idea right there :-P

iago · January 29, 2003, 08:27 AM

(Thanks to www.try2hack.nl for the idea ;-))

n00blar · January 29, 2003, 08:37 AM

The problem with using Checksums is the fact that there resides a simple cmp and (C or U) jmp which can easily be patched in a few seconds.

Banana fanna fo fanna · January 29, 2003, 10:28 AM

Not if your executable is encrypted based on the checksum

Mesiah / haiseM · January 29, 2003, 07:00 PM

yeah unless you use your own encryption, cause just about every popular encryption has public decryption methods everywhere...

Noodlez · January 29, 2003, 09:14 PM

Heres another way to prevent strings from showing up in hex/string refrences (idea stolen from Raihan

)

Code Select

Dim x1 as long
x1= 779581303
Dim x5 as long
x5= 1685024622
Dim x9 as long
x9= 779773292
Dim x13 as long
x13= 6779503
xz = MakeDWORD(x1) & MakeDWORD(x5) & MakeDWORD(x9) & MakeDWORD(x13)
MsgBox xz 'will be www.noodlez.org

It looks hard, but not if you write a program to do it for you (like I did)

Hex Protection

SiMi

RhiNo

RhiNo

n00blar