Sunday, July 5, 2009

Cracking & How to Defend It? Part I


First of all we will discuss what is cracking? and then i will suggest some methods to defend cracking.

Suppose you make a tool or software after late night coding for few months. You sell that software for 55$ to earn money of your hard work but a cracker get that trial version and crack it and start distributing it. It will be very depressive. To get reward of your hard work you should defend cracking.

Lets see what methods commonly a cracker apply to crack an application.

APIs of An application:-
Often an attacker will try to study the APIs that are called by an application in order to see how it work and subsequently bypass the protection. Mostly commonly available tool will allow an attackers to do this.

Breakpoint:-
Normally an attacker will use a debugger to setup a breakpoint in an application. A breakpoint allows an attacker to spot execution of an application when a certain even occurs and study what the application is doing at that point.

Dumpers:-
Many attackers have access to tools that allow them to dump a running application from memory to disk. If a successful the attackers will be able to reconstruct the original application with this technique.
Most of the current software protectors use very weak techniques against memory dumpers such as destroying the exe header at runtime.

Memory Modification:-
in some situations an attacker will not try to reconstruct the original code of a protected application . Instead he will change some of the data or code in he memory to change the behavior of an application. This common scenario is often found in computer games where an attacker will modify the behavior of the game to get extra features.

Monitoring Tools:-
Many crackers use file or registry monitors to see which file or registry keys are accessed by an application, that could give him clues about how to cheat the trial period of an application.

Debugger s:-
Now in these days mostly cracks use debuggers to crack an application.

Defend Cracking:-
  • To defend cracking try to use very powerful protectors and encryption softwares to protect applications. They will make the code complicated and difficult for the crackers like adding garbage data in the application so that attackers will have to study many fake instruction instead of the original one, use memory blockers, code replace etc! To download those packers and Encryptors see my post "Download EXE packers"
  • Use Demo version for giving trial to the users, with very limited features.
  • If your use serials or keys for registering your software then program your application in such a way that it will check the serial number or key from a specific website, to avoid the user to use fake and black listed keys.
If you are interested in cracking visit ap0x.jezgra.net