HMGforum.com

Hi All,

I'll distribute a commercial app soon and I want to protect it against reverse engineering/tampering as good as possible.

Some recommendation?

TIA.

obfuscation tool to make the source code (nearly) unreadable for humans? Don't know if deobfuscation tools exist, but can't imagine this really.

Robert

https://searchsoftwarequality.techtarge ... n-security

Roberto Lopez wrote: ↑Thu Sep 05, 2019 2:19 pm I'll distribute a commercial app soon and I want to protect it against reverse engineering/tampering as good as possible.

Some recommendation?

Hello Roberto,

I suggest to use a freeware UPX Graphical utility by Dirk Paehl at https://www.paehl.de/

The Graphical GUI includes internal UPX 3.09 and have UPX scrambler for EXE file protection (but the latest version was dated 17.03.2013)

Take a look for the above old soft at https://drive.google.com/drive/folders/ ... 3NJSjYzbEk

ROBROS wrote: ↑Thu Sep 05, 2019 3:50 pm obfuscation tool to make the source code (nearly) unreadable for humans? Don't know if deobfuscation tools exist, but can't imagine this really.

Robert

https://searchsoftwarequality.techtarge ... n-security

Thanks Robert!

gfilatov wrote: ↑Thu Sep 05, 2019 5:19 pm

Roberto Lopez wrote: ↑Thu Sep 05, 2019 2:19 pm I'll distribute a commercial app soon and I want to protect it against reverse engineering/tampering as good as possible.

Some recommendation?

Hello Roberto,

I suggest to use a freeware UPX Graphical utility by Dirk Paehl at https://www.paehl.de/

The Graphical GUI includes internal UPX 3.09 and have UPX scrambler for EXE file protection (but the latest version was dated 17.03.2013)

Take a look for the above old soft at https://drive.google.com/drive/folders/ ... 3NJSjYzbEk

Many Thanks Grigory!

I'll take a look at it.

Roberto,

Maybe this could helpfull:

Serge

serge_girard wrote: ↑Fri Sep 06, 2019 7:14 am Roberto,

Maybe this could helpfull:

Code: Select all

#pragma TEXTHIDDEN(1)
//  all your code
#pragma TEXTHIDDEN(0) 

Serge

Thanks Serge. I use TEXTHIDDEN extensively to protect strings.

Anyway it does not hide variable names and does not protect the app against reverse engineering.
That is the reason because I was looking for an extra protection.

Thanks again!

Roberto,

"To be honest, I must say that if someone claims that my program is protected in a way that no one can crack it, he is completely wrong. Each program that can be run in an operating system can be cracked by some means"
More info visit:
https://www.cybrary.it/0p3n/advanced-ex ... ree-tools/

Roberto,

Maybe you can compile/create EXE on-the-fly from some core-code that is encrypted somewhere... Would be interesting to develop!

Serge

Hola Roberto:

Debo coincidir con BDP2000 en cuanto a que casi todo programa es crackeable.-
No obstante, yo utilizo un método para mis aplicaciones que hasta ahora me funcionó.-
Creo un exe que opera como un menu general, desde el que disparo cualquiera de los multiples subaplicativos.-
Cada vez que se convoca un subaplicativo genero un *.mem que es leido por el subaplicativo al iniciarse, si no lo encuentra o no coincide no se ejecuta.- Si por lo contrario, lo encuentra, lo elimina se ejecuta y al terminar la ejecucion del aplicativo ejecuta el aplicativo menu general.- Este procedimiento lo hago no tanto por protegerme de hackeos, sino para facilitar las eventuales correcciones en un aplicativo y no sobrecargar la memoria.- A modo de ejemplo un aplicativo que diseñe para adm. de propiedades, lleva un total de 37 exes, por lo que no haber adoptado el criterio me obligaria a buscar cualquier error en miles de linea de codigo.-
Lo que si podés hacer es encriptar las tablas; tambien pueden llegar a ser hackeables, pero al menos que les tome algo de tiempo.-
Espero haber sido de alguna ayuda.-
Eduardo

Hi Roberto:

I must agree with BDP2000 about that all systems are hackeables.-
No mather, i use a method on my app that till now it works fine.-
I develope an exe file that acts like a general menu, from where i trigger multiple sub-app's.-
Each time user trigger sub-app, main app generates a *.mem file that is read by sub-app triggerd, if this app don't find the file, autoabort app.- If *.mem file is found, new app deletes it, and execute sub-app, when finished triggers main app (general menu).- I've use this method to make easy errors corrections and also future upgrades. As an example i've develope a system for building adm which have's 37 exes (this way when the occours an error i don't need to look on thousands of line code.-
You can encrypt table files; although they are hackeables, at least hackers must invest lot of time.-
Hopping these helps you, with regards.
Eduardo