Reverse Engineering RET Homepage RET Members Reverse Engineering Projects Reverse Engineering Papers Reversing Challenges Reverser Tools RET Re-Search Engine Reverse Engineering Forum Reverse Engineering Links

Go Back   Reverse Engineering Team Board > Reverse Engineering Board > .NET Reverse Engineering
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Thread Tools Display Modes
Old 10-05-2009, 03:32 PM
bball0002 bball0002 is offline
Senior Member
Join Date: Mar 2009
Posts: 72

Originally Posted by comp1mp View Post
Thanks Kao!

That powerpoint was very interesting.

I am still confused about one thing.

Generally speaking, is it true that once a specific copy protection has been defeated, all future software using that protection is easily a zero day release?

Do some systems require expensive effort for every assembly protected, regardless if other assemblies with the same protection have been defeated?

If anyone else has any thoughts to add - I am all ears .
Not necessarily. Any time a new protection is defeated, it is usually done so by a cracking team. Most if not all of the time, the cracking team will re-protect the software, to keep the developers code safe and to not make the protection useless.

For example, a cracker named MegaX cracked {SmartAssembly} 4.0. When he released it, he re-protected it with {SmartAssembly} AND Xenocode. So in reality the cracked version of {SmartAssembly} is actually more protected then the real version.

For your last question, if a cracker knows how to defeat a protection, it is generally the same for each application. Once the cracker can do it once, he can create a program to greatly speed up the process, for example he/she may create a program to decrypt the strings in the app, then another program to unobfuscate the control flow, etc.

But, since the only release of the cracked {SmartAssembly 4.0} has come from one person (publicly), I think it is safe to say that your average reverser will have much trouble cracking your app if you use this protection.
Reply With Quote
Old 10-05-2009, 05:31 PM
FarJump FarJump is offline
Join Date: Jun 2009
Posts: 14

In most cases, if you protect your soft with professional obfuscation and code flow/string obfuscation your intellectual property should be protected by ~85%. It is hard to reconstruct the original code flow and impossible to get original class/method names back. Of course this would not stop hacker to crack your software. But it can't be wrong to combine protection and licensing. There are also tools which directly combines strong protection+licensing. At least you would win time to sell your soft.

Generally speaking, is it true that once a specific copy protection has been defeated, all future software using that protection is easily a zero day release?
I would say it depends on the protection tool. There are tools which always produces different assemblies. Obfuscation+Flow obfuscation based on coincidence. Or random string encryption keys...
Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2023, Jelsoft Enterprises Ltd.