Home » Developing U++ » UppHub » Protect packages - split code encryption,client and server
|
|
Re: Protect packages - split code encryption,client and server [message #40441 is a reply to message #40222] |
Thu, 01 August 2013 16:25 |
|
Alboni
Messages: 214 Registered: January 2012 Location: Deventer, Netherlands
|
Experienced Member |
|
|
Yeah, I did this:
bool PROTECT_WRITE_ACCESS(byte *start, size_t size, bool access)
{
dword oldProt;
bool res = VirtualProtect(start, size, access ? PAGE_EXECUTE_READWRITE : PAGE_EXECUTE_READ, &oldProt);
if (!res)
{
Exclamation(::Format("VirtualProtect fail %d (size=%d, access=%d)",(int)GetLastError(), (int)size, (int)access));
}
return res;
}
but no popup appeared.
The testapp I sent you with the "return" modification applied did run btw. But my big app failed silently on my collegues computer, (works on mine) the non encrypted version works on both.
|
|
|
|
|
|
|
Re: Protect packages - split code encryption,client and server [message #40479 is a reply to message #40222] |
Wed, 07 August 2013 03:31 |
|
Alboni
Messages: 214 Registered: January 2012 Location: Deventer, Netherlands
|
Experienced Member |
|
|
I inspected the lines that were altered.
a-b+c sometimes gets interpreted as (a-b)+c and sometimes as a-(b+c) wich yelds a different result.
So I tried using ( ) on this line: (274)
PROTECT_OBFUSCATE(__startPtr, __endPtr - __startPtr + 2, __keyPtr, 16); \
The version below doesn't crash on my pc, but I don't know if this is what was intended.
PROTECT_OBFUSCATE(__startPtr, __endPtr - (__startPtr + 2), __keyPtr, 16); \
If I do the same on Encrypt it does crash, so that suggest not.
In any case is it helpful to use ( ) to not let the compiler decide.
|
|
|
|
|
Re: Protect packages - split code encryption,client and server [message #40482 is a reply to message #40222] |
Wed, 07 August 2013 13:01 |
|
Alboni
Messages: 214 Registered: January 2012 Location: Deventer, Netherlands
|
Experienced Member |
|
|
(I have not recompiled EncryptDecrypt during the tests, I assumed this was not necessary. Let me know if I thought wrong)
encrypt and obfuscate now both run fine on my computer.
Obfuscate gives a compiler warning:
warning C4102: '__end' : unreferenced label
It still doesn't work on my collgues's pc.
I changed protectEncrypt so that it doesn't alter the executable filetime.
[Updated on: Wed, 07 August 2013 13:02] Report message to a moderator
|
|
|
|
|
|
Re: Protect packages - split code encryption,client and server [message #40488 is a reply to message #40487] |
Wed, 07 August 2013 23:18 |
mdelfede
Messages: 1308 Registered: September 2007
|
Ultimate Contributor |
|
|
So, we can try this, but it mus be done on your friend's machine.
1) Remove PROTECT_START_FUNC and END_FUNC macros from your protected function and replace them with the code in Protect.h (remove the backslashes, of course), so you can step inside macros with debugger.
2) Build the app, but do NOT run the ProtectEncrypt on it. Step up to protected function beginning, note the code range of the function, dump it on a file. Name it as UNENCRYPTED.BIN. The difficult part is to find the end of he cunction inside binary code, but you can search for PROTECT_END_MARKER byte sequence.
3) Run ProtectEncrypt on app, then do the same as before. Beware to stop BEFORE the call to Decrypt function.
Store the code area inside ENCRYPTED.BIN file. Take care it has the SAME length as former one.
4) Without exiting debugger, step OVER the decrypt function call, and re-save the binary code inside DECRYPTED.BIN file.
As before, the file should have same length as 2 former files.
5) You can send me the 3 binary files, if you trust. Otherwise, compare the UNENCRYPTED.BIN file with the DECRYPTED.BIN file. They should be identical, besides the marker (PROTECT_START_MARKER and PROTECT_END_MARKER which gets overwritten by ProtectEncrypt.
If there are other differences besides markers, try to locate them.... if they're near end marker, the decrypt routine is missing some parts.
You could also check if ProtectEncrypt do its job on the whole code between both markers, by comparing UNENCRYPTED and ENCRYPDET files. That could give some hints too.
[Updated on: Wed, 07 August 2013 23:23] Report message to a moderator
|
|
|
|
|
|
|
|
Goto Forum:
Current Time: Fri Sep 20 07:32:55 CEST 2024
Total time taken to generate the page: 0.03205 seconds
|