How to protect better
(SECOND PHASE of this new section)

by +Sync, 21 July 1997


Courtesy of Fravia's page of reverse engineering

How to protect better.

Register - The MegaMan Protection By +Sync download register.exe here (11200 bytes) Well, I was wondering why I have not seen a unique protection scheme in quite a while, so I decided to come up with one of my own. I tried to think of a straight ahead name/password scheme except to make the algorithm really tricky. However, since anyone with passing knowledge of assembly can reverse this reasonably quickly, I decided to try to put a 'twist' on it. What I came up with is, I believe, a challenging crack. This is what I would call a 'fairly strong' protection. I did not Hackstop the program or put any anti-debugger code in it, although I suspect that if I were actually trying to protect this software I probably would have. What I developed is, as far as I am aware, the only 'MegaMan' type registration scheme around. I call it 'MegaMan' because the old Nintendo games used to use a similar method for entering codes. My challenge to you is, crack it - but following a few restrictions. While a patch is always valid, and I would like to see how some of you go about patching it, a valid code (or generator) will be the only 100% valid answer. I know that since this program does not use the standard API functions (GetWindowTextA etc.) to retrieve the password it will require some research (possibly) into how windows retrieves the data. I hope this slows some of you down. Realizing that this is a somewhat difficult crack, I offer you 2 hints. 1. The number of 'checks' is not always the same. It CAN vary in length slightly depending on the name entered. 2. THIS IS A HUGE CLUE - I will give you a valid name/number pair, so that you can see how the program reacts when a valid number is entered. The program acts no different, and no message box appears, so you cannot use a break on a window handle. Name: +Sync Code: 0 - H \ 0 - C |- HCU on line 0, pretty interesting. 0 - U / 1 - S 2 - M 3 - Q 4 - I 4 - S 4 - Q 5 - H 6 - L 7 - S 8 - E 9 - S I tried to not make this too tough to reverse engineer. For example, one idea I toyed around with was to have the user enter a separate registration number into each block, rather than just check it. I decided that while this was challenging enough to prevent most crackers from attempting it, it was not a viable protection because your customers would get frustrated too quickly. I invite others to also develop UNIQUE protections and share them with us. Final Note: As soon as a correct answer has been posted to the +HCU discussion, full source to the registration routine will be presented by me. Please make any comments you want (i.e about my lousy windows coding). I'm sure that there is at least one EASY way to crack this, however there are many ways to get lost quickly. Remember, a patch is acceptable, but the real answer is a working code. +Sync
You are deep inside fravia's searchlores org, choose your way out:

homepage links red anonymity +ORC students' essays tools cocktails
antismut CGI-scripts search_forms mailFraVia
Is reverse engineering illegal?