21
R1100
95d

How do u validate the license key of your offline application ?
(In a way that a cracker would have less chance to find the serial like this )

Comments
  • 7
    L.a.t. you have x, a string. Now pick a y string, such that (k ° y) = x, where k is the key you provide the user, and ° is a series of non reflective binary operations.
  • 2
    Aren't these thing pushed to the stack ?
    I mean the assembly code would tell you the logic .
  • 4
    @lunorian i said nonreflective binary
  • 9
    In the end, a cracker can just patch the binary and replace the 'is this piece of software active' check.
  • 5
    @sbiewald yes and no. You can add anti tampering checks that would prevent this. However at the end everything is patchable. OP is either looking for obfuscation (hide the key using different techniques, for example by splitting it into pieces that are encrypted stored somewhere.). Another approach is to do a server sided verification.
  • 4
    There no way to make it inpenetrable. One way or another it will be patched eventually if the software is popular enough.
  • 6
    You could take the customer's name, the product name, maybe the product major version (if upgrades shall cost money), and some constant salt string.

    Then run SHA-256 over that, and take the first N bytes as key. Won't stop determined crackers, but nothing will.

    The author of Shredder Chess once said in an interview that of course crackers will crack the copy protection of his engine (which seems to be protected by something simple like this), but anything more elaborated would only piss off his paying custormers while still not protecting against crackers.
  • 9
    It's fun to allow cheaters to think they've won only to have their crappy attempt at bypassing authentication trigger checks later on, thereby wasting their time. This also makes cracking take significantly longer, so all but the most determined will give up.

    Source: I'm an evil game dev who relishes in torturing cheaters. I recommend looking at Spyro's copy protection for inspiration; they did a great job.

    That said, I must agree with @sbiewald, @Kyu96, and @irene. When someone has access to the binary and the ability to patch its code, all security measures are ultimately at their mercy. But their time and frustration in beating those measures is at your mercy. Make them work for it, make them respect it, and make them suffer in order to break it. Just make sure there are no unintended consequences for paying users!
  • 2
    @Root Spyro the age of dragon had hilarious protection which just accumulated glitches over time making game impossible to play
  • 2
    @irene Yep! It also didn't start right away. 🙂 @Root approved.
  • 1
    @Root I was amazed as well when I watched a video about that.
  • 3
    Im a retard, its non-inverse, not non-reflective, was thinking of set theory lol
  • 1
    @ganjaman You got the point across regardless 😋
  • 2
    @Root chllenge accepted
  • 2
    @R1100 😊

    I'm expecting great things from you!
  • 2
    @R1100 here's a challenge.

    y = 420691337
    x = 529290830
    ° = lxor, ocaml specification
    k = ?

    Also for @lunorian , see how it cant be reversed
  • 1
    @ganjaman
    Is OCaml's `lxor` just normal `xor` or is it special in a way?
  • 2
    @sbiewald normal, just wanted to be specific if anyone wants to look at implementation or something (that nobody will)
  • 4
    @Kyu96
    "Server side verification"
    Nope, people cracked games with that by writing custom steam apis .dlls for that. If it is on your computer you can crack it. It just depends how much effort it takes.
    Obfuscation? Protection of the protection? (Denuvo?) In most cases it slows down the app, create crashes and still hackers are able to crack it... No defence is perfect, it is just the battle of efforts. Small app with good protection? High chance that it wont be cracked. A huge AAA game or a very popular tool? No fucking chance of protecting that.
  • 2
    @ganjaman XOR is reversible. AxB = C and CxA = B, CxB = A
  • 1
    first of all, add some anti debugger code
  • 1
    @sbiewald thats not inverse, i didnt say the hash IS a xor, xor is just an example for a non-invertible function
  • 2
    @BinaryByter useless :)
    Je -> jne
  • 1
    @R1100 What? When you write anti debugger code, you write code that requires the prefetch queue to,be active to do what you want, since gpus clear the prefetch queue
  • 0
    @BinaryByter it's working belive it or not (the last app i cracked used this)
    Your not gonna run the application but you gonna go step by step and deactivate the anti debbuger part
  • 1
    @R1100 most people dont expect anti debugging tricks, so if you hide them well, they will impede you a lot
Your Job Suck?
Get a Better Job
Add Comment