In this article we will introduce ourselves as a developer of licensed software and consider ways to protect our program from being hacked by pirates.
Introduction
We will look at methods to protect software written in a compiled language from reverse engineering, piracy, and the introduction of third-party malware. The information provided is relevant because one of the goals of any proprietary project is to license and control the distribution of this software. Almost all programs requiring a license are subjected to hacking attempts and many of them have pirated counterparts at this time. In what follows, for simplicity, we will call the cracked program - cracked, and the process of cracking - crack.
In this article, we will introduce ourselves as a developer of licensed software in C ++ and will analyze what protection methods should be used to complicate the process of cracking our program. It should be understood that any program can end up being hacked, and there is no absolute protection, the goal is to make reverse engineering the most difficult and the time required to hack the program is longer than the time between updates to our fictional software.
General information
Software piracy is a major problem for developers. To protect the software from illegal distribution, a license is not enough; it is necessary to protect the program from reverse engineering. There are hundreds of ways to protect a program, but they all also have their own workaround. Suppose we want to write a proprietary program in compiled C ++ for the Windows operating system, we license it and will sell copies. Let's consider how we need to act so that the only way to get our software is to buy its license from the developer.
++ , . : . , . . , , , .
, , , , . , , , , , . (. reverse engineering). ++ , โ . , , - , . .
. , :ยท
()
, (. . , ). โ , .
, , , .
, . โ . , , . .
, . , , , .
. . , - .
, , . DR7 โ debug control register, , . , , DR0 โ DR3. , .
โ windows, . , DbgUiRemoteBreakin(), , , . , - . , . .
โ , , . , , - . , , , , .
โ . windows API , , . , :
IsDebuggerPresent() โ
CheckRemoteDebuggerPresent() โ
NtQueryInformationProcess() โ
RtlQueryProcessHeapInformation() โ
RtlQueryProcessDebugInformation() โ
NtQuerySystemInformation() โ
.
. - -, , . . . โ , , , . , , .
. . โ . , , , , . . , - . , . .
, .
. , , . . VMProtect Themida. : . . , . , โ , .
In this article, we looked at how to protect software from pirates. The use of all these protection methods has greatly increased the time and resources required to crack our program. There is no absolute protection method; any protection can be bypassed. In this case, the main goal of our protection is to make sure that it takes more time to crack the program than to release an update. In this case, the program can be considered well protected.