Edited by Alexander, 15 December 2010 - 09:18 PM.
(removed spam link sig)
Register and join over 40,000 other developers!
Recent Topics
-
The Game You Are Waiting For?
WendellHarper - Dec 06 2020 01:21 PM
-
Quora and Reddit Backlinks
WendellHarper - Dec 06 2020 01:14 PM
-
Delete account
pindo - Jul 23 2020 01:33 AM
-
Print specific values from dictionary with a specific key name
Siten0308 - Jun 20 2019 01:43 PM
-
Learn algorithms and programming concepts
johnnylo - Apr 23 2019 07:49 AM
Recent Blog Entries
Recent Status Updates
Popular Tags
- networking
- Managed C++
- stream
- console
- database
- authentication
- Visual Basic 4 / 5 / 6
- session
- Connection
- asp.net
- import
- syntax
- hardware
- html5
- array
- mysql
- java
- php
- c++
- string
- C#
- html
- loop
- timer
- jquery
- ajax
- javascript
- programming
- android
- css
- assembly
- c
- form
- vb.net
- xml
- linked list
- login
- encryption
- pseudocode
- calculator
- sql
- python
- setup
- help
- game
- combobox
- binary
- hello world
- grid
- innerHTML

Reverse Engineering Protection
Started by mohd, Dec 15 2010 08:50 PM
10 replies to this topic
#1
Posted 15 December 2010 - 08:50 PM
I'm new to this, but I'm wondering if anyone knows a good way to help protect programs from reverse engineering and decompilation. I've seen some software but not all of it looks that good and if it somehow works the exe is no longer working or just too slow to do anything, or freezes the computer completely. Thanks in advance!
#2
Posted 17 December 2010 - 07:52 PM
Ultimately, the functionality of a program can almost ALWAYS be reverse-engineered. It may take a while for some items, but the code is simply there. In addition, a decompiler just works. You program is ultimately in a readable form, even though most people don't know machine language. You would probably do better to put your energy into adding features, not obfuscating your compiled code.
Programming is a branch of mathematics.
My CodeCall Blog | My Personal Blog
My MineCraft server site: http://banishedwings.enjin.com/
#3
Posted 27 December 2010 - 12:33 AM
If you use .net reflector or a java decompiler you can get the source code if you're disassembling an exe that doesn't run off of some sort of VM you'll get assemblyI have heard only reverse engineering about the .net. We use .net reflector.
If you want to see a higher level view of assembly there's something called Hexrays that's a plugin for IDA that will give you C(I believe) code.
@OP:
I've heard of chunks of assembly you can add that would crash common disassemblers like Olly, or IDA. But like what WingedPanther said there's always going to be a way that your code can be reverse engineered. There's also other solutions that can help deter reverse engineering attempts like Themida or packers.
#4
Posted 04 March 2011 - 11:28 AM
It's similar to the problem with trying to prevent digital movies and songs from being copied. The media is simply there, and it has to be executed/played at some point. If you have some IP or trade secrets in your code that you don't want to be discovered, consider a hosted service in which your customers download some client software which interfaces with your servers. That way, your sensitive algorithms can be protected by keeping them and executing them on your machines while providing just the I/O for those algorithms to your customers.
#5
Posted 07 March 2011 - 04:00 PM
There's no use in trying to prevent reverse engineering, by any digital protection system. Although some indie games have managed to get people from illegally downloading the game and instead buying it, using marketing and whatnot. Since torrents are the main source for illegal products, Wolfire games actually got some more buyers by simply releasing their indie bundle in a torrent format, supposedly that worked.
#6
Posted 07 March 2011 - 04:59 PM
It's similar to the problem with trying to prevent digital movies and songs from being copied. The media is simply there, and it has to be executed/played at some point. If you have some IP or trade secrets in your code that you don't want to be discovered, consider a hosted service in which your customers download some client software which interfaces with your servers. That way, your sensitive algorithms can be protected by keeping them and executing them on your machines while providing just the I/O for those algorithms to your customers.
Using a real-world example: some form of digital rights management. Some game companies are requiring that you register your game online and STAY online while playing it.
It's rather ironic because I can see how adding this type of drm can influence the usage of illegal torrents.
I agree with everyone, reverse engineering your software can take time, but it can be done.
You could try to make your software really cheap and easily accessible ( via d/l instead of buying in-store ).
I like the idea Steam or Direct2Drive has setup. You can simply pop your credit card # in and buy/download/play a game almost instantly. And they'll usually have good/decent sales on games, so it's really worth buying over pirating.
In any case, think of the preventative measures you'll take against pirating/cracking your software.
#7
Posted 08 March 2011 - 01:09 AM
Steam games are being reverse-engineered all the time. Making you stay online does not prevent the reverse engineers from doing what they do, I can imagine it encouraging them more, as only the best can do it, so you can easily get recognition if you can do it.
#8
Posted 10 March 2011 - 06:00 PM
Steam games are being reverse-engineered all the time. Making you stay online does not prevent the reverse engineers from doing what they do, I can imagine it encouraging them more, as only the best can do it, so you can easily get recognition if you can do it.
The point was that Steam has some ridiculous sales where I'd rather buy than pirate.
#9
Posted 07 April 2011 - 03:38 AM
Code Signing as Reverse Engineering Protection
In my last post I spoke about reverse engineering .NET assemblies upon which Gregory asked how to protect his code against it.
Initially I thought signing an assembly would be the easiest way to prevent this, and my first tests confirmed this. I signed the CrackMe from my previous post and tried modifying it again, unsuccessfully.
But in the end Code Signing your assembly proved to be useless against reverse engineering.
In my last post I spoke about reverse engineering .NET assemblies upon which Gregory asked how to protect his code against it.
Initially I thought signing an assembly would be the easiest way to prevent this, and my first tests confirmed this. I signed the CrackMe from my previous post and tried modifying it again, unsuccessfully.
But in the end Code Signing your assembly proved to be useless against reverse engineering.
#10
Posted 08 June 2011 - 01:23 PM
Be nice, Be nice, Be nice
Thats the only way you can do it, if I see someone with Flash 8 I'll live on but when I see pirated Minecraft it makes me sad! Why? Because Notch is a one person developer who deserves the money, all I see when I look at Adobe is a giant corporate logo- When someone says Mojang I think of the pictures of people ripping up the offices dirty carpets.
Also make features only registered players can use (for example most big servers can only be played by registered users who have paid- otherwise the server admins could have fakes logging in under their name!).
Thats the only way you can do it, if I see someone with Flash 8 I'll live on but when I see pirated Minecraft it makes me sad! Why? Because Notch is a one person developer who deserves the money, all I see when I look at Adobe is a giant corporate logo- When someone says Mojang I think of the pictures of people ripping up the offices dirty carpets.
Also make features only registered players can use (for example most big servers can only be played by registered users who have paid- otherwise the server admins could have fakes logging in under their name!).
Please, write clearly with proper structure. Double spacing makes the text feel un-jointed, Capitalizing Every Word Means People Stop Before Every Word Sub-Consciously Which Is A Pain In The Backside, and use code tags! (The right most styling box).
#11
Posted 18 July 2011 - 12:18 AM
In the .Net universe, decompiling is especially easy given the well documented .Net metadata format. There are even ready-made tools which can view the entire source code in the exe/dll . So obfuscating your .net exes and dlls using something like Crypto Obfuscator is extremely crucial. Obfuscation offers reasonably good protection - in the end, nothing is RE-proof, but this is as good as it gets.
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download