Masm32 SDK description, downloads and other helpful linksMessage to All Guests
Started by Magnum, January 16, 2013, 08:57:08 AM
Quote from: Magnum on January 16, 2013, 08:57:08 AMI have been messing around with putting a watermark in the .exe.A non text one using some of the extended ascii charcters. For example, Alt 240 that makes the 3 horizontal lines on top of each other.As far as putting it in the code section and jumping over it, are there other ways where it's not some obvious ?Or I guess you could put in a very rarely used code sequence that does nothing.
Quote from: Magnum on January 16, 2013, 12:53:28 PMCommonTater,Are you talking about some "anti-change" code?
Quote from: qWord on January 16, 2013, 10:39:44 AMA specific sequence of superfluous prefixes and/or using different encodings for the same operation may be not that conspicuous.
Quote from: dedndave on January 16, 2013, 06:50:19 PMif they are caught, they will be presecuted to the fullest extent of the law
Quote"This software is copyrighted by COSA NOSTRATM, in cooperation with our valued Chinese and Russian partners"
Quote from: jj2007 on January 16, 2013, 06:35:12 PMQuote from: qWord on January 16, 2013, 10:39:44 AMA specific sequence of superfluous prefixes and/or using different encodings for the same operation may be not that conspicuous.Yep, that is pretty easy and difficult to find if you bury it deep enough. It is mostly a question of how much time a cracker wants to invest in debugging the exe...If I had a valuable software (I don't, and it strikes me that the question of obfuscating and securing pops up so frequently here - does anybody here have anything that is worth the effort???), then I would do the following:- check if the fingerprint is OK (not the same as watermarking)- if not, put somewhere a comparison between the install date and system time (or some other magic difference)- set a flag if the difference is too high- pop up later in an unrelated place and tell the user "you forgot to register"Now the fingerprint is the tricky part:- user downloaded a legal copy and left his email address, so that his downloaded exe could be individually configured- user has to contact you via email or website to get a magic dword- in his exe, in the code or data section, there is an individually crafted 512 bytes section with random data- one of the dwords, at a location determined by another (fixed position) dword contains the xor'ed register dword- if that dword doesn't match, it triggers some nasty behaviour- and of course, the check takes place deeply buried in the edit control's subclass procedure, and only if the user types "Microsoft".But again, that only makes sense if you have to offer something as valuable as PaintShop Pro ;)