can it be used to password protect executable?

Started by sparkies, April 20, 2010, 08:42:52 AM

Previous topic - Next topic

sparkies

Hi There,

seems bitsum is a safe haven among a lot of c**p and malware spreading sites offering compressors.. so here goes my question... hopefully you can enlighten me as to whether/how this can be done with PECompact..

I'm trying to add some licensing protection to an executable, not too worried about compression or encryption.. the executable is created with an e-learning authoring tool and there is no protection built in at all which is unacceptable. So I have to add some sort of protection mechanism which prevents use of the file unless it is licensed.
We already have all the mechanisms and code in place to store/encrypt/verify/activate/nodelock etc license keys... I'm just trying to create a mechanism that allows me to protect an executable.

I figure there are two solutions:

a) use PECompact and add some code to the loader which decrypts and verifies the license key stored in the registry. I am well versed in C and C++ but I'm a bit worried that making such a loader would take a lot of work, are there some examples I could start with? Is this even possible?
b) password protect the executable with PECompact (can I pass down the password as command line argument?) and then have another executable which handles all the registry checks etc and if that checks out ok, launching the password protected executable, passing the password in the command line.

I guess a) would be ideal as it sounds like the safest option if it can be done..
b) is the easiest though...

Help?

Thanks,

Sparkies

BoB

Hi Sparkies,

Quotea) use PECompact and add some code to the loader which decrypts and verifies the license key stored in the registry. I am well versed in C and C++ but I'm a bit worried that making such a loader would take a lot of work, are there some examples I could start with? Is this even possible?

The PECompact Loader SDK is probably your best option, it comes with the source to the default loader.
Although you would need a good understanding of Asm, it's very well commented.
With this you can create whatever custom protection you need for your products, and you can also write your own Codec or Hook plugins to add extra layers of encryption / protection.

There is also a Hook plugin called IsDebuggerPresent available for registered users, which will detect debuggers in many different ways, simply by using one of the Anti-Debug Loaders, or can be called from your own custom Loader.


Quoteb) password protect the executable with PECompact (can I pass down the password as command line argument?) and then have another executable which handles all the registry checks etc and if that checks out ok, launching the password protected executable, passing the password in the command line.

I don't think it's a good idea to use passwords in plain-text ever.  For example, if someone were to hook GetCommandLineA then they would have your password. :)
But there are many ways you could do this, such 'master and minion' protections have been around for a long time, and can be effective.  ;)

BoB