-
-
[转帖]Protect your applications by AntiDebugLIB By Jim Chngineering
-
发表于: 2008-2-5 02:24 3125
-
Protect your applications against advanced reverse engineering and software cracking by AntiDebugLIB
By Jim Charles
http://www.codeproject.com/KB/security/antidebuglib.aspx
By Jim Charles
http://www.codeproject.com/KB/security/antidebuglib.aspx
赞赏
|
|
---|---|
|
Protect your applications against advanced reverse engineering and software cracking by AntiDebugLIB Introduction After your applications are developed normally with VC++. You should protect your codes unless your software is free.But the Cracker can crack your codes always,the main reason about the software application cracked is that it can be debuged by some programme debug tools,then it can be analysed statically and dynamically.So when your application is running,and if it can prevent all debuger tool from being executed normally,then it's almost impossible to be cracked by anybody without a debugger.In order to do this,you must study how the debugger works and to find how to prevent them from working,AntiDebugLIB can help you finish these heavy work and protect your codes from being cracked by anybody because no debugger can be executed when the protected softwares are running.AntiDebugLIB actually is a debugger run in the level 0 of windows,but it can't implement any debuger's function,only to prevent other debugger from running correctly at the same time.If you want to debug programme,you only need to do one thing:Stop Antidebug LIB driver.Then the protected softwares can't be executed unless Antidebug LIB driver is started again. A sample code is released in this article to show the strong power of Antidebug LIB. 1.AntiDebug LIB Files File Name Comment antidebug.h Function Library's header file.antidebug.lib Function Library file.Gjglly.infDriver installation file. gjglly.sysAntiDebug LIB driver file. install.exeAntiDebug LIB driver install tool. remove.exeAntiDebug LIB driver uninstall tool.ADL_Register.EXEAntiDebug LIB License generate tool and PE file protect tool.AntiDebugLib.CHMAntiDebug LIB help file. [LEFT] (1)antidebug.h and antidebug.lib should be included in the vc project. (2) install.exe and Gjlly.inf and gjglly.sys must in the same directory.[/LEFT] 2.Programme Developing Environment
3.Illustration 3.1 Install AntiDebug LIB [LEFT] First of all AntiDebug LIB should be installed,just run the AntiDebug LIB installation programme. [/LEFT] 3.2 Stop AntiDebug LIB driver [LEFT] (1)Mouse right click “My Computer”,select “Manage”.[/LEFT] [LEFT] (2) Open "Computer Management" dialog box,click "Device Manager",expand "System devices",mouse right click "AntiDebug LIB",select "Disable".[/LEFT] 3.3 Programme Design [LEFT] (1) Open“Microsoft Visual C++ 6.0”,select“File | New” menu command ,popup “New” window,select “Projects”,select “MFC AppWizard(exe)”,confirm the project's name is “antidebug_demo”,and select directory. (2) In the popup “MFC AppWinzard - Step 1” dialog box,set the type of application to “Single document”. (3) The follow step “MFC AppWinzard - Step 2 of 6” to “MFC AppWinzard - Step 6 of 6” dialog box,keep the default setting,at last click [Finish] button,popup "New Project Information" dialog box,click "ok" button. (4) Add two menu command:"Display Hello World !" and "Display Hello AntiDebug !" [/LEFT] [LEFT] The mapped menu command funtion by ClassWizard: void CAntidebug_demoDoc::OnDisplayHelloWorld(),void CAntidebug_demoDoc::OnDisplayHelloAntidebug().[/LEFT] (5) Code as follow: [LEFT]//Antidebug LIB Demo Code[/LEFT]
char mess[]="Hello World !"; char buffer[100];
char mess[]="Hello Antidebug !"; char buffer[100];
[LEFT] (6) After finished,antidebug_demo can display two MessageBox :"Hello World" and "Hello AntiDebug",it's free and no License. [/LEFT] 3.4 Encrypted Programme [LEFT] (1) Mouse right click “My Computer”,select “Manage”. (2) Open "Computer Management" dialog box,click "Device Manager",expand "System devices",mouse right click "AntiDebug LIB",select "Enable".[/LEFT] [LEFT] (3) Copy antidebug.h and antidebug.lib into the antidebug_demo project directory. (4) Select “Project | Settings...” menu command,Only set "Win32 Release" ,Add "antidebug.lib setupapi.lib NETAPI32.LIB" into Link's “Object/library modules” edit box. [/LEFT] [LEFT] (5) Add codes into antidebug_demoDoc.h file::[/LEFT]
(6) Add codes in antidebug_demoDoc.cpp file:
char antidebug_userid[]="088A8EA376ECBE1F141F83C99946A068BE7681469A4157CDE99E2EECEF6133054E50DC281402D4F0A361D9486804ADFE";
char antidebug_licence_filename[]="antidebug_demo.lic";
BYTE append_data[]={'1','2','3','4','5','6'};
[LEFT] (7) Revise no share function code .[/LEFT] [LEFT]void CAntidebug_demoDoc::OnDisplayHelloAntidebug() //no share function [/LEFT]
char mess[]="Hello Antidebug !"; char buffer[100];
[LEFT] (8) Select “Build | Rdbuild All” menu command to encrypt the antidebug_demo.Now,if want to dilplay "Hello AntiDebug LIB !" MessageBox,must have the License, which can be generated by ADL_register.exe. (9) The antidebug_demo programme also need to be Encrypted by Eagle Protector V2.1.[/LEFT] [LEFT](10) Custom Function As to the very important key codes ,we recommend you strongly to use AntiDebug LIB's custom function to create self-engendered functions quickly,then the key codes become a secret besides you. GJ_encrypt_custom_function (or GJ_encrypt_custom_function_demo) Only used in another no released project,the custom function is debuged and encrypted in that project.When GJ_encrypt_custom_function (or GJ_encrypt_custom_function_demo) return TRUE,it will generate "founction_name.h" file.The encrypted code of custom function is included in it.Than include this header file to the release project,invoke GJ_load_custom_founction (or GJ_load_custom_founction_demo) to decrypt the custom function code and execute,when the custom function is not invoked again,invoke GJ_free_custom_founction to clear the code of custom function. The more informations please to reference Atidebug_demo demo programme. [/LEFT] 3.5 Installation Project [LEFT] The following codes should add into the Installation Project.(InstallShield 12 InstallShield script)[/LEFT] [LEFT]//--------------------------------------------------------------------------- // The Installed event is sent after the feature DefaultFeature // is installed. //---------------------------------------------------------------------------[/LEFT] [LEFT]export prototype DefaultFeature_Installed(); function DefaultFeature_Installed()[/LEFT] NUMBER nvFileHandle; STRING svString; begin if !MAINTENANCE then ChangeDirectory(INSTALLDIR); LaunchAppAndWait("install.exe","",WAIT); OpenFileMode (FILE_MODE_BINARY); OpenFile (nvFileHandle, INSTALLDIR,"Install_log.txt"); //The install_log.txt is created by install.exe,only one char in it, //if the char is "0",that means success. SeekBytes (nvFileHandle, 0, FILE_BIN_START); ReadBytes (nvFileHandle, svString, 0, 1); CloseFile (nvFileHandle); if(svString!="0") then OnCanceling(); endif; endif; end; //--------------------------------------------------------------------------- // The UnInstalling event is sent just before the feature // DefaultFeature is uninstalled. //--------------------------------------------------------------------------- export prototype DefaultFeature_UnInstalling(); function DefaultFeature_UnInstalling() begin ChangeDirectory(INSTALLDIR); LaunchAppAndWait(INSTALLDIR^"remove.exe","",WAIT); DeleteFile("Install_log.txt"); end; 4.Generate License [LEFT](1) Paste the Serial Number copyed from antidebug_demo's about dialog box into the ADL Register Serial Number Edit box. (2) Select antidebug_append.dat file for Appending Data. (3) Click <Generate ADL DEMO LICENSE> button. (4) Save As the LICENSE data into a file.[/LEFT] 5.End Above-mentioned antidebug_demo programme demostrate the basic process and frame about AntiDebug LIB how to encrypt and protect application. License This article, along with any associated source code and files, is licensed under Microsoft Public License (Ms-PL) About the Author Jim Charles |
他的文章
看原图
赞赏
雪币:
留言: