首页
社区
课程
招聘
[转帖]Protect your applications by AntiDebugLIB By Jim Chngineering
发表于: 2008-2-5 02:24 3097

[转帖]Protect your applications by AntiDebugLIB By Jim Chngineering

2008-2-5 02:24
3097
Protect your applications against advanced reverse engineering and software cracking by AntiDebugLIB

By Jim Charles

http://www.codeproject.com/KB/security/antidebuglib.aspx

[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)

收藏
免费 1
支持
分享
最新回复 (1)
雪    币: 200
活跃值: (10)
能力值: ( LV2,RANK:10 )
在线值:
发帖
回帖
粉丝
2

Protect your applications against advanced reverse engineering and software cracking by AntiDebugLIB

Introduction

        After your applications are developed normally with VC++. You should protect your codes unless your software is free.But the Cracker can crack your codes always,the main reason about the software application cracked is that it can be debuged by some programme debug tools,then it can be analysed statically and dynamically.So when your application is running,and if it can prevent all debuger tool from being executed normally,then it's almost impossible to be cracked by anybody without a debugger.In order to do this,you must study how the debugger works and to find how to prevent them from working,AntiDebugLIB can help you finish these heavy work and protect your codes from being cracked by anybody because no debugger can be executed when the protected softwares are running.AntiDebugLIB actually is a debugger run in the level 0 of windows,but it can't implement any debuger's function,only to prevent other debugger from running correctly at the same time.If you want to debug programme,you only need to do one thing:Stop Antidebug LIB driver.Then the protected softwares can't be executed unless Antidebug LIB driver is started again. A sample code is released in this article to show the strong power of Antidebug LIB.
1.AntiDebug LIB Files

File Name

Comment

antidebug.h
Function Library's header file.antidebug.lib
Function Library file.Gjglly.infDriver installation file. gjglly.sysAntiDebug LIB driver file. install.exeAntiDebug LIB driver install tool. remove.exeAntiDebug LIB driver uninstall tool.ADL_Register.EXEAntiDebug LIB License generate tool and PE file protect tool.AntiDebugLib.CHMAntiDebug LIB help file.
[LEFT]    (1)antidebug.h and antidebug.lib should be included in the vc project.
    (2) install.exe and Gjlly.inf and gjglly.sys must in the same directory.[/LEFT]

2.Programme Developing Environment

    Windows 2000/XP/2003


    Microsoft Visual C++ 6.0


    Microsoft Visual Studio 2005.

3.Illustration

3.1 Install AntiDebug LIB

[LEFT]       First of all AntiDebug LIB should be installed,just run the AntiDebug LIB installation programme. [/LEFT]
3.2 Stop AntiDebug LIB driver

[LEFT]    (1)Mouse right click “My Computer”,select “Manage”.[/LEFT]

[LEFT]    (2) Open "Computer Management" dialog box,click "Device Manager",expand "System devices",mouse right click "AntiDebug LIB",select "Disable".[/LEFT]


3.3 Programme Design

[LEFT]    (1) Open“Microsoft Visual C++ 6.0”,select“File | New” menu command ,popup “New” window,select “Projects”,select “MFC AppWizard(exe)”,confirm the project's name is “antidebug_demo”,and select directory.
    (2) In the popup “MFC AppWinzard - Step 1” dialog box,set the type of application to “Single document”.
    (3) The follow step “MFC AppWinzard - Step 2 of 6” to “MFC AppWinzard - Step 6 of 6” dialog box,keep the default setting,at last click [Finish] button,popup "New Project Information" dialog box,click "ok" button.
    (4) Add two menu command:"Display Hello World !" and "Display Hello AntiDebug !" [/LEFT]
  
[LEFT]        The mapped menu command funtion by ClassWizard: void CAntidebug_demoDoc::OnDisplayHelloWorld(),void CAntidebug_demoDoc::OnDisplayHelloAntidebug().[/LEFT]

  (5) Code as follow:
[LEFT]//Antidebug LIB Demo Code[/LEFT]


    void CAntidebug_demoDoc::OnDisplayHelloWorld() //share function


    {


        // TODO: Add your command handler code here


    char mess[]="Hello World !";

    char buffer[100];

        strcpy(buffer,mess);


        AfxMessageBox(buffer);


    }


    void CAntidebug_demoDoc::OnDisplayHelloAntidebug() //no share function


    {


        // TODO: Add your command handler code here


    char mess[]="Hello Antidebug !";

    char buffer[100];

        strcpy(buffer,mess);


        AfxMessageBox(buffer);


    }


    //Antidebug LIB Demo Code

[LEFT]  (6) After finished,antidebug_demo can display two MessageBox :"Hello World" and "Hello AntiDebug",it's free and no License. [/LEFT]
3.4 Encrypted Programme

[LEFT]    (1) Mouse right click “My Computer”,select “Manage”.
    (2) Open "Computer Management" dialog box,click "Device Manager",expand "System devices",mouse right click "AntiDebug LIB",select "Enable".[/LEFT]

[LEFT]    (3) Copy antidebug.h and antidebug.lib into the antidebug_demo project directory.
    (4) Select “Project | Settings...” menu command,Only set "Win32 Release" ,Add "antidebug.lib setupapi.lib NETAPI32.LIB" into Link's “Object/library modules” edit box. [/LEFT]

[LEFT]    (5) Add codes into antidebug_demoDoc.h file::[/LEFT]

    //#####################################################################


    //Antidebug LIB Demo Code


    #ifndef _DEBUG //If you want to debug your programm,you must stop the AntiDebug LIB driver !


          #include "antidebug.h"


          #define _ANTIDEBUG //If define _ANTIDEBUG,the no shared functions can't be debugged.


    #endif


    //Antidebug LIB Demo Code


    //#####################################################################


  (6) Add codes in antidebug_demoDoc.cpp file:
    /////////////////////////////////////////////////////////////////////////////


    // CAntidebug_demoDoc construction/destruction


    CAntidebug_demoDoc::CAntidebug_demoDoc()


    {


    // TODO: add one-time construction code here


    //#####################################################################


    //Antidebug LIB Demo Code


    #ifdef _ANTIDEBUG


       char antidebug_userid[]="088A8EA376ECBE1F141F83C99946A068BE7681469A4157CDE99E2EECEF6133054E50DC281402D4F0A361D9486804ADFE";

                                                                             //antidebug_userid is generated by AntideBug LIB REGISTER programme.


                                                                             //Here is the antidebug demo userid.


       char antidebug_licence_filename[]="antidebug_demo.lic";

                                                                             //antidebug_demo.lic is generated by AntideBug LIB REGISTER programme.


                                                                             //Here is the antidebug demo license.


                                                                             //antidebug_demo.lic is in the current directory.


       BYTE append_data[]={'1','2','3','4','5','6'};

                                                                           //AntiDebug LIB provides two kinds of version: Ultimate and Professional Version.


                                                                           //Only Ultimate Version can use appending datas to generate license file.


                                                                           //


                                                                           //If no appending datas(e.g. hardware serial number or programme code fingerprint


                                                                           //data generated by MD5.) are supplied or AntiDebug LIB's Version is Professional,


                                                                           //set antidebug_licence_filename=NULL,antidebug_append_data_len=0.


                                                                           //


                                                                           //The format of appending data file can be found in the help document.It is very simple:


                                                                           //UINT antidebug_append_data_len+BYTE append_data


                                                                           //When generate the demo license by AntideBug LIB REGISTER programme,please use antidebug_append.dat in the current directory.


           UINT antidebug_append_data_len=6; //MAX_LENGTH<300


           if(!GJ_IsAntidebugWorking())


           {


                 MessageBox(NULL,"AntiDebug LIB DRIVER isn't installed or started,Antidebug_demo programme will EXIT !","Antidebug Demo",MB_ICONINFORMATION);


                 ExitProcess(0);


           };


           GJ_OpenAntidebug_demo(antidebug_userid,


                                                  antidebug_licence_filename,


                                                  antidebug_append_data_len,


                                                  append_data


                                                  );


           //TEST IF REGISTER OK


           //Not only the GJ_add function but also the others can do the same thing.


           int a=1;


           int b=2;


           int c=a+b;


           a=GJ_add_demo(a,b);


           if(a==c)


           {


                 AntiDebug_Reg_OK=TRUE;


                 //AfxMessageBox("register success!");


           }


           else


           {


                 AntiDebug_Reg_OK=FALSE;


                 //AfxMessageBox("register failed!");


           }


           //TEST IF REGISTER OK


    #endif


    //Antidebug LIB Demo Code


    //#####################################################################


    }


    CAntidebug_demoDoc::~CAntidebug_demoDoc()


    {


    //#####################################################################


    //Antidebug LIB Demo Code


    #ifdef _ANTIDEBUG


           GJ_CloseAntidebug_demo();


    #endif


    //Antidebug LIB Demo Code


    //#####################################################################


    }


[LEFT]    (7) Revise no share function code .[/LEFT]
[LEFT]void CAntidebug_demoDoc::OnDisplayHelloAntidebug() //no share function [/LEFT]


    {


        // TODO: Add your command handler code here


    #ifdef _ANTIDEBUG


           if(AntiDebug_Reg_OK)


           {


    #endif


              char mess[]="Hello Antidebug !";

              char buffer[100];

                  #ifndef _ANTIDEBUG


                         strcpy(buffer,mess);


                  #else


                         GJ_strcpy_demo(buffer,mess);


                  #endif


                         AfxMessageBox(buffer);


    #ifdef _ANTIDEBUG


           }


           else


           {


                  AfxMessageBox("Only registered user can use this function !");


           }


    #endif


    }

[LEFT]  (8) Select “Build | Rdbuild All” menu command to encrypt the antidebug_demo.Now,if want to dilplay "Hello AntiDebug LIB !" MessageBox,must have the License, which can be generated by ADL_register.exe.
  (9) The antidebug_demo programme also need to be Encrypted by Eagle Protector V2.1.[/LEFT]


[LEFT](10) Custom Function
      As to the very important key codes ,we recommend you strongly to use AntiDebug LIB's custom function to create self-engendered functions quickly,then the key codes become a secret besides you.
      GJ_encrypt_custom_function (or GJ_encrypt_custom_function_demo) Only used in another no released project,the custom function is debuged and encrypted in that project.When GJ_encrypt_custom_function (or GJ_encrypt_custom_function_demo) return TRUE,it will generate "founction_name.h" file.The encrypted code of custom function is included in it.Than include this header file to the release project,invoke GJ_load_custom_founction (or GJ_load_custom_founction_demo) to decrypt the custom function code and execute,when the custom function is not invoked again,invoke GJ_free_custom_founction to clear the code of custom function.
      The more informations please to reference Atidebug_demo demo programme. [/LEFT]
3.5 Installation Project

[LEFT]       The following codes should add into the Installation Project.(InstallShield 12 InstallShield script)[/LEFT]

[LEFT]//---------------------------------------------------------------------------
// The Installed event is sent after the feature DefaultFeature
// is installed.
//---------------------------------------------------------------------------[/LEFT]

[LEFT]export prototype DefaultFeature_Installed();
function DefaultFeature_Installed()[/LEFT]
NUMBER nvFileHandle;
STRING svString;
begin
      if !MAINTENANCE then
            ChangeDirectory(INSTALLDIR);

            LaunchAppAndWait("install.exe","",WAIT);
            OpenFileMode (FILE_MODE_BINARY);
            OpenFile (nvFileHandle, INSTALLDIR,"Install_log.txt");     //The install_log.txt is created by install.exe,only one char in it,
                                                                                                                 //if the char is "0",that means success.

            SeekBytes (nvFileHandle, 0, FILE_BIN_START);
            ReadBytes (nvFileHandle, svString, 0, 1);
            CloseFile (nvFileHandle);
            if(svString!="0") then

                  OnCanceling();

            endif;
      endif;
end;

//---------------------------------------------------------------------------
// The UnInstalling event is sent just before the feature
// DefaultFeature is uninstalled.
//---------------------------------------------------------------------------

export prototype DefaultFeature_UnInstalling();
function DefaultFeature_UnInstalling()

begin
      ChangeDirectory(INSTALLDIR);
      LaunchAppAndWait(INSTALLDIR^"remove.exe","",WAIT);
      DeleteFile("Install_log.txt");

end;
4.Generate License



[LEFT](1) Paste the Serial Number copyed from antidebug_demo's about dialog box into the ADL Register Serial Number Edit box.
(2) Select antidebug_append.dat file for Appending Data.
(3) Click <Generate ADL DEMO LICENSE> button.
(4) Save As the LICENSE data into a file.[/LEFT]
5.End

    Above-mentioned antidebug_demo programme demostrate the basic process and frame about AntiDebug LIB how to encrypt and protect application.

License

This article, along with any associated source code and files, is licensed under Microsoft Public License (Ms-PL)
About the Author

Jim Charles
2008-2-14 13:27
0
游客
登录 | 注册 方可回帖
返回
//