rank your "uncrackable" software protection
 

Hi all
well i open this thread in "General Discussion " because i just wanted to create a General Discussion about : " how do you rank the protections" ?

I have entered in google a serach : uncrackable software protection

I wanted to know what kind of protections are claiming to be 100% safe
here are the TOP5 resualts that google ranked:

1. ROCKEY6 - dungle. well we know that v1 - v4 have been already cracked and no one is realy looking on v6 or even v5 because no "real" intersting targets protected with rocky6 or 5

2. siliconkey - dungle. same as rockey... no "real" target is protected

3. ExeCryptor - has been unpacked and is crackable.

4. CodeProtector - the only way for "1 time password safe" and anti reversing and serial fishing and keygening if you don't have at least 1 time some one registeration info.

5. eXPressor 1.6 - it's fully known how to unpack and crack


it's realy strange because we know that most 0day applications uses ASPR and ARM for protection but some how they are not in the google TOP 5 even FlexLM and HASP are not there..

if i would have need to rank the protections base on how good they are i would have puted :

#1 for 0day - CodeProtector ( i know that there are more of those but this is currently #1 choise by google)
#1 for ISO protections - siliconkey Or ROCKEY6

and then all the rest no mater who or what because they are all crackable


please post your ranks for the best protector that you think is the better choise.

(I think it's going to be a fun thread)

Regards,
LaBBa

armadillo with secure sections, asprotect or execryptor with key markers and of course starforce

ps. also senselock dOngle

Code Virtualizer .....and WinLicense & Themida ....take some wide place specially when u protect program and u has the sorce code for it so u can obfuscation some area of ur code so it make it hrad to dump and cracked..i like this protector ....so I still not produce any carck for programs protected with this protector

You forgot VMProtect. As close to uncrackable as it gets.

Git

I think that software protections are dead, at least if concepted like armadillo, acprotect, obsidium, and so on.
The only one that are saved are the one with heavy virtual machine transformation like execryptor, themida and all VM-alike protections (private exe protector, vmprotect, ttprotect etc...)

Aye, localized protections (those limited to client only) are a dying breed.
More and more custom protections are being seen requiring server-side activation and runtime requiring a server connection.

REing won't go with them though. Waiting for the day when loaders handle TCP packet captures. Truly a new phase, rather than a deadening.

except with server side protection each time the company goes bankrupt or looses connection you're screwed. Especially a mutlibillion dollar accounting firm who cannot connect to their dbase because of a activation.

I think Obsidium shell become a place in rank-list...
Tried a target with may be version > 1.4.0.0 beta and failed piteous.
Seems like detecting hided debugger, no dump possible, crash by searching referenced text strings and other silly things! :eek:
Looks like Obsidium ist debugging himself with CreateProcessInternalW. :confused:

If someone would like to unpack my target, I really would be thankfully... ;)

regards, magic

syncrosoft claims their protection mcfact (which apparently transforms machine code into really, really slow finite automata and is used e.g. by steinbug) has never been broken...

hm
 

syncrosoft has been broken plenty of times. but it is actually good.

I don't do Mac

I believe that the new versions of Oreans Technology Code Virtualizer , WinLicense & Themida, , are beyond the reach of crackeable be, but this theory is generating a Chinese forum and be reflected in future with new tools unpackers,.

it's like saying " i don't do drugs" :D

heh
 

a dongle cracked on windows is the same as a dongle cracked on mac; it is the same dongle (duh), the only difference is no one has cared to port the emulator to macos due to lack of demand.

I don't get any point in ranking protections. I think crackers already approximately know about hard and easy protections. So this topic may help only to software developers to choose the hardest protection. And that's the reason why I'm also against releasing protectors to the public. I think it's a bit egoistic and looks like: I can unpack this protector so I'll release it to the public so anyone can pack it's software with it, it's time for you to have some pain with unpacking. Anyway it's just imho.

What about the topic, I successfully unpacked with some generic private tool Themida, ExeCryptor, AsProtect, StarForce and many other packers and protectors. So I think some dongles offer the best protection. Maybe the ones that allow to load arbitrary code into them.

I didn't find any reference to this h__p://www.metaforic.com/content/, it may be interesting though (h__p://www.developmag.com/tutorials).

Oxymoron.

Git

haven't spoke up in awhile, but i'll put in my 2 cents re: toughies

execryptor: i've actually written full on inline patches (internal loader ;) ) for this, but it is a bit of a nuisance.

Themida is a great (albeit intrusive on the user side which i don't like). but, again, i've inlined that one as well

obsidium, again great to take on head-on, but still can be inline patched.

protectors like arma have their place (i guess) altho i don't like (for the user side) the extra overhead of a monitoring debugger that controls the app. silly and uses more resources than necessary. oh, and did i forget can also be easily inlined

asprotect: sleek, simple, highly dumpable/crackable except if USED PROPERLY! with it's crypted function blocks that are simply unaccessible unless you have a proper key. easily inlined and dumped, but quick as hell, so better for the end-user. also, easily dumped if you have a real key... but then again, aren't they all (included dongle protections) if you have a source with a valid key to dump vital protected code, then game over.


oh yeah, let's not forget upx... they recently changed their static final jump spot from 61E9 to a different jump config sig ;)

themida seems to become more popular than ever. native instruments is using it on all of his products and the results are quite impressive. no more keygens and only sporadic cracks...:eek:

really? guess will have to make it so there are keygens and more stable cracks. thanks for the note.

If I were to sell my product(s) I'd use two demo and retail versions with watermarking the retail setup, and would use a 1024bit+ RSA keyfile for registration. and at last added LOTs of hidden CRC checks for patching.
but I'm lazy, and prefer to use commercial VMers like VMProtect and Themida.

in general favor:
VMProtect, WinLicense, TTProtect

my own favor:
RAR password


btw: Don't ever trust your customers, there are plenty people that would buy it and crack it or send it to someone that will, even if you make custom builds.

Safecast 2.8

It's a news from previous week:

From what I can understand, Steinberd bought Syncrosoft :eek:

http://www.macmusic.org/news/view.php/lang/en/id/7245/

This isn't really from experience, but rather just from looking around a bit - right now, I see lots and lots of articles on Themida/Winlicense and Armadillo, and that kinda agrees with what other people have posted here.

So far, its VM and dongle protections that have the lead right now... you can't really rank these things, specially since it varies from person to person...

NoobyProtect : seems to be top of the food-chain right now.
Enigma Protector : is still very solid.
Winlicense/Themdia : is still very solid.
Asprotect/SKE : I don't see much anymore, that may just be a fluke.
Armadillo : Chad & Nick need to come up with some new tricks, outside of their ECDSA level 10 keys, Armadillo is pretty much rapped at will anymore.
SVKP : I believe is no longer being developed.
Obsidium : I haven't seen nor heard about it lately, though according to their website they support Windows 7. So I can only assume it is still alive.
Activemark : Still alive and kicking, though ARTeam seems to have their number ;)
SafeDisc : Now owned by Trymedia (Maker of Activemark) is also still alive and kicking.
ExeCryptor : Hasn't been updated in awhile...(Dead?)

Thats all I can think of...

Any protector is very good if you USE it properly. Most software devs just want something quick and easy, and to keep out the general population.

Armadillo is almost impossible if you use secured sections with many certifactes and ECDSA level 10 keys, custom environment variables, and all other protections enabled. You simply will not crack it without a valid code, and if you put in the proper checks on it, you are in for some serious headache patching even if you do dump it properly (which most people don't).

Themida/Winlicense/VMprotect is still quite formidable if you again, implement it properly. Using code wrap/encrypt in your source code and using proper checks.

Properly removing safedisc/safecast/activemark/securom is also quite the challenge. Dumped VM's suck, k thanks!

=]

Again I'd go with most people and say Themida/Winlicense (especially if properly configured) and execryptor

I cant even run the demo on my pc... it drains 50% of my CPU and die (without being debugged of course). Cant say anything.

Are you joking?

I have never come accross this protector for my purposes and i am sure that i cant unpack it. However i saw many tutes around and so many people focusing on this.

Asprotect with crypted functions is still very difficult to crack. I can only remember a bday attack to the decryption-based-on-keys from unpack.cn in 2006.

Never tried Obsidium too.

I like arma, at the beginning it went out with new ideas in the re field (nanos & child/father). I still love it and i hope that authors will implement something new. Unpacking this protection has no secrets nowadays (but could be a little difficult sometimes), keygenning it is still a challenge.

I dont know about execryptor but it must be a dead project

And finally... who resumed this old topic? :D

How come? I haven't seen anything protected by it. Or is it cause nooby is your "best friend" ?

Ditto, i haven't seen anything in the "wild" protected by it, only some people claiming that it's adequate.


True about many keygenning it; sadly most of them couldn't even tell md5 from crc32.
Off the record, nico is long since gone from SR.

So what's if it is still alive ? Its not more popular than Enigma protector, chances to see a live pokimon is bigger than to meet them in the wild, but still greater than meeting "top of the food-chain".

Never met it, then again i'm not into kiddie games.


Might be dead, but can you crack it? ;)


WL/Themida and Execryptor are the most popular for apps and they have been completely owned... by few.

Agreed..... how the hell can NoobyProtect be considered strong when theres sod all out there to look at??

If its really that good there would be no problem chucking out some protected files to show off its strength. At the moment it just talks the talk with out even taking its first steps, let alone walking the walk. Thats no disrespect to Nooby, its merely a statement of fact.

Having said that, NoobyProtect is employing by far the safest 'protection' and that is limited distribution of 'non-demo' versions. If the code aint there, it aint going to be cracked (although carding then becomes the problem). The only way VB Decompiler was beaten was because the code was made available. Even using some of the better protectors it was then beaten by someone who had put the time in to learn.

WL can be unpacked without a license and registered with 2 dwords.. I'd call that crap.
It's VM is the only thing that's decent everything else is lazy coding.

As for noobyprotect, I've only seen the demo. And it was not very impressive.
But I could be wrong.

My assumptions of NoobyProtect are based on ahmadmansoor overview and comments:
http://forum.exetools.com/showthread.php?t=12446

I have been very busy and haven't even looked into it.

Keep in mind, these were my personal opinions of protections based on experience(s) with them. The derogatory tones in some of your comments aren't necessary. If you have a different opinion then please feel free to share it.

Wibu Codemeter is another uncrackedable at this time - I guess!

Wibu CodeMeter is crackable. Just look around.

'uncrackable' ?
 

I will have to say that we have a piece of software that uses a wicked combination of the following:

-Sentinel 7.5 USB Key

*PLUS*

-CrypKey 6.1

It appears that the main exe for the program was obfuscated, and I rack my brain trying to kill the combination of these, while leaving the program in a working condition.

I am able to remove the Sentinel from earlier versions, but there's something funky with the Crypkey integration with it.

Other than those, I am from a much older generation of 'cracking', and what you kids do now just amazes and impresses me!

Yeah crypkey is nice.. Though doable, just something that needs a bit of time..
Mostly due to lack of documentation.
I'm from the younger generation.. And well we all had to learn it from the older dudes one time.. We could skip a lot of stuff thanks to the tuts and info the older generation provided.. But I suppose that has always been the case, we all built on the culture the previous generation has provided.

Me wonders what the generation time is.. :)

> But I suppose that has always been the case

Yep, JMI and I learned from the Bletchley Park work ;)

Git

Hehe I wouldn't be surprised if you guys knew Alan Turing from back then. :)