IDA watermarking(s) and possibility of license file generation...

[ketan]

As of IDA latest public release (ie. v5.4.0.921),
following file+folders are watermarked...

/ida.key
/ida.wll
/loaders/*.*
/procs/*.*

Above info is gathered by looking at ida.key date.

Moreover no file is packed or obfuscated in any way,
this will allow to analyze IDA itself.

The registered user name is tagged in MS-DOS STUB portion of the watermarked executables.

So there are lot of possibilities to make a cracked version of IDA.

Key Pointers
=========
- Possibility to generate legitimate ida.key files,
// 'coz recently we seen awesome winrar solution

- Compare 2 identical version/edition of IDA to findout exect differences

[ahmadmansoor]

My friend ...the problem is to get 2 identical version/edition of IDA...
how would like to share his one ?????!!!!!!!!

[tofu-sensei]

Quote:

Originally Posted by ketan

- Possibility to generate legitimate ida.key files,
// 'coz recently we seen awesome winrar solution

now that's a non sequitur

There's no reason that comparing two would be enough... could be some things common to any two different copies but not any others.

Back when versions were being leaked and people tried to patch out their IDs Pierre would quote that 98% of the watermarks were left or so. Ilfak's not stupid, I'm sure he's come up with something quite crafty and not easily resolveable to an unidentifiable but still functional version.

Disclaimer: Haven't looked at it in any detail. I'm a big IDA fan and paid up user so I don't want to hurt them ;-)

[Shub-Nigurrath]

it's enough to hide the watermark in the instruction execution flow or in the data structure to create an almost impossible to un-watermark program, but there are hundred different ways to software watermark a program. Watermarking if properly done is one of the most efficient protection strategies (of course you must assume, like for IDA, that users can be threatened removing their licenses, if you catch their leaked copies on the net): it's easy to implement and doesn't complicate development, it's quite difficult to completely remove it.

[rcer]

WTWB

you mentioned that you are a paid user of IDA Pro.
Which version do you have, and is it the standard or Pro one?

Because I tried to buy a license for IDA and the only option they offer for private persons is the a "IDA Pro Standard Base Named license"

RCER

[Git]

I looked recently and it did not seem possible for a private person to buy any version of IDA, at least in the EU. VAT registration number is a mandatory part of the order form.

Git

[sf42]

Quote:

Originally Posted by Git

I looked recently and it did not seem possible for a private person to buy any version of IDA, at least in the EU. VAT registration number is a mandatory part of the order form.

Git

Creating a company and receiving a VAT number costs 65€ where I live.

rcer: I have an Advanced named license. I bought a Standard licence as a student, and upgraded to Advanced while it was still Datarescue.

Git: In the past, I've just left that blank.

Generally they're quite helpful if you e-mail them :-)

(Actually, I think I expired recently, I should probably upgrade...)

[rcer]

Git,

VAT number is not mandatory, if you don't have one, they will still sell you IDA, but charge you an additional 18.5% VAT.

regards

[sf42]

Ok, so the only thing left is to pool money and buy IDA Advanced license from Datarescue If for example 50 members will join the cost per person will be miniscule...

ru-board tried it before. Unfortunately people have money problems ;-)

[rcer]

And also don't forget that the one who buys IDA and then uploads it to the forum will be blacklisted by Hexrays for the rest of his life

[LaBBa]

oh no! just don't blacklist me