software protections help

Hello,

As Seventh says, reading a lot of tutorials and searching on the net with appropriate keywords will give you a good point of view in most of the current protection involved in software protection. Asking for them means you don"t yet know them.

A good point to start with, I think, is RE-ing (Reverse engineering) software for your own knowledge. Download a target > study it > write notes > Delete it. Make your own compilation of protection tricks ! The more you reverse, the more you'll know what are the protections used a lot in softwares.

It will lead you to some interesting points, and you'll grab some knowledge, with time, about many parts of RE like packers, anti-debugging, anti-dumping, SMC (self modified code), Crypto and/or hash functions ...

At lest, you'll need some coding knowledge, especially on one (or many) High level languages (like C, C++, etc.) and you'll have to know Assembly language like your mother tongue.

Depending on the plateform you're, you'll have to have a good knowledge on it, I mean what it could be called 'internals' (like 'windows internals'). Many of those internals will help you to implement/develop new ways (if it's possible) or at least 'strange'/'not well know' ways to protect or understand how are protected applcations.

Some good examples of those internals on Win plateform could be TEB, PEB, EPROCESS, KPROCESS, GDT, IDT, memory management, and a lot of other stuffs...With that you could achieve a better understanding on what's going on on your computer, and by the way, having this knowledge, develop/understand strong protections.

So, don't limit you to coding some stuff, study and study again what's going on on your computer in its depth.

As far as I know there's one book that gather some informations about anti-cracking stuffs. It's called "Crackproof your software" (Pavol Cerven), but all those tricks are now well known nad many of them are for win 9x plateform. Since NT has a different behaviour, and 9x is slowly but surely disappearing, concentrate your efforts on NT plateform.

Now you've all in your hands, and in your brain. Download a debugger (OllyDBG is a good one), and reverse all things you can (I mean.. all things that can be RE-ed ). If you don't understand something, fire-up your browser and invoke the great google !

Sometimes, things are difficult to understand, once you've searched a lot and trully doesn't understand what it could mean, it's time to ask on a forum. Do ont try to ask before understanding, it will lead you to NOTHING !

This is just a point a view...not really what you SHALL do. I think only time could help to a better understanding of what going on there...

So let's experiment, it's your turn now !

Regards, Neitsa.