Okay, I've seen a lot of reversing essays and a few protecting essays. I think a common approach is to tend towards complexity, especially with the VxD routines, etc. This approach is intended to tackle the problem a little differently, placing the complexity on the reverser and not the protector.
To get an idea of what I mean, consider many traditional approaches to protecting. Most of the time you can easily find the elaborate routine that goes through several iterations of encryption and checksum and cross-check, but invariably you either get a comparison (yes, no) or some call to an enabling routine. Therefore, all of the previous complexity was lost due to the simplicity of the final check.
This protecting method attempts to go around this downfalls, and provide a truly challenging routine. The target isn't too exciting. It's an encrypt algorithm that I wrote myself and can be found as a different challenge on this page for your sheer pleasure. What I did was to take that code and modify it to require a registration key. I did this rather quickly, but I'm sure you'll appreciate the results.
Okay, here we go. Let's describe the challenge as is: You will get a set of files, being: BESTWIN.EXE PROT.DLL REG.KEY When you fire it up, you'll be presented with a barebones windoze app. You can choose the option to set your key (this is the passcode for encrypting and decrypting files) and also encrypt a file. You should note that when you set the key, you get hit with a "This product must be registered" sign. That should be obvious in and of itself. You'll also notice that once you select a key, only the encrypt option is available, not the decrypt one! So, where to go from here?
The point here is that not too much effort was put in. There is a set reg key, whereas a practical implementation would have a different reg key for each installation. This can be implemented with the protective method used. I can also protect many more functions and reference them with more complicated codes, but I want to see what can be done with this bare bones.
- Find the method used for protection, and describe this method as specifically as possible
- Find the exact registration key that must be used
- Create a "crippled" version that circumvents any need for a registration key (this should be simple, the top two not so easy!)
Okay, I think this is a great protection method, IMHO, but you may come back within hours and say, "That really stunk." If it appears to be noble enough to stand up to scrutiny, the next essay will be a description of the exact method used and how anyone can implement it themselves. If the method turns out to be a weak, pathetic attempt, then the next essay will be a manifesto of whining self-pity and declarations of utter failure. Happy reversing!