How Do Hackers Hack it?

[TheLordOfChaos201]

Hello

I am developing a program for sale and I was just wondering

How do hackers hack into programs to decompile and create pirated versions?

I've heard of hex editing and altering the permission files until access is granted, but what I want to know is if there any way to over come these pesky threats?

I've discovered that a hex edit can not be done if you constantly close and reopen your program on a new socket, which has worked when I tried hacking myself.
As for permissions you can always run a sumcheck with errors if a permission isn't fired.

I've gone further to insure my program can not be simply copied and pasted, it will not run and better yet it will delete it's self on first run if it is a copy. I've also encrypted all userdata, images and sound files used by the program to insure that even if my code is reworked the program will be unable to run all its components.

Yet still I can't shake the feeling that a hacker is going to get their hands on my code and laugh at how easy it is to crack

Please help, thank you

 

[GhostWolf]

This thread again?

If your code is worth anything, it will get cracked. You can't control this. I don't care what "genius" "irreversible" encryption you think you got, if there's a reason for your program to get cracked (e.g. it's popular), then it will be.

This is why licenses and copyrights exist.

 

[TheLordOfChaos201]

This thread again?

If your code is worth anything, it will get cracked. You can't control this. I don't care what "genius" "irreversible" encryption you think you got, if there's a reason for your program to get cracked (e.g. it's popular), then it will be.

This is why licenses and copyrights exist.

Licences, patents and copyrights aren't respected by all countries and authorities

Which is why I need the code secret rather than just labelled as do not touch

 

[Dr Super Good]

How do hackers hack into programs to decompile and create pirated versions?

By reading and modifying the program code. Your computer must execute the code at some stage for the program to run and as such hackers can look at the code, copy the code and modify the code as they want.

I've heard of hex editing and altering the permission files until access is granted, but what I want to know is if there any way to over come these pesky threats?

There is no way at all.

Mostly they attach a debugger and make their changes using it. For example I can attach a debugger to Warcraft III and mess around with memory values, code etc. I could do the same for StarCraft II as well.

It is possible to detect modifications if the application is to be involved in online play. This is how hackers and cheaters are commonly detected so they can be banned, usually in waves so they are left guessing if they were really caught. The most basic level of this is to start another application in the background, a supervisor, which is responsible for checking the integrity of the game application itself and communicating this data to your servers in a way that is hard to fake. For example send hashes of currently loaded applications, their sizes, check that game code for running game application has hashes that match your official releases, send details of applications and libraries currently being used by the game application, perform some selfdefence by sending hashes of own code, loaded libraries, etc. If you can build up enough evidence that cheating is occurring, eg the presence of a commonly installed and used cheat application, then you can take action and ban the player from online services. If your game is online only and licences are not free this ban has a financial cost associated with it for the user so is not trivial. Be aware that data protection laws must apply when storing, processing and using the defence data you receive so there is some liability involved.

I've discovered that a hex edit can not be done if you constantly close and reopen your program on a new socket, which has worked when I tried hacking myself.

This makes no sense... Programs do not open on sockets. Programs launch an application. Hex editing the application program data always applies but probably cannot be done while the application is loaded. Like wise loaded applications can be modified via a debugger.

Ubisoft and EA have a form of permanently online protection which involves keeping the game program files incomplete. When playing and needing missing program data it gets requested from their servers. Obviously a licence must be registered with an actively logged in account on their servers for you to be able to receive the needed program code. Hackers have slowly built up libraries of the missing program code which can be served via a fake server, however these are often incomplete and need to be rebuilt every patch. The permanent online connectivity requirement causes major usability problems, especially since most of the world has access to really basic, sometimes limited and often unreliable internet.

I've gone further to insure my program can not be simply copied and pasted, it will not run and better yet it will delete it's self on first run if it is a copy. I've also encrypted all userdata, images and sound files used by the program to insure that even if my code is reworked the program will be unable to run all its components.

Sounds like you might be going into a usability nightmare... Program files often get copied around as part of file management. Additionally using the hash of the program itself to encrypt user data is neither safe or maintainable as program updates will wipe all user progress which is a major usability concern. It also is not safe as such encryption is very easy to break, like how people broke the security checksum on StarCraft II banks.

Yet still I can't shake the feeling that a hacker is going to get their hands on my code and laugh at how easy it is to crack

They will just open the executable or library with a debugger or disassembler and look at the code. Even if you encrypt your code with many of the prelaunch encryption methods available they can just wait until the application loads, attach a debugger to it (which interrupts its execution so cannot perform effective self defence) and then read the code as it is loaded into the virtual memory.

Please help, thank you

You are worrying too much. You can add some basic defence and protection methods, but do not go overboard and especially avoid doing anything invasive and potentially buggy or hard to maintain. People stealing your program code in this day and age is hardly a big concern as long as you keep the source code safe as ultimately the source code is needed to truly publish the program.

Licences, patents and copyrights aren't respected by all countries and authorities

That is a problem with the world. Just like the environment is not respected by all countries, or women rights are not respected by all countries or human rights are not respected by all countries. Ultimately a criminal could come up to you, place a loaded gun at your head and demand you give him the code no matter where you live in the world. Chances of it happening are very slim.

Which is why I need the code secret rather than just labelled as do not touch

In that case use the approach adopted by CAD software. The "trade secret" code used for simulations, modelling and publishing runs on their secure servers with the inputs to and outputs from the code being communicated through the internet. As long as the server is securely operated and physically secure then there is no way people can steal the secret code then as the only access they have to it is via inputs and getting outputs back from it. Just like speaking with a bank clerk at a bank, you can pass in stuff and they can pass out stuff but that is all the interaction you are allowed, with all the money, computers, documents etc being stored safely behind bullet resistant glass in an air tight room.

Not really suitable for real time applications though. However I believe Ubisoft and EA used such a method on top of the code request method above as it can be used for seldom run code which is logically difficult to compute.

Diablo III and World of Warcraft adopt this approach. The actual game state and mechanics is performed on a secure, Blizzard owned, server. The clients are only streamed the results. To this day no one has managed to accurately recreate either a Diablo III or World of Warcraft server, although some majorly flawed attempts have been made. This can work for all games that use state streaming multiplayer, however it does require significant server upkeep.

 

[TheLordOfChaos201]

By reading and modifying the program code. Your computer must execute the code at some stage for the program to run and as such hackers can look at the code, copy the code and modify the code as they want.


There is no way at all.

Mostly they attach a debugger and make their changes using it. For example I can attach a debugger to Warcraft III and mess around with memory values, code etc. I could do the same for StarCraft II as well.

It is possible to detect modifications if the application is to be involved in online play. This is how hackers and cheaters are commonly detected so they can be banned, usually in waves so they are left guessing if they were really caught. The most basic level of this is to start another application in the background, a supervisor, which is responsible for checking the integrity of the game application itself and communicating this data to your servers in a way that is hard to fake. For example send hashes of currently loaded applications, their sizes, check that game code for running game application has hashes that match your official releases, send details of applications and libraries currently being used by the game application, perform some selfdefence by sending hashes of own code, loaded libraries, etc. If you can build up enough evidence that cheating is occurring, eg the presence of a commonly installed and used cheat application, then you can take action and ban the player from online services. If your game is online only and licences are not free this ban has a financial cost associated with it for the user so is not trivial. Be aware that data protection laws must apply when storing, processing and using the defence data you receive so there is some liability involved.


This makes no sense... Programs do not open on sockets. Programs launch an application. Hex editing the application program data always applies but probably cannot be done while the application is loaded. Like wise loaded applications can be modified via a debugger.

Ubisoft and EA have a form of permanently online protection which involves keeping the game program files incomplete. When playing and needing missing program data it gets requested from their servers. Obviously a licence must be registered with an actively logged in account on their servers for you to be able to receive the needed program code. Hackers have slowly built up libraries of the missing program code which can be served via a fake server, however these are often incomplete and need to be rebuilt every patch. The permanent online connectivity requirement causes major usability problems, especially since most of the world has access to really basic, sometimes limited and often unreliable internet.


Sounds like you might be going into a usability nightmare... Program files often get copied around as part of file management. Additionally using the hash of the program itself to encrypt user data is neither safe or maintainable as program updates will wipe all user progress which is a major usability concern. It also is not safe as such encryption is very easy to break, like how people broke the security checksum on StarCraft II banks.


They will just open the executable or library with a debugger or disassembler and look at the code. Even if you encrypt your code with many of the prelaunch encryption methods available they can just wait until the application loads, attach a debugger to it (which interrupts its execution so cannot perform effective self defence) and then read the code as it is loaded into the virtual memory.


You are worrying too much. You can add some basic defence and protection methods, but do not go overboard and especially avoid doing anything invasive and potentially buggy or hard to maintain. People stealing your program code in this day and age is hardly a big concern as long as you keep the source code safe as ultimately the source code is needed to truly publish the program.


That is a problem with the world. Just like the environment is not respected by all countries, or women rights are not respected by all countries or human rights are not respected by all countries. Ultimately a criminal could come up to you, place a loaded gun at your head and demand you give him the code no matter where you live in the world. Chances of it happening are very slim.


In that case use the approach adopted by CAD software. The "trade secret" code used for simulations, modelling and publishing runs on their secure servers with the inputs to and outputs from the code being communicated through the internet. As long as the server is securely operated and physically secure then there is no way people can steal the secret code then as the only access they have to it is via inputs and getting outputs back from it. Just like speaking with a bank clerk at a bank, you can pass in stuff and they can pass out stuff but that is all the interaction you are allowed, with all the money, computers, documents etc being stored safely behind bullet resistant glass in an air tight room.

Not really suitable for real time applications though. However I believe Ubisoft and EA used such a method on top of the code request method above as it can be used for seldom run code which is logically difficult to compute.

Diablo III and World of Warcraft adopt this approach. The actual game state and mechanics is performed on a secure, Blizzard owned, server. The clients are only streamed the results. To this day no one has managed to accurately recreate either a Diablo III or World of Warcraft server, although some majorly flawed attempts have been made. This can work for all games that use state streaming multiplayer, however it does require significant server upkeep.

if I give you an protected executed program I wrote. could you tell me if it is possible to open?

you seem like you know your stuff because I did actually use a hash code to encrypt my code. but! I made it possible for updates to run without user data being lost. its run inside a virtual machine so I'm not to sure if the hash will change with file management but hopefully it doesn't. it hasn't changed as of yet and I have run defrags and other such things. it's hard coded into a virtual machine meaning its always in the same place.

uhm....oh yes and I've successfully made a hex foiler. it opens and closes the program on a new address every time there is a window change. hex editors need to read from an address so this successfully irritates hackers. I've tried it myself and yes it works, and I'm sure it will work even with a debugger.

my program will not work when decompiled because the hash will change. meaning all images, sound files, userdata and text will be unreadable. without that information the program does not run.

again I ask. will you be able to hack that?

 

[GhostWolf]

Someone will be able to crack that, yes.
As long as you run any code locally, it CAN be cracked.
Whether it WILL be cracked is a complete other question, which usually depends on how many people use it, and how many more people want to use it.

Software and game companies spend millions on DRM, and it's an ever losing fight (for good or bad). You will not fare better.

This is the last time I reply to a thread like this made by you.
I can't keep replying to people who ask questions, and then don't read answers seriously or research them in any way, it just annoys me.

 

[Dr Super Good]

its run inside a virtual machine so I'm not to sure if the hash will change with file management but hopefully it doesn't. it hasn't changed as of yet and I have run defrags and other such things. it's hard coded into a virtual machine meaning its always in the same place.

Might stop normal debugging tools from working, however others aimed at virtual machine hypervisor development will still work. Also it sounds like massive program bloat, having to carry a complete virtual machine hypervisor just for a program. Also requires the processor supports virtualization.

 

[DracoL1ch]

if you gonna do anything popular it will be pirated. no exceptions.
even freaking consoles get pirated, somehow, barely useful, yet hacked. and they aren't waste billions of dollah for nothing ,you know.
either you're completely sever-sided, either get ready to get rekt, or die as any other unknown program
normally people just push thing onto market, and if people needs it, they will follow the brand, not copies. I guess you have nothing brand new to show, else you won't ask that kind of questions on hive. So your fears are irrational.

 

[TheLordOfChaos201]

hmm, where to begin. let's see, first I have to filter out all their hatred and....

Done!

my program is part hardware it's registered to a flash drive. which is where the virtual machine runs outside of the computer but using the computers processor. it will not run anywhere else but on the flash drive. I suppose a hacker could create some sort of duplicate flash drive but I wouldn't know about it.

I was told hardware is the best way to go, and it works quite well since all my third party software runs there too. meaning my users do not need to install anything and my program can run on all computers no matter what computer they have.

and....

users can not attach anything into the virtual machine without changing its hash value, which will result I'm the program not running.

so.....

can you hack it?

 

[Dr Super Good]

my program is part hardware it's registered to a flash drive. which is where the virtual machine runs outside of the computer but using the computers processor.

The virtual machine runs on the computer. A flashdrive is nothing more than storage. You can start an operating system from a flash drive, however one could also virtually mount such operating system from the flash drive and hence gain full control.

it will not run anywhere else but on the flash drive.

Flash drives cannot run anything... Stuff can run from a flash drive but the drive itself is just backing storage. Sure it has a memory controller but that is not something one wants to tamper with.

Or are you saying you created a special USB dongle which has a small processor built into it that out sources everything computationally intensive to a computer running a special OS?

 

[TheLordOfChaos201]

The virtual machine runs on the computer. A flashdrive is nothing more than storage. You can start an operating system from a flash drive, however one could also virtually mount such operating system from the flash drive and hence gain full control.


Flash drives cannot run anything... Stuff can run from a flash drive but the drive itself is just backing storage. Sure it has a memory controller but that is not something one wants to tamper with.

Or are you saying you created a special USB dongle which has a small processor built into it that out sources everything computationally intensive to a computer running a special OS?

No it still uses the process of the computer.... but runs off the flash drive

So yes the data is actually being stored on the computer if i think about it, in ram.

But a hacker friend of mine has given me suggestion that might solve all my problems.... Blowing up their computer

 

[LordDz]

my program is part hardware it's registered to a flash drive. which is where the virtual machine runs outside of the computer but using the computers processor. it will not run anywhere else but on the flash drive. I suppose a hacker could create some sort of duplicate flash drive but I wouldn't know about it.

So.. The solution to hacking is to use external harddrives?

 

[TheLordOfChaos201]

So.. The solution to hacking is to use external harddrives?

probably

but I'm no longer too concerned.

I found out a way to make my program communicate to a virtual server that is part of the virtual os running on my flash drive.

making my program only run when on that flash drive.

but that's not the bit that gives me confidence.

a friend of mind gave me a bunch of viruses to add to my program.

one disables all apps
then disables the users mouse
then deletes the content of their registery
and then delete their harddrive.

these programs only run if my program runs outside of the flash, or outside its original packaging.

my only problem is.

it's perfectly legal to run the viruses and destroy the flash drive,'protection of intellectual property'

but I can't legally destroy their computer, but! I would like to see them explain exactly how they were able to run my program on this computer after I went to considerable length to prevent them

 

[Dr Super Good]

I found out a way to make my program communicate to a virtual server that is part of the virtual os running on my flash drive.

If your flash drive has a processor why run a virtual server on it... The processor is already as secure as you will ever get so you can run code directly.

these programs only run if my program runs outside of the flash, or outside its original packaging.

... I hope you do not plan to travel anywhere. I can easily see such activities accumulating you a heavy sentence in most of the developed world.

it's perfectly legal to run the viruses and destroy the flash drive,'protection of intellectual property'

That alone might get you fined or into trouble with consumer watch dogs in many countries. Self-destructing goods are not recommended.

but I can't legally destroy their computer, but! I would like to see them explain exactly how they were able to run my program on this computer after I went to considerable length to prevent them

They would purposely do it just so you have to pay out damages.

 

[TheLordOfChaos201]

If your flash drive has a processor why run a virtual server on it... The processor is already as secure as you will ever get so you can run code directly.


... I hope you do not plan to travel anywhere. I can easily see such activities accumulating you a heavy sentence in most of the developed world.


That alone might get you fined or into trouble with consumer watch dogs in many countries. Self-destructing goods are not recommended.


They would purposely do it just so you have to pay out damages.

Awe come on!
Raining on my parade....

well at lest you are being honest.

well I'll just destroy the flash drive and run a warning on their computers, before deleting my program.

since I can't legally destroy their computer, but still legally I am allowed to destroy the flash drive even if it is purchased by them

 

[Dr Super Good]

since I can't legally destroy their computer, but still legally I am allowed to destroy the flash drive even if it is purchased by them

Not necessarily. It can open you up to complaints/investigation by consumer watch dogs for selling bad/ripoff merchandise.

It also opens you to a lot of liabilities as people could claim your product destroyed itself spontaneously and demand a refund or even compensation for lost productivity. You have no proof that the product did not do what was claimed for a variety of legal and logical reasons. Self-destructing hardware is a dangerous game, one I would strongly recommend avoiding.

Instead of trying to protect your software from being hacked in a variety of impractical or inefficient ways try actually writing the software. If you are worried about commercial loss of sales due to piracy or others making commercial gain from unauthorised sales of your software then introduce licencing models with licencing servers. Patented algorithms can be run in the cloud on these servers where people do not have white box access to them. A lot of people who pirate software would still not buy the software even if it was impossible to pirate, so losses from such are often greatly exaggerated.

 

[TheLordOfChaos201]

Not necessarily. It can open you up to complaints/investigation by consumer watch dogs for selling bad/ripoff merchandise.

It also opens you to a lot of liabilities as people could claim your product destroyed itself spontaneously and demand a refund or even compensation for lost productivity. You have no proof that the product did not do what was claimed for a variety of legal and logical reasons. Self-destructing hardware is a dangerous game, one I would strongly recommend avoiding.

Instead of trying to protect your software from being hacked in a variety of impractical or inefficient ways try actually writing the software. If you are worried about commercial loss of sales due to piracy or others making commercial gain from unauthorised sales of your software then introduce licencing models with licencing servers. Patented algorithms can be run in the cloud on these servers where people do not have white box access to them. A lot of people who pirate software would still not buy the software even if it was impossible to pirate, so losses from such are often greatly exaggerated.

True... I do have a product but perhaps it is time to focus on the code more than the safety of that code.

I'm currently working on making an update system for the program, but get this... Windows doesn't allow you to rename a program from code!!! Which is why using a virtual machine is good I guess. I just don't want to start sales next year and boom all hope of a future is destroyed because of piracy.

My father is a lawyer, so I'm hoping he can help with the legal stuff before sales, other than that I guess I can only cross my fingers and hope the corporations I sell to are computer illiterate and honest people

 

[Dr Super Good]

I just don't want to start sales next year and boom all hope of a future is destroyed because of piracy.

This happening is a fallacy. As long as you have some kind of licence model most people who would buy your product still will even with piracy. Most pirates fall into the group of people who still would not buy your product even if they could not pirate it. Piracy is a much bigger problem for the film and music industry due to early view exclusivity in cinemas or concerts before generic licences go on sale.

My father is a lawyer, so I'm hoping he can help with the legal stuff before sales, other than that I guess I can only cross my fingers and hope the corporations I sell to are computer illiterate and honest people

Use some form of licencing server. Most companies that matter should have access to the internet at least once a month. For the software to be legitimately used it has to have been last activated within 30 days, which happens automatically every day or when started and an internet connection is available. This is kind of how Microsoft licences their products. This can be extended by selling offline capable licencing servers separately to very large companies, a trick that CAD software companies and Microsoft do to make even more money from huge enterprises who might need thousands of licences.

Do note that utility companies demand all software operates offline or within a secure network (not physically connected to internet) for national security reasons. Such companies should be reputable enough that they will not consider pirating your product. However I doubt you are making a product they would be remotely interested in or can even get it certified for use by utility companies.

 

[TheLordOfChaos201]

This happening is a fallacy. As long as you have some kind of licence model most people who would buy your product still will even with piracy. Most pirates fall into the group of people who still would not buy your product even if they could not pirate it. Piracy is a much bigger problem for the film and music industry due to early view exclusivity in cinemas or concerts before generic licences go on sale.


Use some form of licencing server. Most companies that matter should have access to the internet at least once a month. For the software to be legitimately used it has to have been last activated within 30 days, which happens automatically every day or when started and an internet connection is available. This is kind of how Microsoft licences their products. This can be extended by selling offline capable licencing servers separately to very large companies, a trick that CAD software companies and Microsoft do to make even more money from huge enterprises who might need thousands of licences.

Do note that utility companies demand all software operates offline or within a secure network (not physically connected to internet) for national security reasons. Such companies should be reputable enough that they will not consider pirating your product. However I doubt you are making a product they would be remotely interested in or can even get it certified for use by utility companies.

It's just a quantity surveillance program, which there is a demand for here since each program needs to be custom made for each company. My fear is once they have their custom product they won't need me, and they will just hack and make the programs theirs.

They have agreed to buy licenses which last a few months each....

 

[GhostWolf]

I lied, I'll reply once more.

You are an idiot.

 

[TheLordOfChaos201]

I lied, I'll reply once more.

You are an idiot.

I don't see you commining up with any ideas

 

[Roland]

I don't see you commining up with any ideas

It's because you ask so many shitty questions.

 

[TheLordOfChaos201]

It's because you ask so many shitty questions.

don't worry dude, what you lack in intelligence you make up for with your great personality

 

[Wietlol]

If you really want to delay the time it takes for hackers to hack your program, then you have to encrypt the code.
When the program starts, you decrypt the code that has to run and run it and then encrypt it again.
This way, your code will always be encrypted unless it runs.

Ofcourse, you wont just be able to write such a thing... trust me.

Or... you dont use any known machine languages... sort of how Rust works, but then with your own language.

 

[TheLordOfChaos201]

If you really want to delay the time it takes for hackers to hack your program, then you have to encrypt the code.
When the program starts, you decrypt the code that has to run and run it and then encrypt it again.
This way, your code will always be encrypted unless it runs.

Ofcourse, you wont just be able to write such a thing... trust me.

Or... you dont use any known machine languages... sort of how Rust works, but then with your own language.

I've encrypted all the images sound user data and text

making all the code useless unless they can replicate all the encrypted data exactly

 

[Wietlol]

The code is not useless if it simply doesnt have resources.
Do you really think that hackers will care about resources if all they want to do is grant access without a proper license?
That part should be done completely without resources.
And... I assume that the decrypting part is in your code... which hackers can read... which will allow them to read how the encryption key is loaded... which enables them to manually decrypt all the resources.

 

[TheLordOfChaos201]

The code is not useless if it simply doesnt have resources.
Do you really think that hackers will care about resources if all they want to do is grant access without a proper license?
That part should be done completely without resources.
And... I assume that the decrypting part is in your code... which hackers can read... which will allow them to read how the encryption key is loaded... which enables them to manually decrypt all the resources.

Not if you were reading my text correctly

The program will refuse to run if any of its resources are missing, that is the standard of all programs. Have you ever tried to run warcraft without its sound files, it instantly prints out an error and forcibly closes the program. Plus the resources are a large part of the program meaning that they are needed to use the program. As for decryption, it is simply not possible. The only possible means of stealing the encrypted programs is as they are being read out in Ram which I can't do much about besides clearing it soon after read.

The programs encryption and decryption code is tied to the programs internal sum checks which, if a hacker unpacks, change when tampered with. As the only way for a hacker to read the encryption program is to unpack the program and the encryption key is hidden until unpacked, there is no way to actually read the encryption key.

Now my current problem is!

Proguard doesn't compile java jdk1.7 and 1.8 without errors. When ever I compile the jar file it will obscure it perfectly fine, but when I try to run the finished result it says 'Java run time exception'. I've done a lot of digging on the next and all I've been able to find about it is that it is due to my encryption class and main class. I've made the necessary adjustments to proguard to prevent it obscuring the main class, and I've added the lib of the encryption (jce.jar) but that hasn't fixed it.

Which brings me to my question.

Does anyone know a very good obscurer, better than Proguard and free. I've tried jarg which simply sucks because you have to build your own bat file before running it and it still didn't work so no result there.

Any help will be appreciated