Internal Overlay CRC request

Post here any topics that related to Enigma Protector, its functionality, your misunderstanding, offers to improvements etc etc etc
Post Reply
Daniel
Posts: 14
Joined: Wed Aug 20, 2008 5:29 pm

Internal Overlay CRC request

Post by Daniel » Fri May 29, 2009 5:31 am

I would like to ask whether there is some CRC check of internal overlays in Enigma. I would like to defeat possible replacement of my overlay with a different one. Just simple CRC or similar.

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Internal Overlay CRC request

Post by scorillo7 » Fri May 29, 2009 8:45 am

These answer must come from the author , but i can permit to give some advise:
1.check the integrity of Enigma(api)
2.Watermark

If you have a history with crackers(your apps is often cracked) do not let entirely on the protector checks, build some custom integrity check(crc32,md5,sha,etc)
The best way is to put a rutine in your apps that check validation of enigma ,something like that:
key generated by enigma = 00000 if result is the same then jump is cracked.This is not work with keygens.Latest way ,crackers use your own ASM code to make keygens.Finally....if your software is very known there is no protection in the world to protect it.

P.S.
I saw on the memberlist of Enigma forum some crackers name. Often this is buying protectors from the authors.
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

Enigma
Site Admin
Posts: 2509
Joined: Wed Aug 20, 2008 2:24 pm

Re: Internal Overlay CRC request

Post by Enigma » Fri May 29, 2009 9:41 am

To scorillo7: Thanks for the great reply! By the way, how are VB markers working? Still did not get reply from you...?
Daniel wrote:I would like to ask whether there is some CRC check of internal overlays in Enigma. I would like to defeat possible replacement of my overlay with a different one. Just simple CRC or similar.
This is good idea Daniel, I will make it in the nearest release! There are a lot of system that produce overlay executables, it would be great decision to protect overlay data!
scorillo7 wrote:1.check the integrity of Enigma(api)
This is always greeting! Integrity checking could help a lot to avoid cracking. I advice to use it as much as possible (here I mean CheckProtection markers and Inline Patching protection). But these checkups do not help to protect overlay data. Overlay data does not map into process memory, it is just placed into file.
scorillo7 wrote:If you have a history with crackers(your apps is often cracked) do not let entirely on the protector checks, build some custom integrity check(crc32,md5,sha,etc)
It could help much even than you think! Simple protection methods are always help to increase protection.
scorillo7 wrote:The best way is to put a rutine in your apps that check validation of enigma ,something like that:key generated by enigma = 00000 if result is the same then jump is cracked.
Yes, this is old and very known protection trick, but it is still very important. I can even tell that this is perfect decision! You may call key verify routine with the invalid key to check the function result and if it is return true than you will know that protection is damaged.
scorillo7 wrote:I saw on the memberlist of Enigma forum some crackers name. Often this is buying protectors from the authors.
I saw these guys too, moreover, some of these guys are registered customers. But really, not all of them are buying Enigma for cracking and sharing, most of them are really great developers who are using Enigma for own software protection, why not!

Daniel
Posts: 14
Joined: Wed Aug 20, 2008 5:29 pm

Re: Internal Overlay CRC request

Post by Daniel » Fri May 29, 2009 3:09 pm

@Enigma: Thank you for including the feature
@all: is there any solution how to protect overlays? Some encryption with on-line decryption on access or something similar. I have actually SWF player and overlay is actually SWF embedded in this way. Today you can get it easily out of the program with Overlay Extractor and dissect even when main EXE (player) would be hardly protected. Any links, solutions, source codes?

scorillo7
Posts: 90
Joined: Mon May 11, 2009 11:16 am

Re: Internal Overlay CRC request

Post by scorillo7 » Sat May 30, 2009 5:44 am

Enigma wrote:To scorillo7: Thanks for the great reply! By the way, how are VB markers working? Still did not get reply from you...?
To Enigma : Monday at first hour i will put to work these in a deeptrough test,for the moment i checked in a simply way with your default projects these and it work very good.But is first results ... this option make from Enigma great protector for VB6 .Yes, i will put my results here.Thanks Enigma...GREAT SUPPORT


To Daniel:
you must detail your apps better to understand what you do.If is a .SWF you are in a midlle of "haos" Daniel because is a nightmare these format from the protectors point.There are out there a very good dissamblers on the commercial market,you will never protect this enough.Even more if this is not the case , specify the work mode and compiler.Hope you find perfect solution.Sorry Enigma for transforming this in a general debate theme of this forum.
REMEMBER this is just a Enigma user's opinion and is pure unofficial
Your freedom stops where another man freedom begin.

Enigma
Site Admin
Posts: 2509
Joined: Wed Aug 20, 2008 2:24 pm

Re: Internal Overlay CRC request

Post by Enigma » Sat May 30, 2009 6:48 am

Daniel wrote:@all: is there any solution how to protect overlays? Some encryption with on-line decryption on access or something similar. I have actually SWF player and overlay is actually SWF embedded in this way. Today you can get it easily out of the program with Overlay Extractor and dissect even when main EXE (player) would be hardly protected. Any links, solutions, source codes?
Will be made Daniel, I promissed it to you, but again, 1.70 has more priority (here is still a lot of work with this version)... Not sure we find any solutions how to protect overlays in the net, this is very specific protection branch.
scorillo7 wrote:Yes, i will put my results here.
Would be very good to see your opinion! Will wait! Thanks!

Post Reply