[Concerns]Enigma easy to crack?

Post here messages if you have any problems with working of Enigma Protector
Post Reply
newmem
Posts: 2
Joined: Tue Feb 03, 2009 3:48 pm

[Concerns]Enigma easy to crack?

Post by newmem »

i tried enigma demo. it is very good and compatiable with various system i have tested.

i was about to buy the official version before i found several forums posted various ways to crack engima.


this following video tut i found online is how to easily crack the registration from engima 1.61 using ollydbg.

http://www.4shared.com/file/83906620/87 ... ation.html

this just made me wonder about the security using engima if its such easy tasks to crack the registration.

To author:
do u have any way to prevent such cracking method?
if so, i would be glad to buy an official version
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: [Concerns]Enigma easy to crack?

Post by Enigma »

Really, I'm glad that you post this message, I even will not eliminate the link to this video tutorial.
Now my reply regarding this tutor:
- I started developing Enigma in 2002, all this time I was trying to make basic features that should contain protector, for now, I can tell that BASIC features are completed, and all the 2009 year I will develop/improve protection features
- Since next update all the tools that use inline patching (like in tutor) will be useless
- For now, Enigma 1.63 has (1.61 has not) interesting feature like "Encrypt application with Secure Constant" - application protected with this feature can't be unpacked/cracked without valid registration key
- Also, this tutor bypass only standard registration dialog of Enigma, use your own dialog by means of Enigma API, by this you will avoid cracking by standard tools
- Remember, there is NOT ideal protection that can't be unpacked/cracked

Now please read my advices:
- Of course, all developers want to have such kind of protection that will be applied my pressing of "Protect" button and after this - do not worry about cracking, it is impossible! Developer should apply as more protection feature as possible! For example, since Enigma 1.62 I have implemented new Virtual Machine, it is very hard and difficult to reverse, please use it to avoid cracking!
- Usual mistake of software developers is distributing of FULL non registered version - do not do this, distribute DEMO version, and send FULL version to registered users only! It is very good idea to hide full version and it's protection!
- Enigma supports plugins, write your own plugins and use it for protecting of your applications, it is very good way too, because you will have own/unique protection tricks and styles.
- Seems it was my mistake that I released DEMO versions without any restrictions from FULL version except NAG screen, all the future DEMO versions will be differ from FULL version in a lot of protection features!

Anyway, Enigma is continuously developing, new protection features are adding from version to version!
Daniel
Posts: 14
Joined: Wed Aug 20, 2008 5:29 pm

Re: [Concerns]Enigma easy to crack?

Post by Daniel »

Actually, everything is crackable. Try chase RE forums like tuts4you or unpack.cn and refferals from there and you get sad and break into tears immediately about ANY protection. Enigma is not an exception - it was cracked and will be cracked for sure in future like dozens of other protection schemes - any software can be cracked given enough time and skill. You must simply always count with this. But there must be always kept in mind cost/benefit ratio and here Enigma definitely wins:

1) The price is outstanding (99 USD) and there is no Basic (cheaper) and Advanced editon (more expensive with SDK) as in other software.
2) There is no so far ongoing 12 months subscription fee. You get all Enigma versions 1.xx. No expiration for previous version. And here must be stressed that Vladimir is extremely honest programmer as since April 2006 (the oldest version v1.1 I was able to trace) the version number moved only to 1.63. If Bill Gates would behave in same fashion we would still use Wndows v3.66 as free update of v3.1:)
3) The suggestions are incorporated fast, author replies promptly and you feel that project is living (compare with Acprotect 2.0, IcebergLock Protector RIP, EXEcryptor??? etc).
4) Enigma is mostly not detected as malware/bad tool by AV companies (compare with RLpack that often suffers this baby disease).

If you would like to pay a decent amount of money go for Enigma and as a backup you may buy for another 15 Euros RLPack (the promise release of v2 in nearest future that should be miracle of miracles in the ugly world of protection never seen before :)). Thus you buy one good real protection scheme and one "lottery ticket" and you will be safe.

Very satisfied legal customer of Enigma
Daniel
newmem
Posts: 2
Joined: Tue Feb 03, 2009 3:48 pm

Re: [Concerns]Enigma easy to crack?

Post by newmem »

I posted this infomation hopefully u can patch this and improve enigma :)

to be honest, I'm not worried about amount money i spent on protection software.
but i do expect the software i'm using can stop 90% of crackers if not all.

Initially i was going to buy a full version of the winlicense for 399$ (9month)
because many ppl told me its one of the best/most expensive protection software out there.
but soon i found out they already know how to reverse/crack the hardware lock of the newest version 2.05.

Since i really care about the method of registration/hardware lock and want to stop any "dishonest" customer. winlicense therefore would not be a good choice if they can reverse the hardware lock easily. so instead of buying a license for every computer, they would just get 1 and crack it to be usable on all other computers.

so i was wondering, is it better to
1) just make my own dialog of registration in my softeare
or
2) simply stick with the default and add some check using license check from enigmaSDK

also i have another problem while trying the demo version
the hardware ID is changing everytime i execute the packed program.

so after i registered with one Hardware ID, im promoted to register again with a different ID the 2nd time i run it.
i have to execute another 2-3 times to get back to the same ID and be able to run it in the registered mode.

can u tell me why is that?
im using vista
here is the param im using for hardware lock
1)system Volume serial number
2) CPU type
3)motherboard
4) hard Disk Serial number

i checked help file, none of the above should have changed with different execution
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: [Concerns]Enigma easy to crack?

Post by Enigma »

Thanks Daniel for the post!
I posted this infomation hopefully u can patch this and improve enigma
Of course, it will be patched!
so i was wondering, is it better to
1) just make my own dialog of registration in my softeare
or
2) simply stick with the default and add some check using license check from enigmaSDK
Really, default registration dialog of Enigma ONLY helps developers to make "fast" build of protected files (it is not a powerful protection), powerful protection is registration keys of Enigma, without project file nobody never is able to create keygen.
So, you may combine default registration dialog + check license by SDK API.
so after i registered with one Hardware ID, im promoted to register again with a different ID the 2nd time i run it.
i have to execute another 2-3 times to get back to the same ID and be able to run it in the registered mode.
As you may read in manual, the hardware id may change if you enable "system Volume serial number" (it can be done even by user), CPU type and motherboard requires administrator privileges (not sure if this causes a problem, but I never saw reports from registered users about such errors). The best way is using "hard Disk Serial number" hardware lock, this was very improved since version 1.62, and allows to get HDD serial almost on all machines.

Regarding Hardware Lock, in next version I plan to add some more feature like "Encrypt application with particular hardware id", you will be able to protect/ your files with particular id and this file will not even run on the machine with different id!
avok
Posts: 7
Joined: Thu Feb 12, 2009 2:04 pm

Re: [Concerns]Enigma easy to crack?

Post by avok »

Hello,

We've been using EXECryptor in the past and are looking for alternatives if they don't come up with a new version soon. It has not been updated since 2007.

I've been looking at Setisoft's Private Exe Protector that just got updated to a new version, and then Enigma. The pricing of Enigma is excellent but it's not the most important thing ;)

How well does Enigma protect against memory dumping and unpacking? We don't necessarily need a registration system but very strong protection against analyzing, dumping and unpacking of our software. Is there any "tricks" related to the licensing, where you can only get updates for 1.xx series, I mean it could be updated to 2.0 the next day and we wouldn't get the update if I understood correctly.
Enigma
Site Admin
Posts: 2939
Joined: Wed Aug 20, 2008 2:24 pm

Re: [Concerns]Enigma easy to crack?

Post by Enigma »

Is there any "tricks" related to the licensing, where you can only get updates for 1.xx series, I mean it could be updated to 2.0 the next day and we wouldn't get the update if I understood correctly.
Looks like you are thinking that Enigma (and we - developers) are cheaters, of course this is false! We are thinking about every customer, even if you buy 1.99 version, I promise you that you will get at least one year for 2.xx updates!
Regarding 2.xx update - I do not plan to release this version in future 2 years, so do not worry, if you will buy it now, you will get a lot of updates.
Moreover, even users, who bought latest Enigma version 1.xx and after this Enigma will migrate to 2.xx, they will get free updates!
How well does Enigma protect against memory dumping and unpacking? We don't necessarily need a registration system but very strong protection against analyzing, dumping and unpacking of our software.
Memory Dumping - this is simple technology, no any protectors have good anti-memory dumping features, all the known tricks can be eliminated very easy. Memory Dumping as it is - reading memory of the process, anyone can read memory of almost any process. This is not a big deal for cracker to solve any anti-memory dumping trick.

But regarding unpacking, unpacking is the complex protection, of course, Enigma has a LOT of tricks to avoid unpacking:
1. By means Anti-Debugger feature you may stop execution of module if Debugger is running in the system (Debugger - tool for reversing protected application)
2. Enigma Plugins has modern tricks to avoid execution from debugger!
3. PS: Within next few days I will try to create additional anti-dumping plugin.
4. If you are not using registration scheme, but need complex protection - let's use new Virtual Machine. If your application is not a .net, and it is written in C++ or Delphi - it is very good way to increase protection. New Virtual Machine is very hard to reverse, nobody except registered users can test it (means, crackers can not analyse Virtual Machine), there is not any tools/tutorials for new VM unpacking.
5. Finally, there are a lot of feature, you need only apply your brain!
avok
Posts: 7
Joined: Thu Feb 12, 2009 2:04 pm

Re: [Concerns]Enigma easy to crack?

Post by avok »

Thank you for the very informative answer 8-)
Post Reply