Softwareguy256
04-29-2007, 01:01 AM
I thought I was getting really good at reversing, then I try to reverse a reverser's crack and realize that I know nothing. This exe has got special protections in it that prevent it from being disassembled. I figure this has something to do with the COFF/PE file format so I downloaded the MS spec and reading through that. I think I'm on the right track for this one.
In the crack's "about" box, it claims it uses AES, knapsack, and crc32 as protection mechanisms. How does this work?? I assume that any secret keys must be stored in the exe because it is not accessing any outside source. So it sounds like any protection mechanism is in theory just an obfuscator.
An idea just came in my head that the exe can use these algorithms such as CRC32 to make sure the exe has not been patched, but i figure if you ever got that far you can just NOP the check as well.
In the crack's "about" box, it claims it uses AES, knapsack, and crc32 as protection mechanisms. How does this work?? I assume that any secret keys must be stored in the exe because it is not accessing any outside source. So it sounds like any protection mechanism is in theory just an obfuscator.
An idea just came in my head that the exe can use these algorithms such as CRC32 to make sure the exe has not been patched, but i figure if you ever got that far you can just NOP the check as well.