TheSwamp
Code Red => AutoLISP (Vanilla / Visual) => Topic started by: baitang36 on December 16, 2021, 01:05:29 AM
-
Let's do an experiment first
Enter the following code in the vlide editor:
After compiling into fas, load it.
Then use WinHex to edit the memory and find the text string "z68c68m6868". The results are as follows:
Offset 0 1 2 3 4 5 6 7 8 9 A B C D E F
00DE1FCD0 00 00 00 00 00 00 00 00 00 00 00 00 6D 36 38 36 m686
00DE1FCE0 38 00 63 36 38 00 7A 36 38 00 7A 36 38 63 36 38 8 c68 z68 z68c68
00DE1FCF0 6D 36 38 36 38 00 44 3A 5C 30 38 5C 7A 63 74 2E m6868 D:\08\zct.
00DE1FD00 66 61 73 00 00 00 00 00 00 00 00 00 00 00 00 00 fas
Found our regcode in memory, "z68c68m6868"
Why? Is (setq regcode Nil) not working?
I have studied for a long time and found that (setq regcode Nil) only empties the symbol regcode without any operation on the string "z68c68m6868", which still exists in memory intact.
Many crackers use this principle to find the real registration code and use genuine software for free.
As LISP developers, how should we protect our copyright?
LISP has no pointer and can't modify memory directly.
-
http://www.theswamp.org/index.php?topic=17465.0
-
Found our regcode in memory, "z68c68m6868"
that's because you know what to look for, what if you do not? ;)
As LISP developers, how should we protect our copyright?
the answer is simple: you can not protect your code 100%
you can only make it harder to crack i.e. compare hashes not real registration codes
-
Found our regcode in memory, "z68c68m6868"
that's because you know what to look for, what if you do not? ;)
The common practice of crackers is to enter a registration code randomly, and then find the input string in memory, and the real registration code can be found near it
-
Found our regcode in memory, "z68c68m6868"
that's because you know what to look for, what if you do not? ;)
The common practice of crackers is to enter a registration code randomly, and then find the input string in memory, and the real registration code can be found near it
Then don't hard code the registration code , split it across functions, or encrypt it.
I used to spend a ton of time on this, but in the end it wasn't worth it lol