TheSwamp

Code Red => AutoLISP (Vanilla / Visual) => Topic started by: baitang36 on December 16, 2021, 01:05:29 AM

Title: How to erase the registration code in memory?
Post by: baitang36 on December 16, 2021, 01:05:29 AM
Let's do an experiment first
Enter the following code in the vlide editor:
Code - Auto/Visual Lisp: [Select]
  1. (setq regcode (strcat "z68" "c68" "m6868"))
  2. (setq regcode nil)

After compiling into fas, load it.
Then use WinHex to edit the memory and find the text string "z68c68m6868". The results are as follows:
Offset           0  1  2   3   4   5   6    7  8   9   A  B  C   D    E  F
00DE1FCD0 00 00 00 00 00 00 00 00 00 00 00 00 6D 36 38 36 m686
00DE1FCE0 38 00 63 36 38 00 7A 36 38 00 7A 36 38 63 36 38 8 c68 z68 z68c68
00DE1FCF0 6D 36 38 36 38 00 44 3A 5C 30 38 5C 7A 63 74 2E m6868 D:\08\zct.
00DE1FD00 66 61 73 00 00 00 00 00 00 00 00 00 00 00 00 00 fas 
Found our regcode in memory, "z68c68m6868"
Why? Is (setq regcode Nil) not working?
I have studied for a long time and found that (setq regcode Nil) only empties the symbol regcode without any operation on the string "z68c68m6868", which still exists in memory intact.
Many crackers use this principle to find the real registration code and use genuine software for free.
As LISP developers, how should we protect our copyright?
LISP has no pointer and can't modify memory directly.
Title: Re: How to erase the registration code in memory?
Post by: It's Alive! on December 16, 2021, 04:31:08 AM
http://www.theswamp.org/index.php?topic=17465.0
Title: Re: How to erase the registration code in memory?
Post by: VovKa on December 16, 2021, 06:21:13 AM
Quote from: baitang36 on December 16, 2021, 01:05:29 AM
Found our regcode in memory, "z68c68m6868"
that's because you know what to look for,  what if you do not? ;)

Quote from: baitang36 on December 16, 2021, 01:05:29 AM
As LISP developers, how should we protect our copyright?
the answer is simple: you can not protect your code 100%
you can only make it harder to crack i.e. compare hashes not real registration codes
Title: Re: How to erase the registration code in memory?
Post by: baitang36 on December 16, 2021, 08:25:37 AM
Quote from: VovKa on December 16, 2021, 06:21:13 AM
Quote from: baitang36 on December 16, 2021, 01:05:29 AM
Found our regcode in memory, "z68c68m6868"
that's because you know what to look for,  what if you do not? ;)
The common practice of crackers is to enter a registration code randomly, and then find the input string in memory, and the real registration code can be found near it
Title: Re: How to erase the registration code in memory?
Post by: It's Alive! on December 16, 2021, 04:58:05 PM
Quote from: baitang36 on December 16, 2021, 08:25:37 AM
Quote from: VovKa on December 16, 2021, 06:21:13 AM
Quote from: baitang36 on December 16, 2021, 01:05:29 AM
Found our regcode in memory, "z68c68m6868"
that's because you know what to look for,  what if you do not? ;)
The common practice of crackers is to enter a registration code randomly, and then find the input string in memory, and the real registration code can be found near it

Then don't hard code the registration code , split it across functions, or encrypt it.

I used to spend a ton of time on this, but in the end it wasn't worth it lol