Author Topic: VLX file security  (Read 350 times)

0 Members and 1 Guest are viewing this topic.

AwAD

  • Mosquito
  • Posts: 9
VLX file security
« on: September 27, 2019, 10:58:53 AM »
Hello every one,

I'am not trying to hack a compiled routine, but should I trust the compiled vlx file "by vlide new application wizard" as I want to distribute some lisp routine that will contain some confidential information "mostly logic operations" and I'm sure that some with programming background will be eager find it out.

So I've done my research and found a tool to convert vlx back to fas, then another tool to decrypt that fas file, and a tool to disassemble the fas file.

I'm attaching a simple lisp routine, its compiled vlx, the decrypted fas file, and the disassembly text file. As I does not understand what had happened.

PLEASE NOTE that the decryption process for the fas file took almost a day, And if someone want the tools links i'll provide them in a message so not to help distribute them  :-( .

« Last Edit: September 28, 2019, 06:25:57 AM by AwAD »

VovKa

  • Swamp Rat
  • Posts: 1153
  • Ukraine
Re: VLX file security
« Reply #1 on: September 28, 2019, 05:54:20 AM »
lisp routine that will contain some confidential information "mostly logic operations" and I'm sure that some professional programmers will be eager find it out.
i bet, the professional programmer will just write his own routine

the decryption process for the fas file took almost a day
strange
i tried the decompilation tool in the past and it always worked almost instantly

AwAD

  • Mosquito
  • Posts: 9
Re: VLX file security
« Reply #2 on: September 28, 2019, 06:40:49 AM »
Hello VovKa, thank's for your answer.
i bet, the professional programmer will just write his own routine
No he wont as it is based on some information that he doesn't know.
strange
i tried the decompilation tool in the past and it always worked almost instantly
So do you mean that the fas security is compromised ?

VovKa

  • Swamp Rat
  • Posts: 1153
  • Ukraine
Re: VLX file security
« Reply #3 on: September 28, 2019, 07:54:19 AM »
So do you mean that the fas security is compromised ?
idk
you've seen the decompilation output yourself

all programs can be cracked and vlx is no different

MP

  • Seagull
  • Posts: 17446
Re: VLX file security
« Reply #4 on: September 28, 2019, 10:26:24 AM »
the professional programmer will just write his own routine

Agree!

No he wont as it is based on some information that he doesn't know.

I have earned my living for over 25 years doing nothing but designing and writing programs - so I may fall under the category of "professional programmer" - and have never reverse engineered, decompiled a program due to "information that he doesn't know"*. I believe the programmers I've had the pleasure to work with would report same.

I also don't worry about vlx / fas decompilation. If it's cracked it's cracked. Next.

* Data encoding and encryption schemes are a different beast. I've cracked too many to count out of necessity or simply the challenge. e.g. data format of PLC programs written out by GE9070 software ... how the educational flag is stored in dwg files. The difference is I need - or want - to modify or respond to elements of the data - not "lift an algorithm".
\|// Set goal. Experiment tirelessly until
|Oo| practice has become expertise.  Loop.
|- | LinkedIn | Dropbox

BIGAL

  • Bull Frog
  • Posts: 317
  • 30 + years of using Autocad
Re: VLX file security
« Reply #5 on: September 30, 2019, 12:17:48 AM »
Like MP lisp used kelvinator then decrypt appeared. Ok if you want to spend hours in un fas my code which I am selling for $200 good luck your never going to get rich.

Unless your marketing the cracked code you will never make any money anyway.

A man who never made a mistake never made anything

Master_Shake

  • Swamp Rat
  • Posts: 1447
Re: VLX file security
« Reply #6 on: September 30, 2019, 10:15:30 AM »
I'm confused, do you want to know the security of a VLX for your use or distribution? Personally I do not load any VLX files, just too many bad apples out there.

MickD

  • Gator
  • Posts: 3309
  • (x-in)->[process]->(y-out)
Re: VLX file security
« Reply #7 on: September 30, 2019, 06:40:53 PM »
I once had a job where I had to work with just an obfuscated legacy lisp file to create some .net routines to replace it (it was all above board, the person who wrote the code had left the company years before). It wasn't fun and took considerable time so if I could buy your code for $10-$300 or more I'd probably pay for it.

Your situation may be different in that it is more the IP of the data/algorithm that a competitor would find very valuable, if that's the case then I would suggest re-writing the application or module in C++ (ObjectARX).
Again, it's not guaranteed but to get the data/algorithm you basically need to reverse engineer the machine code.
That's about the best you could do really, cracking a licensing system is relatively quite easy compared to extracting an algorithm but if they want it bad enough, they can get it.
Forth is like the Tao: it is a Way, and is realized when followed.
Its fragility is its strength; its simplicity is its direction - Michael Ham

Lao Tzu: “To attain knowledge, add things
every day; to obtain wisdom, remove things every day.”

John Kaul (Se7en)

  • Administrator
  • Needs a day job
  • Posts: 9266
Re: VLX file security
« Reply #8 on: October 01, 2019, 08:50:33 AM »
Keep it open source; if the program has IP that the competitor would find valuable why would you want to "give" it to them in the first place (compiled or not)? But if you do want others to use the program, keeping it open source will promote improvement to that algorithm.

You are not going to get rich selling interpreted language code.

If you want to protect your name use a license (BSD, GPL, MIT, etc).



> I say `give' because, paying a few hundred--or thousand--dollars for a program a company can use--to save time and effort--is nothing to them in the grand scheme of things. A company has more complicated/different tax laws then you or I.
“Common sense is not so common.” ~Voltaire

--> Donate to TheSwamp.org <--