Archived

This topic is now archived and is closed to further replies.

Diodor

would this anti-crack ideea work ?

Recommended Posts

I''m thinking that for a future game I go shareware with unlock codes, cause this will make registering as easy as possible. I want to cript some of the game so no cracker will be able to find out the unlock code from the executable, or bypass it. But, whats the point if there is only one code and anybody can search the net for codez ... It''d be easier than registering too Is there any download site that can rebuild the archive according to my alghoritms ? (Just cripting the levels/dlls with locked game code and zipping up the game) If not, I thought I distribute different game archives (cripted with different codes). Each game "distribution" will have to query the registering site (kagi or something) for the correct unlock code. Can they do this ?

Share this post


Link to post
Share on other sites
First of all I would like to say that there is no way you can make it so a cracker can not find the unlock code....

Now thats out of the way....

What if you have several different levels of registration codes / processess....combine several ideas and algorithms, thus making it harder to crack, not impossible but harder.

Share this post


Link to post
Share on other sites
Is this what you mean?

Person goes to the how to register screen

he sees a number, randomly generated from one seed every time on his computer

When registering he mails you the code

You plug the code into an equation something like this:

37 ^ X + 17 / 36 * 118 + X
(Just example)

And you mail it back to the buyer.

This works well, especially if you bury the code in a mislabeled registry entry (favorite trick of mine) under something just about everyone has installed (MS Word, for example, but you might want to just have it an entry under Windows) to be sneak-like. Hope it helps...

Oh, and Gonzo's right. It's impossible to have an uncrackable code. However, I once made one that used so many encrypt layers it took my 700MHz computer about a day, doing nothing else, to decrypt it using the "most efficient means possible" according to it.

Edited by - Edward Ropple on April 20, 2001 8:33:52 PM

Share this post


Link to post
Share on other sites
Here''s a problem with your scheme:
If anywhere in your program, you have a line that is something like
if valid_code then decrypt_game
(which you would have to have SOMEWHERE to make your system work)
All a hacker has to do is change a bit or two with a hex editor and suddenly this line becomes
if NOT valid_code then decrypt_game

So, essentially, it''s really not worth the effort. There was an article either here on GameDev or on Gamasutra that talked about possible ways to do copy protection but it''s probably not really worth the effort making a complicated system for copy-protection. If your game is amazingly popular, then it will be cracked no matter what you do, and if your game is ''average'' no one will care enough to bother to crack it. Going through some big convoluted process probably isn''t worth all the time it will take in implementing and debugging it. Just live with the fact that some people aren''t honest and won''t register no matter what you do. It''s just the way things are, unfortunately.

Share this post


Link to post
Share on other sites
Here''s a different idea... Have the "commercial" game data stored in an encrypted file that requires a key to decrypt. When users register, have it send you the last two series of a GUID slightly encoded. Take this, and use it to make (on your PC) some small, also encrypted file that contains this key, and is encrypted with the partial-GUID as its key.

It''s not foolproof, but a potential cracker would have to first have access to such a key file, decompile your code, and finally stare at it long enough to figure out how the algorithm works so that they could produce their own "key" files from any GUID. All of this should be much harder to do than changing a single properly-placed opcode.

Note: how does the GUID trick work? One of the ways a GUID is made unique is that the last two sets of digits come from your network adapter (or something like that), so that every GUID generated on a given computer will have the same final sets.

--Tr][aD--

Share this post


Link to post
Share on other sites
You could have them mail you a code that is generated based on thier OS registration, like the name of the individual. Then you send them a code that will work, but only if the registered name in the OS is the same. This means that a reg key will almost certainly not function for any other computer. However if they re-install thier OS, using a different name, then it won''t work on thier computer either, so you''d need to have a db of registered users, and the codes you sent them.

Speaking of general encryption... for a programming assignment that I did a while back we had to include some measure of security. You only needed to have a login with password read from a binary file, but I had some extra time left, so I went to town. Basically I had a password file that used four differnt encryption styles, and could change which style it was using randomly in mid-word. Once that had been decoded all you had was references that told the program where to look in the documentation files for the correct letter, word, or series of letters, and it then simply read the info, and compared it what was typed in. It took a couple of secs. I am not sure how secure it would be, but it was just for fun anyway.


--------------------------------------
Why run? You''''ll only die tired.
--------------------------------------

Share this post


Link to post
Share on other sites
An idea someone mentioned to me was to have the registration code checked in multiple places, but done randomly. So 9 times out of 10 a particular reg check isnt done, but every now and then it is, and if there are maybe 20 such checks scattered through the game, then a cracker would have to run through the game maybe 200 odd times to be sure he had zeroed out all of them. Otherwise the ''cracked'' version turns out to only work maybe 70% of the time, which would be enough to persuade most people to register if the game is good.
I don''t agree that every system is crackable. Agreed it is currently very very difficult, but the potential rewards of developing a system are so high that i have little doubt that one day it will happen.

http://www.positech.co.uk

Share this post


Link to post
Share on other sites
"have the registration code checked in multiple places, but done randomly. So 9 times out of 10 a particular reg check isnt done."

Been done. Held the hackers up for a total of 3 days. Infact it was actually a better idea. which was to have totally seperate CRC checks performed on the code to prevent any messing so that each must be found seperately. The idea you mention of checking the reg code is easier to hack because you only have to search the code for anything that refers to the location that holds the reg code (in other words you just trace back from the reg code).

In addition to the above the game also had on disk protection to stop casual copiers and an additional trick. The coder put corrupted code, which had to be overwritten for the game to work. This was only done after the disk protection had executed so anyone halting the code before the disk protection was activated (in order to get around the disk protection) would end up with useless corrupted code.

In all the coder took two weeks to do all the protection and the game was hacked 3 days after launch.


Dan Marchant
Obscure Productions

Share this post


Link to post
Share on other sites
Ok, if u want to try to avoid cracks, avoid most of the API calls like GetWindowText and GetDlgText or something, crackers will run for those calls as mice to cheese.

k, this idea is kind of nice:

Player runs game for the first time, the number of Ticks between system started is saved, then this n is sent to the company, they generate a key that uses the number. The user must use that key.

Now crackign isnt about finding the key, but bypassing it !!
You must avoid at all costs those api calls i mention, getc or something is best, or even create an exe with that code, send to user, and the exe will be the one that unlocks the game...

There are various ways to DELAY cracks, but I havent seen one that could AVOID it !!

Share this post


Link to post
Share on other sites
Your best bet is to create a key from the user''s name, then display the name on the startup screen or on some menu of the game once it''s unlocked. This way you can find out the name of the person who ripped you off and add their name to a blacklist in the next release. Just another reason to release often.


ApeZone
http://www.apezone.com/
Starships Unlimited: Try the free game demo

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Here''s an idea. Don''t worry so much about it. It''s so easy for a hacker to crack it''s not worth your time to come up with an exotic plan to stop it. They simply step through the program one instruction at a time, until it finds the statement where it checks for the password.. it then has 2 options registration incorrect, or registration correct.. they simply change the opcode to jump to registration correct intead of incorrect, then no matter what you do, it''s still going to run the program as if it''s been registered. Any registry tricks, or really hard to crack algorythms don''t make a bit of difference, becuase it''s simple enought to get around, and just makes your job harder, it doens''t really make it any harder for the person to crack it.

Billy

Share this post


Link to post
Share on other sites
quote:
Original post by cliffski

An idea someone mentioned to me was to have the registration code checked in multiple places, but done randomly. So 9 times out of 10 a particular reg check isnt done, but every now and then it is, and if there are maybe 20 such checks scattered through the game, then a cracker would have to run through the game maybe 200 odd times to be sure he had zeroed out all of them. Otherwise the ''cracked'' version turns out to only work maybe 70% of the time, which would be enough to persuade most people to register if the game is good.
I don''t agree that every system is crackable. Agreed it is currently very very difficult, but the potential rewards of developing a system are so high that i have little doubt that one day it will happen.



Well, lets take a look here, you say that not all programs are crackable, give one good example as if you look for instance, on the net, you''ll see that most games ( which uses security in any way ) has it''s crack. Even Quake III which supposedly required unique keys that couldn''t be reused, got cracked. Anyhow, those are still my views...



"And that''s the bottom line cause I said so!"

Cyberdrek
Headhunter Soft
A division of DLC Multimedia

Resist Windows XP''s Invasive Production Activation Technology!

Share this post


Link to post
Share on other sites
quote:
Original post by ApeZone

Your best bet is to create a key from the user''s name, then display the name on the startup screen or on some menu of the game once it''s unlocked. This way you can find out the name of the person who ripped you off and add their name to a blacklist in the next release.



Actually this is not the right thing to do because if the code displays the name the hacker can very easily trace back to the routine that prints the name. From there they can trace back to the routine that tells it WHAT to print (the users name) and hack out the routine. It is far better to encrypt the name and hide it in the code so that it is only readable using a separate program, which decrypts it. Then when a version is found the name will be in tact in the code as there will be nothing to tell them it was ever there.



Dan Marchant
Obscure Productions

Share this post


Link to post
Share on other sites
So, I gather that a game that cant be copied around just cant be done.

But I only want a game that cannot be patched or unlocked without downloading the hole cracked archive again.

My ideea was this :
Whenever one downloads the game, he would have a different archive, with the comercial data encrypted with a different key. So, there is NO WAY he can unlock the game (get some codez/small 10k patchez from the net). He has to download again an already unlocked game from the net.

But, in order to make copying around (especially on the net) much harder, I''m thinking when I expand the say 1MB archive to like 15MB of hardisk space, filling up to that size using random crap (so you cant archive the game down to size and upload it either), and mixing it with the usefull using strange algorithms, so that its really really hard to just change every piece of code that reads data from files.


TrIads system seems like a very very good alternative. But it can be patched too, either making the game generate same GUID and giving away the right registering code, or finding out what the secret unique key is by simply debugging and then bypassing the algoritm thats supposed to create this key completely, so that whatever registering code you provide, the commercial data decrypt uses the unique key.

quote:

Been done. Held the hackers up for a total of 3 days. Infact it was actually a better idea. which was to have totally seperate CRC checks performed on the code to prevent any messing so that each must be found seperately. The idea you mention of checking the reg code is easier to hack because you only have to search the code for anything that refers to the location that holds the reg code (in other words you just trace back from the reg code).



What if everything in the game would access the reg code. Use it for stuff like overwriting useless data structs with the reg code, turn it to float, divide by 1000000.0 and add it freely with all of your floating point values, etc. You can only have so many breakpoints on memory access.


What if youd have a single check of the registering code that creates a "wrong code" message box. It would be just 99.9% accurate for wrong codes, and 100% accurate for correct ones. Something like a checksum of the code or something, so you cant figure the code from the check. The sole purpose of this check would be to remove type errors of any kind, not keep crackers out.

Then, all of the other checks hidden somewhere in the program (see above), would not generate trackable errors, but spawn bugs like bad pointers in the program, that will cause general protection faults frames away from the failed check. DEBUG THIS ! The game would work perfectly on every computer with good code, would prompt bad code error, but when one hacks away the first check all hell would break loose for no apparent reason, in all the bad places.

Btw, how did the crackers find all of those CRC checks on the file ?

Share this post


Link to post
Share on other sites
If you are talking about stopping everyone then I think you are kidding yourself. There is nothing you can do to stop people from reverse engineering your code. The biggest threat in piracy is the casual user making copies of your game for friends. Fortunately basically anything mentioned here would stop this. In terms of serious hackers really the only thing you can do is try to make it not worth thier while. If your game is shareware then you''ll get a few people giving it a go, and some of them will persist, no matter how long it takes, as a matter of pride. They may well even make your now hacked game available on a couple of sites. Fact is however that webspace costs $$, so unless your game is totally kick-arse they probabally won''t keep it there long. You will still sell close to your potential maximum anyway though, because unless your game is retail quality most people who would like the full version won''t search sites for a hacked version. They may see what they can do themselves, which for most people is nothing, but in the end they''ll pass or pay.
In short... don''t worry too much. If your game is retail quality, get a real developer and you''ll get the standard copy protection deal, which is about the best tech available anyway. If its not that good, do a little bit of protection to stop the casual bum, but leave it at that... it''s not worth the headache.

--------------------------------------
Why run? You''''ll only die tired.
--------------------------------------

Share this post


Link to post
Share on other sites