Full Disclosure mailing list archives
RE: plz suggest security for DLL functions
From: "Aditya Deshmukh" <aditya.deshmukh () online gateway strangled net>
Date: Sat, 2 Jul 2005 21:35:21 +0530
friends, We are developing a software that makes use of a COM DLL. The whole logic lies in the dll. The User Interface is in VC++. DLL exposes functions, application calls it and displays result. Now, we found that anybody can copy the DLL, register it and make use of those functions.
This is a classic problem that plagues most of the software. They make good libs but don't want others to use them. Have u looked into encrypting the file itself and decrypting the required portion in the memory itself? This way nothing uncrypted in ever on the disk. So no one can actually do anything with a copied file. There are more approaches like anti debugging code like putting some your code in int 1 and int 3 so that debuggers cannot touch your code Or deliberately misaligning memory while some part of the dll so that any calling program that uses the dll has to so work around this "bug" there are quite other also like changing the PE section and so on
Please guide us in making those functions secret or encrypted so that others cannt use our functions.
But keep this in mind almost all what you do to protect your dll can be undone with enough time and resources. And someone just might! So if your DLL is heavily encrypted somewhere it would have to be decrypted and if *that* code can be debugged all the battle is lost, and believe me someone may just find a way to do that... ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: plz suggest security for DLL functions, (continued)
- Re: plz suggest security for DLL functions Michael Holstein (Jul 01)
- Re: plz suggest security for DLL functions Valdis . Kletnieks (Jul 01)
- Re: plz suggest security for DLL functions upb (Jul 01)
- Re: plz suggest security for DLL functions Tim (Jul 01)
- Re: plz suggest security for DLL functions Michael Holstein (Jul 01)
- RE: plz suggest security for DLL functions Aditya Deshmukh (Jul 02)
- Re: plz suggest security for DLL functions Devdas Bhagat (Jul 01)
- Re: plz suggest security for DLL functions John LaCour (Jul 01)
- Re: plz suggest security for DLL functions Gaurav Kumar (Jul 01)
- Re: plz suggest security for DLL functions Sasha Goldshtein (Jul 02)
- RE: plz suggest security for DLL functions Aditya Deshmukh (Jul 02)
- Re: plz suggest security for DLL functions Kristian Hermansen (Jul 02)