您是否曾经使用过代码虚拟器或 vmprotect 来防止逆向工程?

发布于 2024-07-09 21:07:00 字数 411 浏览 7 评论 0原文

我知道没有办法完全保护我们的代码。 我还知道,如果用户想要破解我们的应用程序,那么他或她就不是会购买我们的应用程序的用户。 我也知道最好改进我们的应用程序..而不是害怕防裂技术。 我也知道没有商业工具可以保护我们的应用程序...... 我也知道......

好吧。 足够的。 我已经听到了一切。 我真的认为添加一点保护不会有什么坏处。

那么...您曾经使用过 oreans 或 vmprotect 的代码虚拟化器吗? 我听说它们有时被某些防病毒软件检测为病毒。

购买之前我应该​​注意的任何经历。 我知道它会创建一些虚拟机并混淆一些代码,以便更难找到我们注册例程的弱点。

有什么我应该知道的警告吗?

谢谢。 任何意见,将不胜感激。

捷豹

I know that there is no way to fully protect our code.
I also know that if a user wants to crack our app, then he or she is not a user that would buy our app.
I also know that it is better to improve our app.. instead of being afraid of anticracking techniques.
I also know that there is no commercial tool that can protec our app....
I also know that....

Ok. Enough. I've heard everything.
I really think that adding a little protection won't hurt.

So.... have you ever used code virtulizer from oreans or vmprotect?
I've heard that they are sometimes detected as virus by some antivirus.

Any experiences that I should be aware of before buying it.
I know it creates some virtual machines and obfuscates a little the code to make it harder to find the weaknesses of our registration routines.

Is there any warning I should know?

Thanks.
Any advice would be appreciated.

Jag

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

郁金香雨 2024-07-16 21:07:00

在我看来,你应该很幸运,甚至渴望被盗版,因为这意味着你的产品是成功的和受欢迎的。

这显然是错误的。 我花了好几个月开发的软件一发布就被破解了。 有组织的破解小组以 download.com 的 RSS 频道等为基础,破解出现的每个应用程序。 提取任何应用程序的密钥生成代码都是小菜一碟,所以我的回应是:

a)诉诸数字证书密钥文件,这些文件不可能伪造,因为它们是由私有 AES 密钥签名的,并且由应用程序中嵌入的公共验证(请参阅:aquaticmac.com - 我使用 stl c++ 实现,它是跨平台),以及。

b) 优秀的Code Virtualizer™。 我想说的是,当我开始使用Code Virtualizer™时,我收到了一两个用户关于应用程序崩溃的投诉。 当我将其从他们的构建中删除时,崩溃就停止了。 不过,我不确定这是否是 CV 本身的问题,因为它可能是我的代码中的一个不起眼的错误,但我重新调整了我的代码,此后我没有听到任何抱怨。

经过上述处理后,就不再出现裂纹了。 有些人认为被破解是一件积极的事情,因为这是一个免费的宣传渠道,但这些人通常不会花费数月/数年的时间在一个想法上,却发现你被敲诈了。 很难接受。

In my humble opinion, you should be lucky or even eager to be pirated, because that means your product is successful and popular.

That's plain incorrect. My software that I worked many months on was cracked the moment it was released. There are organised cracking groups that feed off download.com's RSS channel etc and crack each app that appears. It's a piece of cake to extract the keygen code of any app, so my response was to:

a) resort to digital certificate key files which are impossible to forge as they are signed by a private AES key and validated by a public one embedded in the app (see: aquaticmac.com - I use the stl c++ implementation which is cross-platform), along with.

b) The excellent Code Virtualizer™. I will say that the moment I started using Code Virtualizer™ I was getting some complaints from one or two users about app crashes. When I removed it from their build the crashes ceased. Still, I'm not sure whether it was a problem with CV per se as it could have been an obscure bug in my code, but I since reshuffled my code and I have since heard no complaints.

After the above, no more cracks. Some people look at being cracked as a positive thing, as it's a free publicity channel, but those people usually haven't spent months/years on an idea only to find you're being ripped off. Quite hard to take.

小忆控 2024-07-16 21:07:00

不幸的是,与传统的打包软件相比,受虚拟机保护的软件更容易受到误报的影响。 原因是,由于反病毒保护非常复杂,反病毒软件通常无法分析受保护的代码,并且可能依赖模式库,或者可能对受其无法分析的系统保护的任何文件发出通用警告。 如果您的首要任务是消除误报,我建议您选择一种广泛使用的保护解决方案,例如 AsProtect(尽管 Oreans 的产品也变得非常流行)。

Unfortunately, VM-protected software is more likely to get affected by false positives than conventional packing software. The reason for that is that since AV protection is so complicated, AV software are often unable to analyze the protected code, and may rely on either pattern libraries or may issue generic warnings for any files protected by a system it can't analyze. If your priority is to eliminate false positives, I suggest picking a widely-used protection solution, e.g. AsProtect (although Oreans' products are becoming quite popular as well).

云裳 2024-07-16 21:07:00

软件虚拟机保护如今相当流行,特别是现在小公司和独立软件开发商可以以实惠的价格获得它。 与非 VM 技术相比,破解它还需要付出相当大的努力 - 包装器通常具有其他保护以及 VM 保护所具有的标准反调试技巧。 由于虚拟机是在每次构建时随机生成的,因此破解者需要分析虚拟机指令集并将受保护的代码逆向工程回机器代码。

虚拟机保护的主要缺点是,如果过度使用(用于保护代码的过多部分),它会大大减慢您的应用程序的速度 - 因此您只需要保护关键部分(注册检查等)。 它也不适用于某些应用程序类型 - 它可能不适用于用于注入的 DLL 以及设备驱动程序。

我还听说 StrongBit EXECryptor 是一个价格合理的不错的保护包。 (我不隶属于该公司,也不保证任何质量,这只是口碑,在我看来值得一试)。

Software VM protection is quite popular today, especially as it's now available at an accessible price for small companies and independent software developers. It also takes a considerable amount of effort to crack in comparison to non-VM techniques - the wrappers usually have the standard anti-debugging tricks that other protections have, as well as the VM protection. Since the virtual machine is generated randomly on each build, the crackers will need to analyze the VM instruction set and reverse engineer the protected code back to machine code.

The main disadvantage of VM protection is that if it's overused (used to protect excessive parts of the code), it can slow down your application considerably - so you'll need to protect just the critical parts (registration checks, etc). It also doesn't apply to certain application types - it likely won't work on DLLs that are used for injection, as well as device drivers.

I've also heard that StrongBit EXECryptor is a decent protection package at a decent price. (I'm not affiliated with said company nor guarantee any quality what-so-ever, it's just word of mouth and worth checking out IMO).

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文