HWID crackable

Post here messages if you have any problems with working of Enigma Protector
Post Reply
ElliotHM
Posts: 8
Joined: Fri Dec 06, 2013 6:19 pm

HWID crackable

Post by ElliotHM » Sat Dec 07, 2013 6:15 pm

User of mine discovered that once the program is successfully registered with a key etc, you can dump the application(via megadumper) and use it on any other PC, without a key.

I was wondering if the implementation of live time key checks would be a possible feature to include? or a fix for this issue.

Enigma
Site Admin
Posts: 2556
Joined: Wed Aug 20, 2008 2:24 pm

Re: HWID crackable

Post by Enigma » Mon Dec 09, 2013 9:29 am

Hi Elliot,

The problem in your case is a lack of protection implemented in the file. Looks like you are protecting .NET file, right? If so, the additional protection features should be used to improve the protection.

First of all you should use different Enigma API functions, for eg, to check the license status (if it is valid or no), then you may use Enigma API functions that do nothing but helps to understand if the program is protected or no, like EP_CheckupIsProtected (which will return a zero if the file is dumped).

You may embed some strings or data into Protected Strings feature and then extract this data with Enigma API EP_ProtectedStringsByID. So if cracker dumps the file, these functions won't work and application will miss core strings/data.

Use Virtual Box feature to hide files and registry items that your application uses.

Most advanced and effective way - create a mixed assembly and protect it with VM Marker. But if you implement at leas above suggestions, you'll succeed.

danypd69
Posts: 5
Joined: Fri Oct 18, 2013 11:22 am

Re: HWID crackable

Post by danypd69 » Mon Dec 09, 2013 4:22 pm

Enigma wrote: Most advanced and effective way - create a mixed assembly and protect it with VM Marker. But if you implement at leas above suggestions, you'll succeed.
Hi Enigma,
how do you create a mixed assembly ?

ElliotHM
Posts: 8
Joined: Fri Dec 06, 2013 6:19 pm

Re: HWID crackable

Post by ElliotHM » Mon Dec 09, 2013 5:59 pm

I tried with EP_RegLoadAndCheckKey. After dumping the file it didn't even work and "Could not find engima_IDE.dll" error was appearing....
- Works perfectly fine when not dumped.

Even tested with EP_CheckupIsProtected, doesn't work.
None of the API functions work once the file is dumped.

Enigma
Site Admin
Posts: 2556
Joined: Wed Aug 20, 2008 2:24 pm

Re: HWID crackable

Post by Enigma » Tue Dec 10, 2013 7:17 am

Yes, sure, none of Enigma API will work when dumped. But, I do not recommend you to stop improving of protection by implementing just these two api functions! Try all other suggestions too. Use Protected Strings feature too (check EnigmaIED.cs, there are wrappers for protected strings api functions for easy strings/data extracting)!

ElliotHM
Posts: 8
Joined: Fri Dec 06, 2013 6:19 pm

Re: HWID crackable

Post by ElliotHM » Tue Dec 10, 2013 7:32 am

None of the API functions work when dumped... So essentially it's impossible to stop the HWID crack / bypass???

I don't know where to go from here seeing as the program can be cracked via one button click


I'll try protecting a string and such later on today

Enigma
Site Admin
Posts: 2556
Joined: Wed Aug 20, 2008 2:24 pm

Re: HWID crackable

Post by Enigma » Tue Dec 10, 2013 1:21 pm

ElliotHM wrote:None of the API functions work when dumped... So essentially it's impossible to stop the HWID crack / bypass???
Why impossible? If the program does not work dumped, then it means that crack works? API do not work, this means the program also does not work, is it correct?

I meant that .NET requires an additional protection, a little more time to spend to implement different protection features. There are really many ideas how to implement the protection, one more exotic way - using Virtual Box - Registry. You may store strings/numbers/binary data in the virtual registry and extract it to work with the program. If the program will be dumped, there will be no virtual registry, and program just won't work.

Please let me know if you have questions regarding these protection techniques.

ElliotHM
Posts: 8
Joined: Fri Dec 06, 2013 6:19 pm

Re: HWID crackable

Post by ElliotHM » Mon Jan 20, 2014 4:56 pm

Apologies for the gravedig, I tried implementing EP_ProtectedStringByKey but I get an issue...

When I try to use

Code: Select all

Length = EP_ProtectedStringByKey("fyi6z02Y", vbNullString, 0)
I receive the error
Value of type 'String' cannot be converted to 'System.Text.StringBuilder'.
If I substitute 'vbNullString' with a string builder i just end up receiving either no output or the number 8....

Enigma
Site Admin
Posts: 2556
Joined: Wed Aug 20, 2008 2:24 pm

Re: HWID crackable

Post by Enigma » Wed Jan 22, 2014 10:34 am

Hi Elliot,

Conversion of Visual Basic .NET had been made not by us, so the errors may appear.

I recommend you to take a look at the SDK for C#, see the file "EnigmaSDK\C# (.NET)\Enigma_IDE.cs", at the end of the file there are special wrappers for the functions of Protected Strings feature.

I think if you convert these wrappers from C# to VB.NET then it would be the ideal way.

C# wrappers are the following:

Code: Select all

    public static string EP_ProtectedStringByIDAsAnsiString(int ID)
    {
        Int32 len = EP_ProtectedStringByID(ID, IntPtr.Zero, 0);
        if (len > 0)
        {
            byte[] buffer = new byte[len];
            if (EP_ProtectedStringByID(ID, Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0), len) > 0)
            {
                return Encoding.ASCII.GetString(buffer);
            }
        }
        return string.Empty;
    }

    public static string EP_ProtectedStringByIDAsWideString(int ID)
    {
        Int32 len = EP_ProtectedStringByID(ID, IntPtr.Zero, 0);
        if (len > 0)
        {
            byte[] buffer = new byte[len];
            if (EP_ProtectedStringByID(ID, Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0), len) > 0)
            {
                return Encoding.Unicode.GetString(buffer);
            }
        }
        return string.Empty;
    }
    public static string EP_ProtectedStringByKeyAsAnsiString(string Key)
    {
        Int32 len = EP_ProtectedStringByKey(Key, IntPtr.Zero, 0);
        if (len > 0)
        {
            byte[] buffer = new byte[len];
            if (EP_ProtectedStringByKey(Key, Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0), len) > 0)
            {
                return Encoding.ASCII.GetString(buffer);
            }
        }
        return string.Empty;
    }
    public static string EP_ProtectedStringByKeyAsWideString(string Key)
    {
        Int32 len = EP_ProtectedStringByKey(Key, IntPtr.Zero, 0);
        if (len > 0)
        {
            byte[] buffer = new byte[len];
            if (EP_ProtectedStringByKey(Key, Marshal.UnsafeAddrOfPinnedArrayElement(buffer, 0), len) > 0)
            {
                return Encoding.Unicode.GetString(buffer);
            }
        }
        return string.Empty;
    }

Post Reply