Here''s an idea. Don''t worry so much about it. It''s so easy for a hacker to crack it''s not worth your time to come up with an exotic plan to stop it. They simply step through the program one instruction at a time, until it finds the statement where it checks for the password.. it then has 2 options registration incorrect, or registration correct.. they simply change the opcode to jump to registration correct intead of incorrect, then no matter what you do, it''s still going to run the program as if it''s been registered. Any registry tricks, or really hard to crack algorythms don''t make a bit of difference, becuase it''s simple enought to get around, and just makes your job harder, it doens''t really make it any harder for the person to crack it.
Billy
🎉 Celebrating 25 Years of GameDev.net! 🎉
Not many can claim 25 years on the Internet! Join us in celebrating this milestone. Learn more about our history, and thank you for being a part of our community!
would this anti-crack ideea work ?
quote: Original post by cliffski
An idea someone mentioned to me was to have the registration code checked in multiple places, but done randomly. So 9 times out of 10 a particular reg check isnt done, but every now and then it is, and if there are maybe 20 such checks scattered through the game, then a cracker would have to run through the game maybe 200 odd times to be sure he had zeroed out all of them. Otherwise the ''cracked'' version turns out to only work maybe 70% of the time, which would be enough to persuade most people to register if the game is good.
I don''t agree that every system is crackable. Agreed it is currently very very difficult, but the potential rewards of developing a system are so high that i have little doubt that one day it will happen.
Well, lets take a look here, you say that not all programs are crackable, give one good example as if you look for instance, on the net, you''ll see that most games ( which uses security in any way ) has it''s crack. Even Quake III which supposedly required unique keys that couldn''t be reused, got cracked. Anyhow, those are still my views...
"And that''s the bottom line cause I said so!"
Cyberdrek
Headhunter Soft
A division of DLC Multimedia
quote: Original post by ApeZone
Your best bet is to create a key from the user''s name, then display the name on the startup screen or on some menu of the game once it''s unlocked. This way you can find out the name of the person who ripped you off and add their name to a blacklist in the next release.
Actually this is not the right thing to do because if the code displays the name the hacker can very easily trace back to the routine that prints the name. From there they can trace back to the routine that tells it WHAT to print (the users name) and hack out the routine. It is far better to encrypt the name and hide it in the code so that it is only readable using a separate program, which decrypts it. Then when a version is found the name will be in tact in the code as there will be nothing to tell them it was ever there.
Dan Marchant
Obscure Productions
Author
So, I gather that a game that cant be copied around just cant be done.
But I only want a game that cannot be patched or unlocked without downloading the hole cracked archive again.
My ideea was this :
Whenever one downloads the game, he would have a different archive, with the comercial data encrypted with a different key. So, there is NO WAY he can unlock the game (get some codez/small 10k patchez from the net). He has to download again an already unlocked game from the net.
But, in order to make copying around (especially on the net) much harder, I''m thinking when I expand the say 1MB archive to like 15MB of hardisk space, filling up to that size using random crap (so you cant archive the game down to size and upload it either), and mixing it with the usefull using strange algorithms, so that its really really hard to just change every piece of code that reads data from files.
TrIads system seems like a very very good alternative. But it can be patched too, either making the game generate same GUID and giving away the right registering code, or finding out what the secret unique key is by simply debugging and then bypassing the algoritm thats supposed to create this key completely, so that whatever registering code you provide, the commercial data decrypt uses the unique key.
What if everything in the game would access the reg code. Use it for stuff like overwriting useless data structs with the reg code, turn it to float, divide by 1000000.0 and add it freely with all of your floating point values, etc. You can only have so many breakpoints on memory access.
What if youd have a single check of the registering code that creates a "wrong code" message box. It would be just 99.9% accurate for wrong codes, and 100% accurate for correct ones. Something like a checksum of the code or something, so you cant figure the code from the check. The sole purpose of this check would be to remove type errors of any kind, not keep crackers out.
Then, all of the other checks hidden somewhere in the program (see above), would not generate trackable errors, but spawn bugs like bad pointers in the program, that will cause general protection faults frames away from the failed check. DEBUG THIS !
The game would work perfectly on every computer with good code, would prompt bad code error, but when one hacks away the first check all hell would break loose for no apparent reason, in all the bad places.
Btw, how did the crackers find all of those CRC checks on the file ?
But I only want a game that cannot be patched or unlocked without downloading the hole cracked archive again.
My ideea was this :
Whenever one downloads the game, he would have a different archive, with the comercial data encrypted with a different key. So, there is NO WAY he can unlock the game (get some codez/small 10k patchez from the net). He has to download again an already unlocked game from the net.
But, in order to make copying around (especially on the net) much harder, I''m thinking when I expand the say 1MB archive to like 15MB of hardisk space, filling up to that size using random crap (so you cant archive the game down to size and upload it either), and mixing it with the usefull using strange algorithms, so that its really really hard to just change every piece of code that reads data from files.
TrIads system seems like a very very good alternative. But it can be patched too, either making the game generate same GUID and giving away the right registering code, or finding out what the secret unique key is by simply debugging and then bypassing the algoritm thats supposed to create this key completely, so that whatever registering code you provide, the commercial data decrypt uses the unique key.
quote:
Been done. Held the hackers up for a total of 3 days. Infact it was actually a better idea. which was to have totally seperate CRC checks performed on the code to prevent any messing so that each must be found seperately. The idea you mention of checking the reg code is easier to hack because you only have to search the code for anything that refers to the location that holds the reg code (in other words you just trace back from the reg code).
What if everything in the game would access the reg code. Use it for stuff like overwriting useless data structs with the reg code, turn it to float, divide by 1000000.0 and add it freely with all of your floating point values, etc. You can only have so many breakpoints on memory access.
What if youd have a single check of the registering code that creates a "wrong code" message box. It would be just 99.9% accurate for wrong codes, and 100% accurate for correct ones. Something like a checksum of the code or something, so you cant figure the code from the check. The sole purpose of this check would be to remove type errors of any kind, not keep crackers out.
Then, all of the other checks hidden somewhere in the program (see above), would not generate trackable errors, but spawn bugs like bad pointers in the program, that will cause general protection faults frames away from the failed check. DEBUG THIS !
The game would work perfectly on every computer with good code, would prompt bad code error, but when one hacks away the first check all hell would break loose for no apparent reason, in all the bad places.Btw, how did the crackers find all of those CRC checks on the file ?
If you are talking about stopping everyone then I think you are kidding yourself. There is nothing you can do to stop people from reverse engineering your code. The biggest threat in piracy is the casual user making copies of your game for friends. Fortunately basically anything mentioned here would stop this. In terms of serious hackers really the only thing you can do is try to make it not worth thier while. If your game is shareware then you''ll get a few people giving it a go, and some of them will persist, no matter how long it takes, as a matter of pride. They may well even make your now hacked game available on a couple of sites. Fact is however that webspace costs $$, so unless your game is totally kick-arse they probabally won''t keep it there long. You will still sell close to your potential maximum anyway though, because unless your game is retail quality most people who would like the full version won''t search sites for a hacked version. They may see what they can do themselves, which for most people is nothing, but in the end they''ll pass or pay.
In short... don''t worry too much. If your game is retail quality, get a real developer and you''ll get the standard copy protection deal, which is about the best tech available anyway. If its not that good, do a little bit of protection to stop the casual bum, but leave it at that... it''s not worth the headache.
--------------------------------------
Why run? You''''ll only die tired.
--------------------------------------
In short... don''t worry too much. If your game is retail quality, get a real developer and you''ll get the standard copy protection deal, which is about the best tech available anyway. If its not that good, do a little bit of protection to stop the casual bum, but leave it at that... it''s not worth the headache.
--------------------------------------
Why run? You''''ll only die tired.
--------------------------------------
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
