Is going online with your program safe?

[miketh2005]

Hey guys, I'm wondering if making a program with autoit that goes online is safe from reverse engineers.

I have very sensitive material, and I want to limit the user to only 1 per 2 weeks. If some reverse engineer comes along and bypasses the part where it prevents them from getting anything if its not been 2 weeks, it could be fatal to my website the program is for.

So is this possible?

I wanted to make it so that the program connects to a server, and places the MAC ID (or IP) of the machine into a text file, as well as the date it was placed there.

[jvanegmond]

You need to protect this server side. Anything client side is always susceptible to reverse engineering.

[Fire]

Defaultly Autoit compile your script 2 exe and pack it with Upx packer.

Unpack Upx packer and reverse your program is not very hard.

I recommend to you to do this:

After compilation your script 2exe Unpack it with upx(unpackers) and then ry pack it with strong packer for example asprotect or with armadillo.

+ after protect+pack autoit exe2aut is unable to decompile your *.exe.Bcuz pe headers wah changed and exe2au is unable to identify your exe.

I recommdn to you after unpack use res hacker and edit version section of your file.

Remove "Compiled Script" and version information string from your exe.

For reverse it Reverser can need professionalism.

But may be this way:

You are protected your *.exe and pack it with packers which i say.

There is another way to bypass all security for example hacker or reverser can may sniff traffic and catch your sensitive data...

Edited November 21, 2009 by Sh3llC043r

[CodyBarrett]

nothing client side is COMPLETELY secure... if your dedicated enough you can get to anything on your machine

[miketh2005]

I know that, but:

My program can do this: the person presses "Go", the program connects to my server, reads a .txt file and then sends the .txt file (kinda) to the person. it FIRST checks to see if the person has already downloaded, and if so, when. if everything passes, it writes in another .txt file the mac ID of the machine, and the date it was placed.

I was wondering if a reverser can bypass the part where the program checks to see if they downloaded already within 2 weeks.

THANKS ALOT TO ANYONE THAT CAN TELL ME!

Edited November 21, 2009 by miketh2005

[qazwsx]

One could just spoof his mac address and bypass the system.

[miketh2005]

who would know it tracks by mac and not IP, though?

[IchBistTod]

there are several ways you could protect against this, but most of them would need to be server side.

an effective way would be to create a hardware hash for their computer, store it, their mac address, and their ip address and compare ALL of it to authorize a download.

then it would be safe.

[Confuzzled]

Anything can be spoofed. Your source code will be in local memory anyway, after all the layers of encryption, scrambling, packing and secrecy are unravelled, so that your code can run. Any traffic between your program and the remote website can be intercepted (it is anyway in most countries by central agencies - but you already know that).

Just try running your super secret, foolproof program on a virtual machine - you can move the environment to another physical machine, even while the program is still running. Try hiding it securely then!

What is it that is so important you keep it so very, very secure? The latest Iranian nuclear weapon firing codes? The recently revised wiring diagrams to Air Force One? A new game bot?

[miketh2005]

Anything can be spoofed. Your source code will be in local memory anyway, after all the layers of encryption, scrambling, packing and secrecy are unravelled, so that your code can run. Any traffic between your program and the remote website can be intercepted (it is anyway in most countries by central agencies - but you already know that).

Just try running your super secret, foolproof program on a virtual machine - you can move the environment to another physical machine, even while the program is still running. Try hiding it securely then!

What is it that is so important you keep it so very, very secure? The latest Iranian nuclear weapon firing codes? The recently revised wiring diagrams to Air Force One? A new game bot?

well, i dunno if this is allowed, please remove it, if it is:

im creating a website that passes out porn passes every 2 weeks (thats when the passes expire). if someone could get unlimited passes it could ruin the website and basically shut it down. they could sell the passes for money, ad alot of other things. but i found a way to bypass this kinda. im gonna upload the pass to a .txt file to sharecash.org. that way if someone does get unlimited links to the passwords, i will make money from them...

well.. i was thinking i could partner that with a different idea. sharecash will only give you so much money from 1 IP address. so maybe i can make a built in serverside thing which tracks the IPs/mac IDs and if the same IP downloads twice before 2 weeks is up between the IDs, it will ban it. hows that? that seems pretty darn full proof since its serverside. 1 problem. i dont know how to code that xD any ideas? maybe i can use a generic script that tracks IPs so i can see if so many downloads are from a single IP?

[bo8ster]

I think you need to read this. This has been discussed many times before.

[jvanegmond]

IP can still be spoofed and people can use a proxy. You can forget about a single person downloading one password; It's not possible.

With that out of the way.. You can return the same password for the same IP over and over again. You store the IP and the password given in a database when someone visits the first time, on second visit you check the database again and find the matching password.

Edited November 25, 2009 by Manadar