Jump to content

Recommended Posts

Hey dear community,

i write alot of programs that i sell.

i coded a sucessfull license system but sadly i have no protection against memory dumps.

 

i already tried playing with "memory.au3" but failed at it.

#include <WinAPI.au3>
#include <Memory.au3>
#include <NoMadMemory.au3>
$Mem_Open = _MemoryOpen(@AutoItPID)
$baseAddress = _WinAPI_GetModuleHandle(0)
_MemVirtualAlloc($Mem_Open, BinaryLen($Mem_Open), $MEM_COMMIT, $PAGE_GUARD)

 

anyone has a idea how i can call use page guard ?

 

Thanks

Share this post


Link to post
Share on other sites

Many products have tried but all fail in this regard, particularly in situations where someone knows what they are doing.

Sorry Vivi but that's just the way of it.

Vlad

i already found a method on how to stop decompilers do there job.

bypassed sniffers and co

 

are you sure there is no way to use page guard's or any other method to prevent memory dumps ?

Share this post


Link to post
Share on other sites

Who's talking about decompilation?

(despite you bold and incorrect assumption regarding this long term)

We (or rather you) are talking about memory, the weakpoint of every application to date.

Am I saying implementing page guard is Impossible? No not really, and hopefully someone will at least help you do this much to put you in a false sense of security mindset short term so you can continue developing your content without worrying where the holy grail has been stashed.

 

Share this post


Link to post
Share on other sites

No, no you have not.

i have no protection against memory dumps.

There's the evidence.

add "#end region" in the first line.

 

 

Edited by Vivi

Share this post


Link to post
Share on other sites

That is not the only decompiler, and it will not protect a script against decompilation.

If it did, you would not be here looking for a solution.

Plenty get the script from memory at runtime. you cannot stop that.

Share this post


Link to post
Share on other sites
@Vivi please remove the name of the decompiler in post 6 and use something like "memory based or focused decompiler".
 
As JohnOne has stated it isn't the only one these days so there is no real need to reference any single one by name.
 
Edited by Mobius

Share this post


Link to post
Share on other sites

Hi,

This thread has now gone beyond the limits - locked.

M23


Public_Domain.png.2d871819fcb9957cf44f4514551a2935.png Any of my own code posted anywhere on the forum is available for use by others without any restriction of any kind

Open spoiler to see my UDFs:

Spoiler

ArrayMultiColSort ---- Sort arrays on multiple columns
ChooseFileFolder ---- Single and multiple selections from specified path treeview listing
Date_Time_Convert -- Easily convert date/time formats, including the language used
ExtMsgBox --------- A highly customisable replacement for MsgBox
GUIExtender -------- Extend and retract multiple sections within a GUI
GUIFrame ---------- Subdivide GUIs into many adjustable frames
GUIListViewEx ------- Insert, delete, move, drag, sort, edit and colour ListView items
GUITreeViewEx ------ Check/clear parent and child checkboxes in a TreeView
Marquee ----------- Scrolling tickertape GUIs
NoFocusLines ------- Remove the dotted focus lines from buttons, sliders, radios and checkboxes
Notify ------------- Small notifications on the edge of the display
Scrollbars ----------Automatically sized scrollbars with a single command
StringSize ---------- Automatically size controls to fit text
Toast -------------- Small GUIs which pop out of the notification area

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Similar Content

    • By UEZ
      Hi,
      here a little tool to create ISO files from default ISO 9660 (2048 bytes/sector) CD or DVD format (no audio cd and BD support yet!)

      Source is too huge for code box -> Look here to have a look to the source code
      Additional credits to:
      Ward for MD5 checksum / MemoryDLL routines
      Harald Vistnes for cd2iso used in v1 and v2
      Yashied for WinAPIEx.au3
      wolf9228 to play wave from memory
      AutoItObject Team
      Download (purely written with AutoIt): ISO Creator v1.16 build 2015-07-13 beta.7z (1110 downloads previously)
      Thanks to smashly for pointing me to right direction
      The development of v1 and v2 is discontinued!
      Download v1: ISO Creator v1.0.0 build 2011-08-03 beta v1.7z (195 downloads previously)
      Download v2 (everything is called directly from memory): ISO Creator v1.0.0 build 2011-08-03 beta v2.7z (117 downloads previously)
      Thanks to smartee for the DLL version (experimental) of cd2iso!
      v1 is using cd2iso.exe to create the ISO
      v2 is using cd2iso.dll which was created by smartee.
      For compiled v1, v2 and pure AutoIt versions only (x86) visit (ISO Creator Exe only): 4shared.com or MediaFire
      You can call ISO Creator.exe also with command line parameters: ISO Creator.exe -s [source cd/dvd drive] -d [filename] (-md5) (-aem) (-exit)
      -s and -d are mendatory if called from command line!
      Tested on Win7 x64.
      If you find any bug please report here!
      Many thanks to smartee and smashly for their efforts on this project!
      Br,
      UEZ
      Change Log:
       
       
    • By jchd
      Here's a new version of my Dump.au3 file (dirty). I've recently added support to dissect (dump) as a treeview-like view any string in the variable conforming to a strict JSON grammar, whereever said string is: as a standalone string variable or in an array or a map. AFAICT the only relaxed constraint not implemented here is that numbers in parsed JSON may have leading zeroes, although leading zeroes are forbidden in pure JSON specifications. If required it wouldn't be hard to add this constraint.
      @c.haslam (among others) may find it useful. Use freely.
      Dump.au3
    • By ManualIT
      Guys, i need help on creating a script that restarts a program once it starts using more than 1GB of memory.
      No idea how to start on the script, i don't know which functions i should use for process memory reading.
       
      My mind is in total blank at the moment, so i need a kick start
    • By c.haslam
      cDebug.au3 includes four main debugging UDFs: _GuiDebug(), _ConsDebug(), _ClipDebug() and _FormatValsForDebug(). They all dump the values of all AutoIt subtypes and expressions, in a structured manner, including nested arrays (up to 3 dimensions) and slices of them, and even DLL structs and maps. It is an alternative to a graphical debugger, offering GUI output.
      The format for calling the UDFs has been designed to make coding a call as convenient and fast as possible, minimizing coding effort and the chances of errors: the $name argument is often the same as the variables arguments, enclosed in quote marks.
      For DLL structures, if you specify a tag, cDebug checks for differences between it and what it detects. If you only specify a structure variable, it can report the structure it detects, with the values of elements.
      It does much more than MsgBox(), ConsoleWrite() and _ArrayDisplay(), in a definitely user-friendly manner, and does its best to avoid hiding your code in SciTE.
      #include cDebug no maps.au3 or cDebug.au3 at the top of your script. If you #include cDebug.au3 (the version with maps)  #include #AutoIt3Wrapper_Version=B before #include cDebug.au3
      It is fully documented in    .  During debugging and development of new features, the current version is used to debug the upcoming version, so there is much testing, even so  bugs are always possible, particularly in new features, such as reporting elements of maps whose keys match a regular expression. Bug reports and suggestions are welcome.
      These UDFs have been in regular use for some years.
      Because when cDebug was developed, maps were a use at your own risk feature, there are two streams of cDebug:
      cDebug.au3 reports maps, so to use it you must be running a version of AutoIt that supports maps, e.g. 3.3.15.0, and #include cDebug.au3 cDebug no maps.au3 does not report maps, so you can be running any recent version of AutoIt, e.g. 3.3.14.5, and #include cDebug no maps.au3 The only difference between the two streams is that map-reporting code is commented out in cDebug no maps.au3 .
      These functions are documented in cDebug.pdf
      A teaser
      This script:
      #AutoIt3Wrapper_Version=B ; beta 3.3.15.0 or greater is mandatory for cDebug.au3 #include "cDebug.au3" Local $seasons[] $seasons.summer = 'May to September' $seasons.spring = 'April' $seasons.fall = 'October to November' $seasons.winter = 'December to March' Local $aCats[3][3] = [['jack','black',3],['suki','grey',4],[$seasons,'','']] Local $i = 1 Local $tStruct = DllStructCreate('uint') DllStructSetData($tStruct,1,2018) _GuiDebug('At line '&@ScriptLineNumber,'$cats,jack is,$cats[..][$i],$i,hex,structure{uint}', _ $aCats,$aCats[0][2],$aCats,$i,Hex(-$i),$tstruct) produces:

       
      Acknowledgements
      Melba23, Kafu, ProgAndy, jchd
    • By Pricehacker
      Hello!
      Im wondering if it is possible to 'empty' the variable value to save memory, for example i often use variable as a onetime use thing and would prefer to 'forget' it after is is used
      Maybe it is just as easy as to setting $vVar = Null, but i wanted to make sure that this is the case
×
×
  • Create New...