This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Programming Easy language/E4A Easy language vmp protection, various protective shells Easy language SDK code ...
View: 22775|Reply: 0

[Easy language] Easy language VMP protection, various protective shells SDK code in Easy language

[Copy link]
Posted on 11/29/2014 3:59:19 PM | | |
ZProtect
Code_Confusion is a code out-of-order cryptographic tag that allows you to select a portion of the code that is out of order
Insert code ({ 235, 8, 83, 84, 95, 83, 84, 65, 82, 84 }) ' Code_Confusion mark to start
Insert code ({ 235, 8, 83, 84, 95, 83, 84, 69, 78, 68 }) ' Code_Confusion end of the mark
Code_Elimination is a code purge marker that allows you to select a portion of code to be removed from memory after running; The purpose of using this markup is to prevent crackers from dumping the complete program code from memory.
Insert code ({ 235, 8, 79, 67, 95, 83, 84, 65, 82, 84 }) ' Code_Elimination tag begins
Insert code ({ 235, 8, 79, 67, 95, 79, 67, 69, 78, 68 }) ' Code_Elimination mark at the end
Decode_onExec is a dynamic decoding markup that allows you to select a portion of code that is only decrypted when executed; This part of the code is decoded only when it needs to be executed, and is encrypted before and after execution
Insert code ({ 235, 8, 68, 89, 95, 83, 84, 65, 82, 84 }) // Decode_onExec tag starts
Insert code ({ 235, 8, 68, 89, 95, 68, 89, 69, 78, 68 }) // Decode_onExec mark the end
Decode_onReg is a registration decoding tag that allows you to select a portion of the code that is decrypted with a valid key; If the registration key is incorrect, then this part of the code will always be encrypted. In layman's terms, this part of the code is only executed in the registered version
Any number of Decode_onReg tags can be used in the source code, but these code snippets are decrypted at the same time as they are executed. The registration decoding tag is mainly used to activate restricted features in the unregistered version to register it as a full version.
Insert code ({ 235, 8, 82, 68, 95, 83, 84, 65, 82, 84 }) // Decode_onReg tag begins
Insert code ({ 235, 8, 82, 68, 95, 82, 68, 69, 78, 68 }) // Decode_onReg mark the end
Zprotect_VM is a virtual machine encryption tag that allows you to select a portion of code to put into the virtual machine to run; The virtual machine's instruction system is completely different from the existing x86 instructions, which can effectively prevent code restoration and analysis
Insert code ({ 235, 8, 86, 77, 95, 83, 84, 65, 82, 84 }) // Zprotect_VM mark to start
Insert code ({ 235, 8, 86, 77, 95, 86, 77, 69, 78, 68 }) // Zprotect_VM mark end
----------- for ZProtect V1.4.9.0 version---------
VMProtect
Insert the code ({ 235, 16, 86, 77, 80, 114, 111, 116, 101, 99, 116, 32, 98, 101, 103, 105, 110, 0 }) ' VMP protection start flag
'Key code
Insert the code ({ 235, 14, 86, 77, 80, 114, 111, 116, 101, 99, 116, 32, 101, 110, 100, 0 }) ' VMP protection end flag
The SDK of Enigma encryption language
Insert code ({ 235, 10, 69, 67, 82, 79, 78, 69, 88, 69, 69, 69, 67, 66 })' mark at the beginning
'Key code
Insert code ({ 235, 10, 69, 67, 82, 79, 78, 69, 88, 69, 88, 69, 67, 69 })' mark at the end of the mark

NoobyProtect SDK for the encryption language
Insert code ({ 235, 6, 78, 80, 66, 69, 71, 78 })' mark at the beginning
'Key code
Insert code ({ 235, 6, 78, 80, 69, 78, 68, 80 })' mark at the end

Pangolin calls the DEMO of the functional encryption language SDK
Place the code ({ 235, 3, 214, 215, 1 })' mark at the beginning
'Key code
Place code ({ 235, 3, 214, 215, 0 })' mark at the end of the mark
ASP encryption language SDK
Insert code ({ 235, 4, 235, 5, 25, 1, 233, 37, 0 })' mark at the beginning
'Key code
Insert code ({ 235, 4, 235, 5, 41, 1, 233, 133, 0, })' at the end of the mark

Shielden 2.0.1.0
Insert code ({ 235, 7, 83, 69, 66, 69, 71, 78, 0 }) ' SE_PROTECT_START
' Key Code
Insert code ({ 235, 7, 83, 69, 69, 78, 68, 80, 0 }) ' SE_PROTECT_END

Insert code ({ 235, 7, 83, 69, 66, 69, 71, 78, 77 }) ' SE_PROTECT_START_MUTATION
Key code
Insert code ({ 235, 7, 83, 69, 69, 78, 68, 80, 0 }) ' SE_PROTECT_END
Insert code ({ 235, 7, 83, 69, 66, 69, 71, 78, 85 }) ' SE_PROTECT_START_ULTRA
Key code
Insert code ({ 235, 7, 83, 69, 69, 78, 68, 80, 0 }) ' SE_PROTECT_END
Insert code ({ 235, 7, 83, 69, 66, 69, 71, 78, 86 }) '
' Key Code
Insert code ({ 235, 7, 83, 69, 69, 78, 68, 80, 0 }) ' SE_PROTECT_END

Easy language SDK conversion method ↓
With the support of E5.0 static compilation for standard PE formats, it has become a reality to introduce encryption shell SDKs in E programs to improve the quality of software protection.
Encryption shell SDKs can be roughly divided into two categories, one is functional SDK and the other is protective SDK.
1. Functional SDK.
Functional SDK is used to handle itSerial numberValidation, authorization time verification, and other functional operations. This type of SDK has various functions directly applied in the shell, such as WL; There are also external DLLs that need to be introduced, such as pangolins.
For DLLs without output tables, using the import external SDK, we need to load the DLL, address the function in the SDK, and call the subprogram () command in E to easily complete the operation of passing parameters to obtain the return value of the SDK function.
For DLLs with output tables, it is OK to call them with the DLL command of E.
For those who already know how to call DLLs, the operation of functional SDKs can be said to be easy to control, just take a look at the specific API manual of the shell.
2. Encrypted SDK
After the encryption shell discovers a specific SDK tag in the software, it will use a targeted method to process this piece of code to improve the security of the specific code segment. This kind of markup is naturally a pair-defined assembly code!
In the easy, we can easily call the assembly code using the insert code () command. Specific to the encryption shell using this piece, we follow the following method.
Open the SDK that comes with the encryption shell and find a language SDK header file that you can read. For example, the header file of the LCC below.
The following is the program code:
1 #elif defined(__LCC__)
2 /* Provided by Rubem Pechansky, 26Feb2003 */
3 #define SECUREBEGIN _asm(".byte 0xEB,0x03,0xD6,0xD6,0x00");
4 #define SECUREEND _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
5 #define SECUREBEGIN_A _asm(".byte 0xEB,0x03,0xD6,0xD6,0x01");
6 #define SECUREEND_A _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
7 #define SECUREBEGIN_B _asm(".byte 0xEB,0x03,0xD6,0xD6,0x02");
8 #define SECUREEND_B _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
9 #define SECUREBEGIN_C _asm(".byte 0xEB,0x03,0xD6,0xD6,0x03");
10 #define SECUREEND_C _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
11 #define SECUREBEGIN_D _asm(".byte 0xEB,0x03,0xD6,0xD6,0x04");
12 #define SECUREEND_D _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
13 #define SECUREBEGIN_E _asm(".byte 0xEB,0x03,0xD6,0xD6,0x05");
14 #define SECUREEND_E _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
15 #define SECUREBEGIN_F _asm(".byte 0xEB,0x03,0xD6,0xD6,0x06");
16 #define SECUREEND_F _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
17 #define SECUREBEGIN_G _asm(".byte 0xEB,0x03,0xD6,0xD6,0x07");
18 #define SECUREEND_G _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
19 #define SECUREBEGIN_H _asm(".byte 0xEB,0x03,0xD6,0xD6,0x08");
20 #define SECUREEND_H _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
21 #define SECUREBEGIN_I _asm(".byte 0xEB,0x03,0xD6,0xD6,0x09");
22 #define SECUREEND_I _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
23 #define SECUREBEGIN_J _asm(".byte 0xEB,0x03,0xD6,0xD6,0x0A");
24 #define SECUREEND_J _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
25 #define SECUREBEGIN_K _asm(".byte 0xEB,0x03,0xD6,0xD6,0x0B");
26 #define SECUREEND_K _asm(".byte 0xEB,0x03,0xD6,0xD6,0xFF");
27 #define NANOBEGIN _asm(".byte 0xEB,0x03,0xD6,0xD7,0x01");
28 #define NANOEND _asm(".byte 0xEB,0x03,0xD6,0xD7,0x00");
To explain in the last two sentences, NANOBEGIN and NANOEND are CC code snippet markups in C language, and the code snippets wrapped by these two markups will be CC protected by the encryption shell. NANOBEGIN is represented by assembly code as 0xEB, 0x03, 0xD6, 0xD7, 0x01, his sentence is the hexadecimal representation of C, and the assembly statement is represented in decimal decimal in E. That is, we need to translate this code.
0xEB = 235
0x03 = 3
0xD6 = 214
0xD7 = 215
0x01 = 1
Then NANOBEGIN is expressed in E as an insertion code ({235, 3, 214, 215, 1}).




Previous:WP8.1 GDR2/Win10 (WP10) will be more personalized
Next:First release, Houpu Information Technology Engineer Training System - Mock Examination System (Perfectly Compatible with Win7)

Related Posts
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com