Protecting intellectual property rights and resisting pirated software is an urgent problem facing the software industry in China. At present, most software uses encryption technology to deal with it. This paper analyzes several important technical terms and common software cracking methods in software cracking, and introduces the soft encryption and hard encryption technologies in detail.
Keywords: intellectual property, software encryption, software cracking
1, Introduction
When developing software, especially for commercial purposes, registration codes and activation codes are very important. Unregistered users will have certain restrictions, such as the number of days of use, delays, unregistered screens and so on. However, the current software cracking technology is very powerful. All kinds of large-scale software at home and abroad have registration mechanisms, but at the same time they are constantly cracked. The state has repeatedly stepped up efforts to crack down on illegal software publishing and support genuine software, but the actual effect is not ideal. Most software vendors choose to buy encryption products or encryption technologies to protect their software. Software protection is generally divided into soft encryption and hard encryption.
2. Common software cracking methods
First, let's look at some important technical terms in cracking.
(1) breakpoint, the so-called breakpoint is where the program is interrupted. Interrupt means that the computer suspends the current task, executes another task instead, and then returns to the original task to continue execution. The process of decryption is to wait until the program gets the registration code we input and prepare to compare it with the correct registration code, and then we can find the correct registration code through the analysis program.
(2) airspace, the so-called airspace of the program, is the territory of the program itself, that is, the location of the program code we want to crack. There is no fixed pattern in the writing of each program, so if we want to interrupt the program when intercepting it, we must set the breakpoint independently of the specific program, that is, the breakpoint we set should be something that every program will use.
(3)API, the abbreviation of application programming interface, is a large collection of system-defined functions, which provides a way to access the characteristics of the operating system. The API contains hundreds of functions called by application programs, which perform all necessary operations related to the operating system, such as memory allocation, screen output and window creation. WINDOWS programs are based on API processing system. No matter what kind of application it is, its bottom layer ultimately realizes various functions by calling various API functions.
Knowing the above three technical terms, let's take a look at the basic software cracking methods.
2. 1 brute force cracking method. This is the most common and simple way to crack, and the cracker directly uses the editing tool; Modify the executable file, that is, by modifying the source file of the property program to achieve the purpose of cracking. When some components verify the user registration information and registration code, if the user input information is equal to the registration code generated by the algorithm passed by the software, the program is registered successfully, otherwise the registration fails.
2.2 Use the algorithm registration machine. Algorithm registration machine is a program that automatically generates software registration code on the basis of analyzing the algorithm of software registration code. Therefore, the algorithm of the software is very important, and the general software author also writes it himself, which is convenient for the sales and use of the software. The characteristic of this software encryption is that a registration code can only be used on one computer, just like one-to-one binding with the computer. The use steps are as follows: first, run the trial software to get the software machine code of this machine, then register with the algorithm registration machine, then directly calculate the appropriate registration code with the algorithm registration machine, and finally directly register with the calculated registration code.
2.3 crack with memory. We know that all the data of running programs should be loaded into memory, and there will be a comparison process when the software is authenticated with the registration code, so we only need to know the memory address of the registration code of the software to be cracked, and we can achieve our goal. The advantage of this method is that it doesn't take much effort to master the algorithm of software registration code, and it saves the time of writing memory registration machine. The steps are as follows: firstly, load the memory registration machine, and then obtain the real registration code of the software in the memory through it, or modify some data related to the software in the memory to achieve the purpose of cracking the software. There are two main ways, the first is to get the registration code directly from the memory, and the second is to simulate the running environment of the registration program in the memory.
2.4 patch cracking method and file registration method. Patch cracking method refers to modifying the software with relevant patches to achieve the purpose of cracking the software. This method is generally to crack the verification registration code or time of the software, and basically to modify the judgment sentence of the original program. For example, the probation period of the program is one month, which can be modified to achieve the purpose of unlimited use. File registration method is to put the registered content of software into a file, which is convenient for yourself or others to register with it. There are two main ways: registry guide and registration file guide. 3. Common software protection methods
3. 1 registration code. The registration code of software is generally one for each machine and cannot be repeated. Let's take a look at how to achieve it.
The first step is to generate machine code according to the volume label of hard disk and the serial number of CPU. Firstly, write the public static string getdiskvolumeSerialnum-ber () function to get the volume label of the device hard disk, then write the public static string getCpu () function to get the serial number of the Cpu, and finally generate the machine code. These functions are as follows:
String number; String public static string getsoftNum ()
{ strNum-= getCpu+GetDiskVolumeSerial-strsoftNum = strNum。 Substring (0, 24); //Take the first 24 characters from the generated string as machine code and return strsoftNum}
The second step is to generate the registration code according to the machine code, which needs to be realized by writing the public static string getRegistNum () function.
Step three. Check the registration status. If you are not registered, you can customize the trial days, delay, unregistered screen and so on. And you can write the number of private void CheckRegist0 Cpl to achieve it.
3.2 Soft encryption. The so-called soft encryption is a technology that does not rely on special hardware to protect software. At present, most commonly used software in the world adopts soft encryption, such as Microsoft's windows system and antivirus software. Its biggest advantage lies in its extremely low encryption cost. At present, there are mainly encryption method, computer hardware verification method, key disk method and so on. At present, shell is popular, which is divided into compressed shell and encrypted shell. The protection of compression shell is weak, so encryption shell is generally used. Its principle is to modify the code of the program population by using the principle of stack balance, so that it can jump to the shell code to execute the decryption program, and then jump back to the OEP of the original program to continue execution after decrypting the original program code. At present, the strong encryption shell adopts dynamic decryption code, SMC and IAT encryption technology. The program dynamically decrypts the code during operation, deletes it immediately after execution, and encrypts IAT. When calling API, it uses decryption algorithm to calculate the actual address of API to call it. What's more, there is a shell in the shell. At present, the five common strong shells are: (i) Encrypte, which is characterized by IAT strong encryption; (2)a protect, which is characterized by the use of multi-layer SEH, which is easy to make people dizzy; (3)ACP rect, which is characterized by using stolen codes; (4) Armadillo, which is characterized by mutual detection of two processes; (5)themida。 A good encryption effect is to make pirates pay a huge price, spend a lot of time and energy in cracking protected software, and finally be forced to give up the attack.
3.3 hard encryption. Hard encryption is what we call encryption dog or encryption lock, which is a combination of software and hardware inserted into USB port or parallel port of computer. At present, most of them are in the form of USB port, based on hardware protection technology. Its purpose is to prevent the illegal use of intellectual property rights through the protection of software and data, and it is a powerful tool to ensure that high-end software will not be pirated in the market life cycle. Encryption dogs generally have tens or hundreds of bytes of nonvolatile storage space for reading and writing. Now newer encryption dogs also include a single chip microcomputer. Software developers can exchange data with the dongle through the interface function and check whether the dongle is plugged into the interface. The built-in microcontroller of the encryption dog contains algorithm software dedicated to encryption, which cannot be read after being written by the microcontroller. In this way, it is ensured that the dongle hardware cannot be copied. Meanwhile, the encryption algorithm is unpredictable and irreversible. Encryption algorithms can convert numbers or characters into integers, such as dconvert (6) = 67876 and dconvert (x) = 345670.
4. Concluding remarks
Software cracking and software encryption are the relationship between spear and shield. The good encryption effect lies in that pirates pay a huge price when cracking the protected software, spend a lot of time and energy, and are finally forced to give up the attack. Finally, we should realize that software cracking is immoral and violates the computer software protection regulations. Nowadays, the popularization, marketization and low price of software also give us the opportunity to use genuine software, so we should raise our awareness, try our best not to use piracy, and support the development of China's software industry with practical actions.