The presentation describes the various software mechanisms in short.

1. Presented by Seminar Guide
Chaitanya Anpat Prof. Pritesh Patil
TE – IT
Monday, October 24, 20161
Copy Protection

2. Agenda
• Introduction
• Brief idea about protection methods
• Code confusion
• Debuggers
• Code confusion techniques
• conclusion

3. Introduction
• Copy protection is effort to prevent cracking
• Cracking-modification to binary files to
remove protection
reverse engineering
• Discovering technical principles of
device,object,system,software.
• It often involves disassembling exe code to
get machine code and bypass software
security.

4. Piracy
Game Music S/w
• This increases piracy.
• Loss due to piracy is about
$60 billion

5. .
.

6. Method of protection
• hardware based
• Hardware device is integrated with software
and used to protect and license an application.
• It uses device called USB hardware
• Software executes only if devise is actually
present on machine
• E.g.-ANSYS(related to ME)

7. • Serial key generation
• enter serial key
• Serial key compare
• If match installation complete

8. Encryptions
• Encoding applications in such a way that only
authorized users can use it
• It doesn’t prevent hacking
• Used to prevent data at rest like files and
data at transits like data transfer via
networks

9. Debug-Blocker
• In Armadillo, we find another feature called
Debug- Blocker.
• Armadillo creates 2 processes, referred to
them as father ( or parent ) and child. The
father process acts as a debugger, trying to
protect the child from other debuggers.

10. Code confusion/obfuscation
• Process of confusing
• Transforms source code such that it is
difficult for human to grasp and debugger to
disassemble accurately
• confused code should be functionally
equivalent to users perspective.
• introduce code confusing techniques so as
make code difficult to debug and which
prevent s/w to be reversed.

11. Debugger
• Linear sweep - win debugger
• Control flow not followed
• Recursive traversal –Ollydebuger
• control flow followed

12. Inline assembly `c` code for Hello
with data byte inserted
_asm
{
jmp L1 ; logic to “skip” data byte
_emit 0x00 ; inserted data byte
}
L1:printf("Hello, World!!!n");
}

13. WinDBG & OllyDbg
.

14. Code confusion technique
Layout Data
Control Preventive
Technique

15. Layout technique
• Layout obfuscations modify the layout
structure of the program by two basic
methods: renaming identifiers and removing
debugging information
• They make the program code less informative
to a reverse engineer.

16. Before
void my_output()
{
int count;
for (count = 0; count<=4; ++count)
printf("Hello %d!n", count);
}

17. • Tools used this technique are SD Obfuscator
CXX obfuscator.
• They will automatically output confused code
whose functionality remains same after
obfuscation.

18. After
#define a int
#define b printf
#define c for
a l47()
{
a l118;
c(l118=0;l118<0x664+196-0x71e;++l118)
b("x48x65x6cx6cx6fx20x25x64x21n",l118);
}

19. Data code confusion technique
• It changes the program’s use of data or data
structures.
• The storage of data can be obfuscated by
replacing current data definitions with those
which do not make sense for their intended
use. For example, a loop iteration variable
can be replaced with another variable type
besides an integer.

21. Control flow code confusion
• It changes the flow of the program
executing code in parallel
• insert new functions
• mislead the disassembler while
executing concurrently

22. Preventative technique

23. Conclusion
Prevention*cracking

24. .