home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Gold Medal Software 2
/
Gold Medal Software Volume 2 (Gold Medal) (1994).iso
/
virus
/
prexcm31.arj
/
PROTEXCM.DOC
< prev
next >
Wrap
Text File
|
1993-08-26
|
21KB
|
396 lines
Protect! EXE/COM v.3.1
(C) 1993 Jeremy Lilley,
All Rights Reserved
August 26, 1993
The Very Brief Table of Contents:
What's going on with Protect! EXE/COM v.3.1 ............... 1
Other Programs before Protect! EXE/COM .................... 2
Protect! EXE/COM enters the picture ....................... 2
Requirements .............................................. 3
How to use Protect! EXE/COM ............................... 3
Which Files can't be Protected ............................ 4
Legal Terms / Disclaimer .................................. 4
License ................................................... 5
How Does Protect! EXE/COM Stand up to Other Utilities? .... 5
Notes About Protecting .................................... 6
Finally, Protect! EXE/COM's Cost .......................... 6
Introduction: What's going on with Protect! EXE/COM v.3.1?
After having a few unprotects made for it, Protect! EXE/COM v.3.x is
back better than ever and is made much harder to defeat. Although v.3.1
was written mainly to fix many bugs that plauged v.3.0, v.3.1 makes it more
difficult for your EXE and COM files to be CRACKED, REVERSE ENGINEERED, or
OTHERWISE MODIFIED. Protect! EXE/COM's sole purpose is to encrypt and
scramble your EXE and COM files while still leaving them executable.
Whenever a protected file runs, its special header checks the file's
integrity using a real CRC, taking little time (1/10 second extra for a 90k
.EXE file on a 386-40mhz). If any modification is detected (which is hard
to do because the file is scrambled), the file will abort with a
customizable CRC message (customizable for registered users only).
Programmers, developers and especially shareware authors can make use of
this program to protect their software from malicious modification by
HACKERS, PIRATES, and other TROUBLE MAKERS. Just think about what people
would think of you and your programs if A VIRUS OR A TROJAN WERE PUT ON
YOUR PROGRAMS. Other programs can scramble and compress your files, but NO
OTHER PROGRAM SUPPORTS A COMPLETE CRC INTEGRITY CHECK and scrambles your
files. Protect! EXE/COM is also designed not to be intrusive. No passwords
are required and the file will entirely run as normal.
Even though there have been cracks for *OLD* versions of this program
(meaning that those same cracks will not work on this version and future
versions) such as UNP and X-Open, I am still committed to make Protect!
EXE/COM the most powerful and safest encryption and protection utility
available at the cheapest price to you. Compared to any problem that you
might have with your program being REVERSE ENGINEERED OR CRACKED, $25 IS A
SMALL PRICE TO PAY FOR SECURITY. If you have this program and are wondering
on whether or not to register, consider the fact that cracks for the
unregistered version will not work for the registered version and that the
registered version is harder to crack. Also remember that you can specify
your own CRC error message (instead of the one that unregistered users get
Page 1
-- check it out) as well as an optional message to display before the
program starts. You also are not legally allowed to distribute any file
encrypted with my program until you register and the registered version
will make the files you distribute more protected. So if you use Protect!,
please consider registering.
Other Programs Before Protect! EXE/COM:
Let's go down memory lane briefly and explore some of the more
primitive methods used to secure EXE and COM files. In the beginning of
computing, programmers simply hoped that nobody was smart enough to modify
their files. This method worked until the advent of malicious, clever
hackers with sophisticated hex editors. Programmers then started resorting
to some security methods like copy protection and "tying" a file to the
disk; however, they were extremely obtrusive and slow -- they did not work.
LZEXE and then PKLite came out and programmers thought that by simply
compressing the files with utilities like these, they were home-free. When
UnLZEXE came out and along with PKLite and its decompress option,
programmers were again starting to have problems with protecting their EXE
and COM files. To trick these decompressors, programmers would simply use
their favorite hex editors to change the signature that UnLZEXE or PKLite
would look for on a file and hoped that nobody would change the signature
back to the original and decompress the file. PKWare added a -E option on
the $150 professional version of PKLite to prevent decompression, but that
has not really worked because hackers have created programs to expand the
"unexpandable" PKLite -E files and made them widely available -- some BBSes
local to me have 5-6 of these programs. Expensive hardware "SOLUTIONS" such
as "Everlock" have been defeated by Neverlock those programs.
Protect! EXE/COM enters the picture:
The first few versions of Protect! EXE/COM were not entirely secure
and eventually had unprotects made for them. Now Protect! EXE/COM v.3.x is
out with anti-debugging techniques, rewritten headers, and many more things
going for it. You've probably heard something like this before, so why
should you evaluate or re-evaluate this program ? This program is not the
same program that it was a few months ago and many times more time was
spent developing this version of Protect! than with other versions.
Similarly, in the world of house alarms, if one alarm were defeated by
burglars, does that mean that everybody should give up on alarms and not
use them anymore, surrendering their houses to burglars ? Instead, new
alarms and new file encryption systems are being continuously developed so
that you will be as secure and safe as ever. The reason that I wrote
Protect! EXE/COM was not for a "quick buck" until it got hacked, but to
help slow hacking in the computer world so that eventually nobody will have
to worry about every Dick and Jane modifying their files. Try yourself, if
you want, to reverse engineer one of your programs protected with Protect!
EXE/COM and I hope you like Protect! EXE/COM !
Requirements:
The requirements are basically nothing: DOS 2.0, IBM PC, 256k, etc...
I can run this program on my 4.77 mhz XT and have it run quickly. The one
major software requirement for protecting EXE files is that you are
REQUIRED TO OWN AN EXECUTABLE COMPRESSION PROGRAM such as LZEXE (FREE!), or
PKLite. The reasons are simple -- scrambled data seems more scrambled if it
Page 2
is compressed first. If you have huge sequences of the same character
(particularly ASCII #0), the encoding sequence can be revealed much more
easily than if you simply have the tokens and marker characters that a
compression program would leave instead. Relocatable items are also
resolved by the compression program, allowing Protect! EXE/COM to calculate
a CRC more reliably. Of course, the file also takes up less space when
compressed with an executable compressor, and it will give a hacker more
problems than those that Protect! EXE/COM gives alone. Protect! EXE/COM
also can insure that the programs that it protects will run consistently if
they originate in the more consistent form that LZEXE or PKLite provides
them in. Besides, LZEXE is a free program thanks to the generosity of
Fabrice Bellard, and if you need a good yet free EXE compression utility,
you should obtain that program (because it only takes a few minutes to get
by modem or a few dollars for it on a disk, and it has been translated from
French into English, so you really should have no excuse for not having it,
particularly if you are a professional developer). Most importantly,
Protect! EXE/COM will almost surely protect any file that has been
compressed with LZEXE or PKLite because the requirements are very similar:
Windows files, OS/2 files, and the many overlays that cannot be compressed
with LZEXE and PKLite cannot be protected by Protect! EXE/COM either, so if
a file can be compressed, it can probably be protected. Overlays are taken
care of properly in many cases, but you can have problems with them
especially if they are large overlays.
How to use Protect! EXE/COM:
To use Protect! EXE/COM, you can run it from the command line or
interactively. To run it interactively, simply run ProtExCm.EXE with no
parameters and you will be asked to select a file to compress through
scrolling menus:
ProtExCm
To run it from the command-line, simply run ProtExCm.EXE with the
program to protect and optionally (if you are registered) a file with the
CRC message in it and, again optionally, a name of a file with a message to
display before the program starts (Starting Message). Here is an example:
ProtExCm Program.EXE CRC.MSG Starting.MSG
If you are registered, you will probably want to run it from the
command line so that you can define your own CRC message. The CRC message
file must:
1) Be less than 420 bytes (sorry, but you can't have elaborate
ANSI screens scrolling every which way). The DOS console is
used, so that ANSI control codes can be used, but that is not
recommended because not everyone has ANSI.SYS installed. There
is enough space to tell your users that there may be modification
and therefore they should report the file and source to you and
have your address posted.
2) Not have any dollar sign characters ($) in it. This is a carry-
over from CP/M, an 8-bit operating system for the Z-80, and it
cannot *easily* be avoided through that DOS call (service 9).
3) Should start with "ESC[=3h" (ESC=ASCII #27) as a courtesy to
ANSI users to clear their screen and alert them to the problem.
Page 3
You may also wish to change the color to light red or something
like that to alert the user even more.
4) Should alert to exactly what has happened without using technical
jargon about "Cyclic Redundancy Check" or "modulo-2 arithmetic."
Just tell the user to report the file to you.
In addition, an errorcode for DOS of 250 is returned when a CRC error
occurs. The first file name is the file to protect, the second is always
the CRC message file and the third is always the starting message file.
Please note that no file can be expanded after being protected with
Protect! EXE/COM, so please preserve the original file (.OLD) until you are
sure that the protected file runs correctly (some incompatibilities may
arise with certain files). That is about all that you need to know before
you can really start protecting your programs with Protect! EXE/COM. EXE
files must be compressed with LZEXE, PKLite, or some other executable
compression utility such as TinyProg or Compack and then protected but COM
files can be directly protected. A file called Protect.BAT is included, and
using it can be much easier than doing the steps separately:
Parts of Protect.BAT :
if %2=="COM" goto comfile
lzexe %1.EXE (you can use PKLite here also)
ren %1.OLD %1.BAK
ProtExCm %1.EXE %3 %4
del %1.old
ren %1.bak %1.old
goto End
comfile:
REM you can use PKLite to compress COM files if you want
ProtExCm %1.COM %3 %4
End:
To call this batch file, simply type "Protect PROGRAM COM" to protect
PROGRAM.COM or "Protect PROGRAM EXE" to protect PROGRAM.EXE.
Which Files can't be Protected:
MS Windows, OS/2, and overlay files cannot be protected with Protect!
EXE/COM. Basically, anything that can be compressed with LZEXE or PKLite
can be protected. Some programs, however, do not like being protected. Some
commercial programs have it in their licenses that they cannot be
protected, and other programs simply have types of copy-protection which
inhibit their protection with this program. DO NOT PROTECT COMMAND.COM,
IBMBIO.COM, IBMDOS.COM (IBMBIO.COM and IBMDOS.COM correspond to IO.SYS and
MSDOS.SYS in MS-DOS), or any other system-type file. You will most likely
have to reboot the computer from a system disk if you try that. Other
programs also have their own loaders like COMMAND.COM does -- don't protect
these either. OVERLAY FILES can be more reliably protected than with
previous versions, but STILL MAY NOT WORK. Overlays may crash the computer
or set off the CRC code, so always test an overlay file before distributing
or otherwise using it.
Legal Terms / Disclaimer:
Page 4
Protect! EXE/COM ("program") will alter executable files and may
render them useless (that is why .OLD files are created, in case of
incompatibility arises with a particular file) in certain circumstances.
Under no circumstances may Jeremy Lilley ("author") be held liable or
accountable for any damage to system files, executable files, data files,
or any other system damage. The author also may not be held accountable for
loss of profits or for any other damages incurred by the use or misuse of
the program. The author has forewarned any users that permanent damage to
files may occur with misuse of his program and in executing the program,
any user understands this risk. There is not guarantee that this product
will not be broken into, however the author has made it extremely difficult
to break through the files.
Don't worry -- there is little risk of damage resulting from this
program's use as long as you use it correctly. However, if you try to make
it mess up, it probably will. Just don't try protecting IBMBIOS.COM and
then wondering why your system won't boot up correctly.
License:
You may use Protect! EXE/COM for the purposes of evaluating it (after
understanding the disclaimer and the documentation) for 30 days. No files
protected by Protect! EXE/COM during this trial period may be distributed
to other computers at all, commercially or non-commercially. If you find
Protect! EXE/COM to be of use to you, you must register Protect! EXE/COM
with the author. Government, educational, and commercial institutions
absolutely must register this program with the author before use (please
contact him for quantity discounts). Sysops, user groups, disk vendors, and
other similar organizations may distribute Protect! EXE/COM provided that
no files are excluded from the distribution and that no more that $10 is
charged for distribution. IN ADDITION, BECAUSE THIS IS ENCRYPTION SOFTWARE,
IT *MUST NOT* BE DISTRIBUTED TO Afghanistan, Albania, Bulgaria, Cambodia,
Cuba, Czechosovakia, Hungary, Iran, Iraq, Libya, North Korea, China, Poland,
Romania, Syria, the former USSR, Vietnam, Yemen, and other U.S. encryption
export prohibited nations. No registrations will be taken from these places.
How Does Protect! EXE/COM Stand up to Other Utilities?
Protect! EXE/COM's first concern is security -- especially with EXE
files. While NO OTHER utility allows a CRC to be taken EACH time your
program is run, Protect! EXE/COM does so each and every time. Though
loading may be slightly slowed, Protect! EXE/COM is still much faster than
fooling around with copy protection-type schemes because Protect! EXE/COM's
loader loads completely in memory using highly-optimized routines. Try
PKLiting an EXE file and change a byte or two in the middle of the file
(find parts of text that you can still recognize slightly). As long as the
program doesn't crash, PKLite doesn't notice your changes at all. A hacker
can also decompress a program compressed with PKLite or LZEXE quite easily
-- even if a program is compressed with the -E option (supposedly
"invincible") on the professional version of PKLite. After decompressing,
any hacker can "fix" your program (remove copyright screens, add "trojan
horse" routines, etc...), compress it up again, and spread it around,
possibly damaging your profits, your reputation, and others' computers. (I
hope you have a good disclaimer...) Fortunately, hacking is not totally
rampant like that, but it still is a possibility and a risk, and it is much
better to pay a few dollars to be safe than to be sorry. I don't want to
have "hacks" of my programs floating around or to have to worry about that,
and neither should you. Though NO software-only protection program is 100%
fool-proof, I am pretty sure this program is the best for protecting your
Page 5
EXE and COM files. Most "trojan horses" and "hacks" can't be detected by
ordinary virus scanners, and it is up to you to defend the security and
well-being of your programs.
Notes About Protecting:
The COM header adds about 450 bytes plus the error messages and the
EXE header adds about 600 bytes to the file plus the messages. The old
headers have been entirely trashed and re-written to bring you more secure
new headers. Once you get Protect! EXE/COM to work on a file (test a file
to make sure it works because, once again, Protect! EXE/COM has had some
known incompatibilities with certain files), users of that file will not
know that it has been protected unless they get a CRC violation and your
custom error message explains exactly what happened to them. You can expect
minimal slowing on files, but if you want more of an approximation, you can
use this formula for EXE files (COM files are a bit faster, but they are
all below 64k, so that you won't need to worry about their slowing),
assuming that you know the Norton SI rating of a machine (the Norton SI is
the many times faster than the 4.77 mhz XT a certain machine is):
Size of File in K bytes
Delay in Seconds= -----------------------
25 x Norton SI Rating
For example, a certain 386-40 may be 36 times faster than an XT. If
you have a 90k file, 90/(25*36) = more or less 1/10 second. On a 486-50
with an SI of 100, the same 90k file may take 90/(25*100) or .036 second
longer. I think I've made my point that the delay is so minimal that
*nobody* will notice it (unless somebody's loading a 300k file on a 4.77
mhz XT).
Finally, Protect! EXE/COM's Cost:
After seeing how Protect! EXE/COM can save you time, effort, energy,
and money, it is now time to discuss price. There are NO "run-time fees,"
"royalties," or anything of the type attached to the cost of Protect!
EXE/COM; you can protect and distribute as many files as you want with
Protect! EXE/COM once you register. The cost is $25 per copy of Protect!
EXE/COM which may be used on one machine. There is almost no difference
between the registered and unregistered versions of Protect! EXE/COM except
for the "beg screen" and the absense of CRC error message customization. I
was going to have the unregistered version of Protect! EXE/COM imbed a
copyright message or something like "Made With an UNREGISTERED Copy of
Protect! EXE/COM" into the output file, but I DECIDED AGAINST IT because
most people could get out their favorite hex editor and replace it with
their own message. Instead, it uses a message saying that the file was
protected with an UNREGISTERED copy of Protect! EXE/COM for its CRC error
message and that nobody should have that copy in the first place because it
was illegal to distribute protected files protected by the unregistered
version. My program is really not crippled except that I'm sure you would
want to use your own CRC error messages instead of the one I've provided
with the unregistered version, and I really do not like finding programs
protected with the unregistered version of my program being distributed.
There is a definite threat of hackers and viruses on the loose and it
is your responsibility to protect your programs. While some compression
utilities such as LZEXE and PKLite that are already on the market
marginally have the ability to protect your programs, only Protect! EXE/COM
Page 6
has the renewed ability to provide much more protection for only $25.
Thank you for evaluating Protect! EXE/COM and actually reading this
much of the documentation -- Happy EXE/COM Protecting!
Send any Inquiries and Registrations to:
Jeremy Lilley
Protect! EXE/COM
27816 Radfall Court
Santa Clarita, CA 91350
Compuserve: 75060,2074
Internet: 75060.2074@compuserve.com
Page 7