Software Cracking

Parent Previous Next

Software Cracking.

Any compiled binary can be targeted by a cracker. Some languages like Java and .NET produce binaries in an intermediate format that are notoriously easy to decompile, although binaries compiled to native machine code can also be the target of reverse engineering - it just requires a bit more effort.

If your binary is based on an intermediate format (Java, .NET etc.) please be aware, that any protective measures performed on this format may not possess the same level of security, once the final compile step (that generates the native machine code) has been invoked. The compiler may use optimizing techniques that reduce your protective measures. Always keep in mind that a cracker might attack your binary both before and after the final compilation.

If you are producing native binaries, these may look very complex and hard to analyze. However, you should be aware that very often a substantial part of these binaries are standard boiler plate code, which an experienced cracker can identify rather easy. Your code can easily represent only a small fraction of the binary and your security related secret stuff is usually only a very small part of that. This notion combined with the investigation of available text messages, calls to system API or standard libraries, runtime type information etc. will help the cracker to pinpoint where to focus the attention and insert a successful attack.

Before a cracker is able to modify the binary executable a good amount of knowledge about the program must be acquired. This involves statical analysis of the executable and sometimes runtime analysis and memory dumps etc.

Cracking is not an easy task and can require a good deal of expertise and available time. Lots of tools are available to assist the cracker - tools for debugging, disassembling, memory monitors etc. The most accomplished crackers can produce even more sophisticated tools.

Statical or runtime analysis of an executable is not always done with a malicious intent. Anti-virus research can involve a lot of the same analysis procedures. And sometimes cracking is done merely as an intellectual challenge.

However, cracking with a malicious intent is very widespread and can have extremely severe implications.