Code injection and software cracking s effect on network security
Sponsored Links
This presentation is the property of its rightful owner.
1 / 26

Code Injection and Software Cracking’s Effect on Network Security PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Code Injection and Software Cracking’s Effect on Network Security. Group 5 Jason Fritts Utsav Kanani Zener Bayudan. ECE 4112 Fall 2007. Background. Lab 8 – Viruses But how are they hidden? Code Injection Injecting unwanted code into a program.

Download Presentation

Code Injection and Software Cracking’s Effect on Network Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Code Injection and Software Cracking’s Effect on Network Security

Group 5

Jason Fritts

Utsav Kanani

Zener Bayudan

ECE 4112

Fall 2007


  • Lab 8 – Viruses

    • But how are they hidden?

  • Code Injection

    • Injecting unwanted code into a program.

    • Used by virus writers to inject a virus procedure in the interior of a executable file (Trojans)

  • Software Cracking

    • Modifying software to remove protection methods such as copy prevention, trial/demo, serial number authentication.

Trojan Statistics

Tools Used

  • W32Dasm

    • Disassembler used to translate machine language to readable assembly language.

  • Hex Workshop

    • Hex editor used to edit raw binary applications.

  • OllyDBG

    • Debugger used to trace through program step by step.


Hex Workshop


Software Cracking

  • Major component of software piracy

  • “U.S. software industry lost over $2.9 billion in the U.S. and $11 billion in international sales from software theft”

  • Pre-compiled cracks widely distributed on websites.

  • Often contain malware injected in their code

    • Windows Vista activation crack

Lab Contents

  • Software Serial Crack

  • Key Generator

  • Code Injection Example

  • Defenses against code disassembly

Serial Key Crack

  • Software distribution done online

  • Serial Keys used as a type of user authentication

Finding authentication code

  • In disassembler W32dasm or debugger

  • Search for string comparison (cmp)

  • Jumps to “Invalid serial” if not equal (jne)

  • Note offset

Removing authentication

  • In Hex Editor

  • Go to offset of JNE

  • Change JNE to NOP (0x9090)

Checking your crack

  • Code bypasses JNE (Jump to “Invalid serial number”)

  • Any serial number can be used.

Key Generators

  • Requirements during Software Installation

    • Product Id

    • Serial Key

  • A variety of Authentication algorithms used

    • Algebraic expression( output = ((pid*2 + 73)*3) - 28)

    • Key gives a checksum of 25


One of the major contributors to Software Piracy

Available for free download on several websites

Program that generates a serial key or Registration number for a software

Automated knowledge of Assembly language not required by the end user

Making a Key-Generator

Code Injection Example

  • Find code caves (DB 00)

    • Unused memory locations in executable

  • Overwrite code caves with malicious codes

  • Redirect JMP instructions to malicious codes

  • Redirect back to original code

  • Resume normal operation

Code Caves

Code Injection Example

Code Injection Example

  • Injected code executes as well as original program


  • Product Activation

    • Online Activation

    • Telephone Activation

  • Encryption

  • Self Modifying Code

EXECryptor-Bullet Proof Software Protection

  • Features

    • Anti-cracking, anti-debugging, and anti-trace

    • Secure creation of custom evaluation and trial versions of your software

    • Built-in registration and license management

    • Compatible with several programming languages (Delphi, Microsoft Visual C++, Power Basic, Visual Basic)

    • Protection of several file types (EXE files, DLL and ActiveX components)

  • Uses Code Morphing

    • Obfuscates the code on the level of the CPU commands rather than the source level.

    • “EXECryptor's Code Morphing turns binary code into an undecipherable mess that is not similar to normal compiled code, and completely hides execution logic of the protected code. “

Unprotected Code

Protected Code


  • Code Injection


  • Software Cracking


  • Windows Vista Crack


  • Login