> Not really... you can do a search for the setup code used to generate the
call to
> the authentication routine... Once it lights up 30 or so located - the
hacker's
> gonna get real busy circumnavigating the code inside the routine rather
than the code
> calling the routine...
But if you have a check by sending a bad regcode to the authentication
routine expecting it to return false then you catch the case of 'someone has
circumnavigated the code inside the routine making it return true all the
time'. Don't you? That would be the hope anyway.
Nahum
-----Original Message-----
From: Aaron Scott-Boddendijk [mailto:[EMAIL PROTECTED]]
Sent: Friday, 13 August 1999 10:46
To: Multiple recipients of list offtopic
Subject: Re: [DUG-OFFTOPIC]: Cracks
> This MIGHT be a good thing in some ways. IF you just have a generic
routien
> that you call to check if reg. or not, and do it in heaps of places, then
> the cracker is likly to get board and give up, not cos. its too
complicated,
> but cos there would be some many place.
> They wouldn't ness. know this straight awat either...
Not really... you can do a search for the setup code used to generate the
call to
the authentication routine... Once it lights up 30 or so located - the
hacker's
gonna get real busy circumnavigating the code inside the routine rather than
the code
calling the routine... Also never call your authentication code directly -
always use a
function pointer and have each module carry it's own copy of the function
pointer.
Add a couple of dummy parameters so that the search for call setup code
isn't
consistent and therefore hard to spot. Use several types of authentication
such as
code verification, CRC checks, file-date stamping.
--
Aaron Scott-Boddendijk
Jump Productions
(07) 838-3371 Voice
(07) 838-3372 Fax
---------------------------------------------------------------------------
New Zealand Delphi Users group - Offtopic List - [EMAIL PROTECTED]
Website: http://www.delphi.org.nz
---------------------------------------------------------------------------
New Zealand Delphi Users group - Offtopic List - [EMAIL PROTECTED]
Website: http://www.delphi.org.nz
