Board index » cppbuilder » ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications

ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications

SACS - Soubatchev AntiCopy System (ver. 2.3.0)
----------------------------------------------

SACS is a software tool that protects Delphi 3 / Delphi 4 / C++
Builder 3 / C++ Builder 4 applications.

SACS can either only protect the applications from illegal
copying/using or produce trial versions of these applications.

Description
-----------

The overwhelming majority of software cracks that may be found
in the Internet consists only of changing of several bytes in
the executable. Usually these are: changing of conditional jump
with unconditional, replacing call or compare operators with
NOPs or insertion of RET at the beginning of checking routines.

SACS is intended for struggle against such easy cracks.

SACS uses new (at least for me :-) approach to the problem of
the software protection.

In its protection technique SACS does NOT use a call of some
checking routine and subsequent conditional terminating of the
application.

Instead SACS modifies the project in such a manner, that for
proper functioning the application requires restoration of
event handlers (and, as a side effect, of Captions) of
different components of the main form.

The restoration, in turn, requires release code. Protected
application does not CHECK release code for validity during
execution, but USES it to restore event handlers (and Captions)
from encrypted data containing in the binary resource.

Using of encryption ensures, that without correct release code
the protected application cannot be easy cracked, because part
of the information, needed to run the application properly,
exists in the .EXE file only in the encrypted form.

Without correct release code the protected application will not
respond to various events - that is it will not perform any
programmed in the corresponding event handlers actions (and
Captions will be empty). The application may be launched, but
it will not work.

To be protected by SACS the project must contain main form with
components that have known to SACS event handlers (and
Captions), all must be set at design time.

SACS supports internationalization of messages, that it shows
to the user of the protected application.

Several SACS kinds and protection methods may be used to "SACS"
application.

There are four SACS kinds: "Strict" or "Loose"; "Only
protection" or "Trial version".

These kinds determine four possible protection schemes for the
protected application:

"Strict" + "Only" - each example of the protected application
runs properly only with release code(s) used to produce this
particular example.

"Strict" + "Trial" - each example of the protected application
runs as registered version with release code(s) used to produce
this particular example. Without ot with wrong release code(s)
it runs as trial version.

"Loose" + "Only" - the protected application runs properly only
with SACS code(s) produced by developer for each particular
user.

"Loose" + "Trial" - the protected application runs as
registered version with SACS code(s) produced by developer for
each particular user. Without ot with wrong SACS code(s) it
runs as trial version.

SACS protection methods determine what information will be used
by SACS as release code(s).

Any combination (but at least one) of the following SACS
protection methods may be used along with any of the above
mentioned protection schemes:

1. "PassPhrase" method uses string PassPhrase as release code.
Protected application will work only if the user passes the
same PassPhrase or corresponding SACS code.

2. "Hardware" method uses some specific to the user's computer
hardware information as release code. Protected application
will work only on computer used to get this information.

3. "Month" method uses information about one chosen calendar
month as release code. Protected application will work only
during this restriction month.

More detailed information may be found in SACS.HLP file:
http://www.urvb.ru/sacs/sacs_hlp.zip

Usage
-----

- Install SACS in any folder on your computer.
- Create Delphi or BCB project, then close it.
- Run SACS, open the project and "SACS" it, choosing
  appropriate SACS kind, methods and options.
- If needed, replace SACS_STR.PAS with appropriate localized
  version.
- Open "SACSed" project in the IDE and compile it.
- Now protected project will run properly only under conditions
  corresponding to chosen SACS kind and methods.
- Do not forget to "UnSACS" project before further modifying.

How SACS works
--------------

If project is ready to be "SACSed" SACS backs up appropiate
project's files in SACS_BAK directory. Then SACS removes
information about event handlers (and Captions) from .DFM
information about OnClick event handler of TButtons (and
Captions) of main form from .DFM, encrypts this information and
writes it in SACS_RES.RES resource file. Then it creates
appropiate SACS_DCU.* files and performs needed modifications
of the appropiate project's source files.

The protected application may be launched without or with wrong
release or SACS code(s), but application will not react to
treated by SACS events (and all treated by SACS Captions will
be empty).

Files in this package
---------------------

SACS.(c)     - SACS copyright notes
SACS.En      - English version of this file
SACS.Ru      - Russian version of this file
SACS.exe     - main program
SACS.hlp     - SACS help file
SACS_KET.INI - known to SACS events and their types
SACS_DCU.int - interface section of SACS_DCU.PAS
SACS_HWI.exe - SACS HardWare Info saver utility

SACSLite
--------

SACSLite is a freeware simplified version of SACS. It encrypts
only OnClick event handlers of TButton components (and all
Captions). In all other aspects SACSLite is identical to SACS.

You can download SACSLite from:
http://www.urvb.ru/sacs/sacslite.zip (always latest version) or
from Delphi Super Page:
http://sunsite.icm.edu.pl/delphi/ftp/d30share/sacslt05.zip.

Examples
--------

To check what "SACSed" by SACS and SACSLite applications look
like you can download file http://www.urvb.ru/sacs/sacstst.zip.

There you can find two example applications "SACSed" by SACS
and SACSLite.

Detailed information about SACS and terms of its acquisition
will be e-mailed to all who are interested. Please, do not
hesitate to contact me by e-mail.

Oleg Soubatchev

s...@urvb.e-burg.su
u...@mail.ur.ru
ICQ 16025691

 

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Suppose someone gives my application to another person and ALSO
the release code. How would you handle that? How is the release code
calculated?

Quote
Oleg Soubatchev <v...@online.ural.ru> wrote in message

news:7o98e5$o5l19@forums.borland.com...
Quote
> SACS - Soubatchev AntiCopy System (ver. 2.3.0)
> ----------------------------------------------

> SACS is a software tool that protects Delphi 3 / Delphi 4 / C++
> Builder 3 / C++ Builder 4 applications.

> SACS can either only protect the applications from illegal
> copying/using or produce trial versions of these applications.

> Description
> -----------

> The overwhelming majority of software cracks that may be found
> in the Internet consists only of changing of several bytes in
> the executable. Usually these are: changing of conditional jump
> with unconditional, replacing call or compare operators with
> NOPs or insertion of RET at the beginning of checking routines.

> SACS is intended for struggle against such easy cracks.

> SACS uses new (at least for me :-) approach to the problem of
> the software protection.

> In its protection technique SACS does NOT use a call of some
> checking routine and subsequent conditional terminating of the
> application.

> Instead SACS modifies the project in such a manner, that for
> proper functioning the application requires restoration of
> event handlers (and, as a side effect, of Captions) of
> different components of the main form.

> The restoration, in turn, requires release code. Protected
> application does not CHECK release code for validity during
> execution, but USES it to restore event handlers (and Captions)
> from encrypted data containing in the binary resource.

> Using of encryption ensures, that without correct release code
> the protected application cannot be easy cracked, because part
> of the information, needed to run the application properly,
> exists in the .EXE file only in the encrypted form.

> Without correct release code the protected application will not
> respond to various events - that is it will not perform any
> programmed in the corresponding event handlers actions (and
> Captions will be empty). The application may be launched, but
> it will not work.

> To be protected by SACS the project must contain main form with
> components that have known to SACS event handlers (and
> Captions), all must be set at design time.

> SACS supports internationalization of messages, that it shows
> to the user of the protected application.

> Several SACS kinds and protection methods may be used to "SACS"
> application.

> There are four SACS kinds: "Strict" or "Loose"; "Only
> protection" or "Trial version".

> These kinds determine four possible protection schemes for the
> protected application:

> "Strict" + "Only" - each example of the protected application
> runs properly only with release code(s) used to produce this
> particular example.

> "Strict" + "Trial" - each example of the protected application
> runs as registered version with release code(s) used to produce
> this particular example. Without ot with wrong release code(s)
> it runs as trial version.

> "Loose" + "Only" - the protected application runs properly only
> with SACS code(s) produced by developer for each particular
> user.

> "Loose" + "Trial" - the protected application runs as
> registered version with SACS code(s) produced by developer for
> each particular user. Without ot with wrong SACS code(s) it
> runs as trial version.

> SACS protection methods determine what information will be used
> by SACS as release code(s).

> Any combination (but at least one) of the following SACS
> protection methods may be used along with any of the above
> mentioned protection schemes:

> 1. "PassPhrase" method uses string PassPhrase as release code.
> Protected application will work only if the user passes the
> same PassPhrase or corresponding SACS code.

> 2. "Hardware" method uses some specific to the user's computer
> hardware information as release code. Protected application
> will work only on computer used to get this information.

> 3. "Month" method uses information about one chosen calendar
> month as release code. Protected application will work only
> during this restriction month.

> More detailed information may be found in SACS.HLP file:
> http://www.urvb.ru/sacs/sacs_hlp.zip

> Usage
> -----

> - Install SACS in any folder on your computer.
> - Create Delphi or BCB project, then close it.
> - Run SACS, open the project and "SACS" it, choosing
>   appropriate SACS kind, methods and options.
> - If needed, replace SACS_STR.PAS with appropriate localized
>   version.
> - Open "SACSed" project in the IDE and compile it.
> - Now protected project will run properly only under conditions
>   corresponding to chosen SACS kind and methods.
> - Do not forget to "UnSACS" project before further modifying.

> How SACS works
> --------------

> If project is ready to be "SACSed" SACS backs up appropiate
> project's files in SACS_BAK directory. Then SACS removes
> information about event handlers (and Captions) from .DFM
> information about OnClick event handler of TButtons (and
> Captions) of main form from .DFM, encrypts this information and
> writes it in SACS_RES.RES resource file. Then it creates
> appropiate SACS_DCU.* files and performs needed modifications
> of the appropiate project's source files.

> The protected application may be launched without or with wrong
> release or SACS code(s), but application will not react to
> treated by SACS events (and all treated by SACS Captions will
> be empty).

> Files in this package
> ---------------------

> SACS.(c)     - SACS copyright notes
> SACS.En      - English version of this file
> SACS.Ru      - Russian version of this file
> SACS.exe     - main program
> SACS.hlp     - SACS help file
> SACS_KET.INI - known to SACS events and their types
> SACS_DCU.int - interface section of SACS_DCU.PAS
> SACS_HWI.exe - SACS HardWare Info saver utility

> SACSLite
> --------

> SACSLite is a freeware simplified version of SACS. It encrypts
> only OnClick event handlers of TButton components (and all
> Captions). In all other aspects SACSLite is identical to SACS.

> You can download SACSLite from:
> http://www.urvb.ru/sacs/sacslite.zip (always latest version) or
> from Delphi Super Page:
> http://sunsite.icm.edu.pl/delphi/ftp/d30share/sacslt05.zip.

> Examples
> --------

> To check what "SACSed" by SACS and SACSLite applications look
> like you can download file http://www.urvb.ru/sacs/sacstst.zip.

> There you can find two example applications "SACSed" by SACS
> and SACSLite.

> Detailed information about SACS and terms of its acquisition
> will be e-mailed to all who are interested. Please, do not
> hesitate to contact me by e-mail.

> Oleg Soubatchev

> s...@urvb.e-burg.su
> u...@mail.ur.ru
> ICQ 16025691

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Quote
Oleg Soubatchev wrote:
> Then SACS removes
> information about event handlers (and Captions) from .DFM
> information about OnClick event handler of TButtons (and
> Captions) of main form from .DFM

Great. You only have to restore those event handlers (which you can
easily identify assuming that the programmer used reasonable names (and
who doesn't)), and the program is cracked.

--

Python
http://members.tripod.com/Pytho

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Quote
> Great. You only have to restore those event handlers (which you can
> easily identify assuming that the programmer used reasonable names (and
> who doesn't)), and the program is cracked.

No chances to restore.
"SACSed" application does not contain information about names of methods
that was "SACSed".
Their declarations are moved to 'private' section of form's type declration.

You can download SACSLite and check.

--
Best regards,

Oleg Soubatchev
s...@urvb.e-burg.su
u...@mail.ur.ru
ICQ 16025691

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Quote
> Suppose someone gives my application to another person and ALSO
> the release code. How would you handle that?

There are two main ways of illegal using of protected software:
1) stealing or illegal distribution of password or release code; and
2) cracking of executable or some of its part.

It is natural that there are no software means to successfully fight against
the first way.

SACS is intended for struggle against the second way of illegal
using of protected software.

--
Best regards,

Oleg Soubatchev
s...@urvb.e-burg.su
u...@mail.ur.ru
ICQ 16025691

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Doesn't the SACS "hardware" protection method tether the release code to one machine?
-KK
Quote
Oleg Soubatchev wrote:

> > Suppose someone gives my application to another person and ALSO
> > the release code. How would you handle that?

> There are two main ways of illegal using of protected software:
> 1) stealing or illegal distribution of password or release code; and
> 2) cracking of executable or some of its part.

> It is natural that there are no software means to successfully fight against
> the first way.

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Quote
Oleg Soubatchev wrote:

> > Great. You only have to restore those event handlers (which you can
> > easily identify assuming that the programmer used reasonable names (and
> > who doesn't)), and the program is cracked.

> No chances to restore.
> "SACSed" application does not contain information about names of methods
> that was "SACSed".
> Their declarations are moved to 'private' section of form's type declration.

Then I should just have to use my decompiler. And shouldn't they have to
move to the public section, because some other units may have to call
them.

--

Python
http://members.tripod.com/Pytho

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Quote
> Doesn't the SACS "hardware" protection method tether the release code to
one machine?
> -KK

Yes.

--
Best regards,

Oleg Soubatchev
s...@urvb.e-burg.su
u...@mail.ur.ru
ICQ 16025691

Re:ANN: SACS 2.3.0 - the ultimate software protection tool for Delphi and C++ Builder applications


Quote
> Then I should just have to use my decompiler.

And what will you get with decompiler ?
(And what to you mean under "decompiler" ? ;-)

Quote
> And shouldn't they have to
> move to the public section, because some other units may have to call
> them.

Other units have to call event handlers themselves, not methods
implementing those event handlers.

There is no problem with such behavior for "SACSed" application.

--
Best regards,

Oleg Soubatchev
s...@urvb.e-burg.su
u...@mail.ur.ru
ICQ 16025691

Other Threads