 |
Cheat Engine
The Official Site of Cheat Engine
|
| View previous topic :: View next topic |
| Author |
Message |
r3xce
How do I cheat?
![]() Reputation: 0
Joined: 03 Jul 2015
Posts: 7
Location: 127
|
 Posted: Fri Jul 03, 2015 11:10 am Post subject: Program Security |
 |
|
Hello,
I need some suggestions of how to make a secure application, I want to do something to deprive only for VIP access.
I have heard that some developers use SSL as communication, but did not understand why.
I'm wanting to do a program auto update with safe at the same time without encomodar me with cracks or something.
appreciate suggestions, thanks!
_________________
Eternal Apprentice |
|
| Back to top |
|
 |
atom0s
Moderator
 Reputation: 205
Joined: 25 Jan 2006
Posts: 8587
Location: 127.0.0.1
|
| Posted: Fri Jul 03, 2015 1:00 pm Post subject: |
|
|
If you want to do something like this for VIP access then the best method for protection is using multiple things.
1. Put the least amount of things in the actual file, stream the rest to the client. By that I mean that any sensitive information and data should be removed from the actual file itself, and instead streamed to the client when they use your application. When the application starts, have the user login or use some type of license system to validate their usage then download needed information for the application to run from a remote location. Encrypt the data as needed for another layer of protection as well.
2. Protect the client file(s). Anything running on the users system should be protected with some type of protection, be it home-brewed or commercial. Using a packer that makes use of virtual machines is going to be your best bet these days, however they are not impossible to crack but they will deter the newbie crackers.
3. Protect the connection between the client and server. Be it using SSL or just encrypting the data flow, be sure that the traffic you are sending back and forth is not plaintext.
4. Make the client dumb. Be sure that everything you do to ensure the user is valid and can run the application is happening on the server. The client should have no control of what happens if they fail to validate. The client should not contain enough information in it to run if the user fails to validate. The server should be handling everything in terms of checking their username/password, validating their account has VIP access, sending back required information in order to use the application etc.
If the client has any control of what happens, then it has means to being hacked/cracked in the long run.
This does not make your application crack-proof, but it definitely helps with any non-experienced cracking. Given that you can change things on the fly in the server for things such as encryption or access, it helps keep your information polymorphic if you discover someone is trying to or has cracked a version of your application. You have the ability to then change things on the fly to deter their efforts.
_________________
- Retired. |
|
| Back to top |
|
|
r3xce
How do I cheat?
![]() Reputation: 0
Joined: 03 Jul 2015
Posts: 7
Location: 127
|
| Posted: Sat Jul 04, 2015 9:06 pm Post subject: |
|
|
thanks a lot atom0s!
_________________
Eternal Apprentice |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
