Code Protection: New MQL4 language(Build 600+) decompilation protection and other crack techniques.

New comment
 

Hi,

I read about the new mql4(Build 600+) and already updated my EAs, now i have a question. How secure is the new protection against crackers and other types of executable cracking and modifying the code. EX: hex editing date of expiration, memory dumps, etc.. How secure is a simple time restriction(expiration date) on a EA now? How to implement new protection techniques using the new language?

ex: 

bool Expire=TimeCurrent()>StrToTime("2014.09.30 00:00");
    if( Expire ) {
                Print("Demo period has expired: 2014.09.30 00:00 -  Contact: investguy@gmail.com ");
                return(1);
        }  

Thanks

 

From what Renat (CEO of Metaquotes) said :

  • New ex4 are native code (like DLL) and no more pseudo code. So they are more difficult to decompile.
  • ex4 are compressed (or other obfuscation technique not known) so have decompiled it's hard to understand it.
  • ex4 for Market are encrypted. The exact technique used is not publicly available.

I report these information from memory, so I hope I don't make a mistake. Also I don't check these informations in practice.

 
Thank You for the answer but it didn't add much to my knowledge. Is it possible to decompile? might be possible in near future? (any bets?)
 
investguy:
Thank You for the answer but it didn't add much to my knowledge. Is it possible to decompile? might be possible in near future? (any bets?)

AFAIK, an encrypted product can't be decompiled. You have to decrypt it first. A product can always be decompiled. But it's a matter of costs. If it cost you 10$ to decompile an old ex4, maybe the new ex4 will need 1,000,000$ (just to say something). You got the idea ?

  
StrToTime("2014.09.30 00:00");

A pure string is easy to hack. Try compiling it and seeing if the string is visible in the ex4. It's supposed to be encrypted now (Build 6xx). Verify.

Also why use a string at all? Use a real 8 byte datetime.

#define EXPIRATION D'2014.09.30 00:00'
 

It is encrypted but unfortunately the property variables are still visible.

 
investguy: It is encrypted but unfortunately the property variables are still visible.
That's not unfortunate, that's on purpose. If you can't read the copywrite in the file, then it's not copywrited. But the date string isn't visible.
 
investguy:

Hi,

I read about the new mql4(Build 600+) and already updated my EAs, now i have a question. How secure is the new protection against crackers and other types of executable cracking and modifying the code. EX: hex editing date of expiration, memory dumps, etc.. How secure is a simple time restriction(expiration date) on a EA now? How to implement new protection techniques using the new language?

ex:

Thanks


AFAIK, there is not the possibility, until now, of a decompiler currently working for .ex4 compiled with Build 6xx


BUT, the problem with your code, for anyone really interested in cracking it, is that it is very easy to turn your 

if (condition...)

to 

if (!condition

Or even easier, to NOP that return(1)

To resume, Decompiling is not possible now.


But what's still possible is dissassembling the code. And for anyone with little knowledge of assembler, reverse engeneering your code and cracking it would be fairly easy.

 
yokinfx: But what's still possible is dissassembling the code. And for anyone with little knowledge of assembler, reverse engeneering your code and cracking it would be fairly easy.
It not supposed to be machine code, it's supposed to be encrypted.
 
yokinfx:


AFAIK, there is not the possibility, until now, of a decompiler currently working for .ex4 compiled with Build 6xx


BUT, the problem with your code, for anyone really interested in cracking it, is that it is very easy to turn your

to

Or even easier, to NOP that return(1)

To resume, Decompiling is not possible now.


But what's still possible is dissassembling the code. And for anyone with little knowledge of assembler, reverse engeneering your code and cracking it would be fairly easy.

Really ? Can you prove it ?
 
Put your code in a DLL. That's the award winning answer since MQL2.
12345
New comment