anti-cracking library 1.0

Tips for making hard-to-crack applications
  1. Never set OnClick or other events at design time on controls, which are part of your Registration algorithm.
    This means - if your application has a "Register" button, which will start your KeyCheck algorithm, don't set the OnClick at design time. This is because of programs like DeDe (Delphi Decompiler) - they can very easily find event handlers set at designtime. And then, cracker will very easily locate your Keycheck algorithm and crack your application.
    So, you should assign it at runtime (Register.OnClick:=RegisterClick in TForms OnCreate, OnShow, OnResize or any other place).
    The best solution is to make the assignment dependent on ACLib detection functions like:
    if not SICE_Detect_CreateFile then
   Register.OnClick:=RegisterClick

  2. Don't use the Text property to obtaint text of TEdit
    Cracker will simply type bpx hmemcpy, click the "Register" button and SoftICE will stop your program at the place, where you read the Text property (i.e. very near to your KeyCheck algorithm).
    You should use the aclGetText function from ACLib instead.

  3. Use strong cryptography in your Keygenerating/checking algorithm
    By using RSA or any other asymmetric crypto algorithm, you can achieve that nobody will be able to create a keygen for your application. Simply use Digital signature of registered user's name as a part of user's registration code. The signature is generated from your private key and checked by public key in your program. There is only one method, which could cracker use to get the private key: brute force (this would take several days, months or years; depending on key length). If you need short signature, use 128bit key, but a really secure key starts at 512bits.

  4. NEVER show a message like "Entered serial is invalid"
    Don't display anything. Displaying such a message will bring cracker directly to your keycheck algorithm (he only has to look for the message in exe file and find references to it).
    Of course, this applies to messages like "Serial valid. Thank you for registering our product" too.

  5. Use random serial verification
    Verify only a small part of serial at once. Design serial verification randomly (for example: test other part of serial, when user does some action and (Random*100)<5...). Crackers really hate it :-)

  6. Use PE compressors and PE cryptors
    Try to find a compressor for which there is no unpacker available. The best solution is to code your own compressor/cryptor.

  7. Check integrity of your files
    Use algorithm like CRC-32 to check if your files aren't modified.

  8. Don't react on presence of debugger immediately
    If debugger detected, do some action, which will change the behavior of your program (for example: rewrite a part of program (keycheck algorithm) in the memory with random values). You can also unassign "Register" button's OnClick event, destroy object used in your keycheck. Use your fantasy.

  9. Learn from other programmers
    Crackers very often release a "Cracking tutorial" about cracking some programs. Here you can find many things about used protection schemes and why they were broken. Learn from mistakes of other programmers and don't do them in your software.