My software has been cracked

.NET obfuscator and automated error reporting

My software has been cracked

Postby smondrup » Sat Jul 31, 2010 12:50 am

I've been protecting my software with SmartAssembly for just a couple of months, but it has already been cracked. I'm not using the strongest protection, so I'm wondering if it's worth the trouble trying to get my software working with the strongest protection.

I release my software quite often, so I really just need a protection mechanism that's not too easy to break, but if the hackers have ready made tools that can break any program protected with SmartAssembly, then I don't want to go through the hassle of increasing the protection level.

Anyone with experience here? Any advice would be greatly appreciated.
Posts: 3
Joined: Sat Jul 31, 2010 12:38 am

Postby Eaton » Sat Jul 31, 2010 2:38 am

No matter what you do, if your software is popular, it will be cracked if the cracker has the determination. In this day in age, you can slow the process and make it harder, but you can't stop it.

SA is a good tool, but the more popular a protection tool is, the more attention it will receive.

You should implement more complex security checks in your programs. Don't rely on a protection tool to do everything for you, implement another blanket of defense.
Posts: 16
Joined: Tue May 18, 2010 3:20 am

Postby smondrup » Sat Jul 31, 2010 2:59 am

Thank you for your feedback. The software already implements many complex security checks including online checks, but if a hacker can read the source code with little effort, then it's not much help.

I know the software will get cracked sooner or later no matter what, but I was just wondering if I would be wasting my time trying to increase the protection level in SA.
Posts: 3
Joined: Sat Jul 31, 2010 12:38 am

Postby Brian Donahue » Sat Jul 31, 2010 10:12 am

I'd be interested to know in exactly what way the software was "cracked". There are a number of ways in which SA protects software. It can encrypt resources, so for example if you have a database connectionstring with a username and password, SA can encrypt that and it should be very difficult to break without the "private key", which you control access to.

Preventing disassembly is the major protection feature to protect your IP and licensing model. Since .NET Intermediate Language is human-readable (although arcane and difficult) it's easier to disassemble back to the original language (VB, C#) than unmanaged Win32 code is. SA helps by mangling method names (so if you have a method called "ConnectDatabase", it will be changed to something less-obvious), rewriting the flow control, and pruning.

I work at Red Gate as a support technician and I have to debug and reverse-engineer software for a living, and I can tell you SA makes it difficult for me. I rely on the exception reporting features to know what went wrong. Since the information about how to decode stack traces and get variable values is all kept on our site, this information is secure against malicious attackers who want to do the same thing.

If you have any information about how, specifically, someone managed to recompile or modify your app, I think I can honestly say that Red Gate would like to know, thanks!
Brian Donahue
Posts: 6590
Joined: Mon Aug 23, 2004 9:48 am

Postby smondrup » Sat Jul 31, 2010 10:55 am

Thank you very much for your response.

My software has been cracked a few times in the past, which was the main reasons why I started using SA. I really do like your software, since it's easy to use and seems to just work (especially after version 5).

I have not yet found the latest cracked version, so I know I should be careful with what I write, but here are the reasons why I believe my software has been cracked:

1. A user admitted to one of my associates that he purchased a cracked version, but would not reveal where he got it from.

2. My online activity log shows lots of people using the software with non-existing activation keys. This suggest the activation module has been deactivated in the software.

3. I've had the usual post-crack traffic spike on my website.

I've now increased SA protection to maximum level, and everything just seems to work with the latest version. I couldn't set protection to maximum level in previous versions without breaking my software.

If I get hold of the cracked version I'll send it to you together with the original version, so you can take a look at what they've done (I'm assuming it has actually been cracked here, which is of course not a certainty).

I can also send you the un-cracked software now if you're interested, just in case I've left anything exposed (I understand if you don't have time to look at this).
Posts: 3
Joined: Sat Jul 31, 2010 12:38 am

Postby slaphead99 » Mon Aug 02, 2010 11:29 am

It would be very much appreciated if you could send the cracked and non-cracked version. We will set up protected ftp space for you (just mail us here at:

whenever you are ready). We will call to confirm.
Posts: 92
Joined: Wed Mar 10, 2010 1:27 pm

Return to SmartAssembly 5

Who is online

Users browsing this forum: No registered users and 0 guests