Download presentation
Presentation is loading. Please wait.
Published byNorman Morris Modified over 8 years ago
1
Digital Rights Management: Shareware Yue Wang 24 Nov 2004
2
Agenda Introduction Laboratory Setup Implementation / Analysis Conclusion Reference
3
Introduction Digital Rights Management is more and more important because: –More and more resources are crossing the network –Digital resources are easier to replicate than analogue resources
4
Introduction (Cont’d) In order to improve Digital Rights Management –Understand what is current Nobody is telling –Analyze what is on market
5
Laboratory Setup Laptop: 2.6GHz processor, 512MB RAM, 40GB hard drive VirtualPC –Host: Windows XP –Virtual: Windows NT 4.0 (2 identical systems are used)
6
Laboratory Setup (Cont’d) 2 sharewares with licenses Disassembler and debugger –IDA Pro –OllyDbg Other Tools –BinText –diff on cygwin –HHD Hex Editor
7
Implementation / Analysis Install 2 sharewares on both guest virtual systems, register both sharewares on one guest system Observe files and folders, not files were modified on the registered system
8
Analysis (Cont’d) Compare folders copied from both guest systems with “diff” on cygwin, no difference found
9
Analysis (Cont’d) Windows registry is modified under \HKEY_LOCAL_MACHINE\SOFTWARE\ Both sharewares add their registration information into Windows registry, either by adding keys or adding fields
10
Registry for unregistered sharewares
11
Registry for registered sharewares
13
Analysis (Cont’d) Result from BinText
14
Analysis (Cont’d) Set breakpoint and debug
15
Analysis (Cont’d) The registry key is accessed by ADVAPI32.dll, which is located under C:\Windows\System32 Try different breakpoints The program starts at location 004DB302 instead of 00400000
16
Analysis (Cont’d) Notes: –To add breakpoint in IDA Pro, put cursor on the line you want to select, click Debugger -> Add Breakpoint –To add breakpoint in OllyDbg, put cursor on the line you want to select, press F2
17
Reference BinText: http://www.foundstone.com/resources/proddesc/bi ntext.htm cygwin: http://www.cygwin.com/ HHD Hex Editor: http://www.hhdsoftware.com/hexeditor.html IDA Pro: http://www.datarescue.com/idabase/ OllyDbg: http://home.t-online.de/home/Ollydbg/ VirtualPC: http://www.microsoft.com/windows/virtualpc/defa ult.mspx
18
Questions ???
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.