Geek Answers Handbook

How to protect delphi application source?

How can I protect my delphi application from decompilation? I know that there is some kind of software, such as themida, which I think will do it, but then protected exe launches an antivirus.

+4
source share
8 answers

It depends on your purpose.
If it's really just source protection, it's already done! If you do not include debugging information and symbols and add some kind of heavy insertion, good luck to recover some useful Pascal code from disassembling exe.
If this prevents people from seeing how it functions and hacking it, then you should include some protection against disassembly. It is more difficult, but doable. Often made a guarantee of protection against piracy.

+11
source

Everything that the processor can read can also be "decompiled", so there is no complete protection. But, as a rule, it is quite difficult to decompile the compiled Delphi code, and almost all identifiers and all comments are gone, of course.

Published parts of classes, DFM file information, and constants (including string constants) are present in the exe file in an easily readable way. You can reduce this problem by encrypting your lines, rather than using published and unused DFM files. However, all the information will be present in your exe file, so often it will be hard work, which does not provide real protection.

If you just want parts of your source code to be hard to read, complicate your algorithms ...

In the end, everything can be hacked. The only real way to avoid decompiling your application is to save the exe file from those that can execute it, for example, when you deploy it to your own server, but not to the client server.

+3
source

If you use Delphi Prism, then one of the many .Net decompilation tools will do the trivial task of accessing (the form) of your source code.

The only solution is to use one of the numerous .Net obfuscation tools. Unfortunately, I cannot make a recommendation because I have never had to use it, but Google should show you the way ...

If you compile your own Win32, then any form of obfuscation or even a debugging mechanism is a pretty waste of time. There are people who can read the assembly as easily as you or I read our native language. These things only slow down the reverse engineering process a little (and only hardly).

+3
source

A few years ago I had to rewrite the application left by its developer.

I can restore all things from DFM-s, Forms (with components) Query strings stored in TxyzQueries, raster images from image lists, some lines with decompiler, but application logic cannot be restored, but only method names with asm source inside.

There are downloaders (for example, UPX http://upx.sourceforge.net ) that extracts an encrypted compressed application into memory and loads it at startup, but AV often notes applications like infected ones :(

You can write a small application, for example, some tips:

www.codeproject.com/KB/cs/LoadExeIntoAssembly.aspx(.net) www.joachim-bauch.de/tutorials/load_dll_memory.html(for dll-s)

+1
source

Only applications protected by Themida stolen keys should run an antivirus (for example, Win32.Black detected by Kaspersky).

0
source

In general, you cannot protect your code from decompilation. However, with a tool such as Code Virtualizer , you can protect key areas such as your setup code decoder. Code that is virtualized is much slower and has certain limitations, but it adds a suitable hurdle for random hackers. This is best done in a script assembly so that it is added sequentially for release - this way you provide proper protection every time.

I recommend decoupling the installation code from BTW protection so that you can switch protection at any time without worrying about existing users.

Finally, Delphi forms are easily accessible, but usually it is not useful to modify them.

0
source

Complete disassembly is never achieved. I think for my own Win platform. If you do not include debugging symbols, etc. While compiling or hiding them with some kind of tool, it is very unlikely that your exe can be decrypted. I do not know what .NET is.

0
source

An easy way to protect an executable file is to run it as a web application on an Internet server. With the Delphi and Ajax library (for example ExtJS over extpascal , or IntraWeb / VCL for the Internet), you can convert desktop and client-server applications into web applications. (Examples) - this also makes the application available for other operating systems and mobile devices.

0
source

More articles:


All Articles