digital rights management: shareware
DESCRIPTION
Digital Rights Management: Shareware. Yue Wang 24 Nov 2004. Agenda. Introduction Laboratory Setup Implementation / Analysis Conclusion Reference. Introduction. Digital Rights Management is more and more important because: More and more resources are crossing the network - PowerPoint PPT PresentationTRANSCRIPT
Digital Rights Management: Shareware
Yue Wang
24 Nov 2004
Agenda
Introduction Laboratory Setup Implementation / Analysis Conclusion Reference
Introduction
Digital Rights Management is more and more important because:– More and more resources are crossing the
network– Digital resources are easier to replicate than
analogue resources
Introduction (Cont’d)
In order to improve Digital Rights Management– Understand what is current
• Nobody is telling
– Analyze what is on market
Laboratory Setup
Laptop: 2.6GHz processor, 512MB RAM, 40GB hard drive
VirtualPC– Host: Windows XP– Virtual: Windows NT 4.0 (2 identical systems
are used)
Laboratory Setup (Cont’d)
2 sharewares with licenses Disassembler and debugger
– IDA Pro– OllyDbg
Other Tools– BinText– diff on cygwin– HHD Hex Editor
Implementation / Analysis
Install 2 sharewares on both guest virtual systems, register both sharewares on one guest system
Observe files and folders, not files were modified on the registered system
Analysis (Cont’d)
Compare folders copied from both guest systems with “diff” on cygwin, no difference found
Analysis (Cont’d)
Windows registry is modified under \HKEY_LOCAL_MACHINE\SOFTWARE\
Both sharewares add their registration information into Windows registry, either by adding keys or adding fields
Registry for unregistered sharewares
Registry for registered sharewares
Registry for registered sharewares
Analysis (Cont’d)
Result from BinText
Analysis (Cont’d)
Set breakpoint and debug
Analysis (Cont’d)
The registry key is accessed by ADVAPI32.dll, which is located under C:\Windows\System32
Try different breakpoints The program starts at location 004DB302
instead of 00400000
Analysis (Cont’d)
Notes:– To add breakpoint in IDA Pro, put cursor on
the line you want to select, click Debugger -> Add Breakpoint
– To add breakpoint in OllyDbg, put cursor on the line you want to select, press F2
Reference BinText:
http://www.foundstone.com/resources/proddesc/bintext.htm
cygwin: http://www.cygwin.com/ HHD Hex Editor:
http://www.hhdsoftware.com/hexeditor.html IDA Pro: http://www.datarescue.com/idabase/ OllyDbg: http://home.t-online.de/home/Ollydbg/ VirtualPC:
http://www.microsoft.com/windows/virtualpc/default.mspx
Questions
???