Vb encryption.

[webb315]

I have modified a snake game and made it online score system and winner will get a megaupload account. But the problem is one user decompiled it which i overcame with some php system, its now almost safe. But can any one tell me that is there any way to hide or encrypt my coding? So the when its decomplied the user can not see its coding.
I am going to release it on my site. can you guys tell me its safe or not?
Program is also attached.
Note: Original credits; sandeep

[si_the_geek]

I have removed your attachment, as it only contained an executable file - which is of no use to us in terms of answering your question. For the safety of our members, we do not allow executable files.

Despite the rumours and claims, VB programs cannot be decompiled. For more information, see the article How can I get the source code of a compiled VB file (.exe/.dll/..)? from our Classic VB FAQs (in the FAQ forum, which is shown near the top of our home page)

Any program can be debugged or disassembled, and there are various other ways to determine what the program does too.

Without details of what happened, we cannot tell what things were done in this case, and therefore can't tell you how to protect against it.

[webb315]

I have removed your attachment, as it only contained an executable file - which is of no use to us in terms of answering your question. For the safety of our members, we do not allow executable files.

Despite the rumours and claims, VB programs cannot be decompiled. For more information, see the article How can I get the source code of a compiled VB file (.exe/.dll/..)? from our Classic VB FAQs (in the FAQ forum, which is shown near the top of our home page)

Any program can be debugged or disassembled, and there are various other ways to determine what the program does too.

Without details of what happened, we cannot tell what things were done in this case, and therefore can't tell you how to protect against it.

Thanks for your help
But its true he got my system some how.

[si_the_geek]

Yes, but what you mean by "got"?

Don't think about how it was done, just explain to us (in as much detail as possible) what they achieved.

[The Rogue]

Make sure you compile in Native Code. What si_the_geek said was incorrect. If an app is compiled in P-Code, it is easy to get nearly the source code with VBDecompiler. It isn't exactly the same, but it gives you about 90% of it.

[smUX]

I am having a guess here, but the problem is not in any way with the EXE file. You are talking about someone hacking your online scoring system, and this is going to be an encryption issue for you to work out. You need code in the EXE to encrypt the score using a random number of some sort and you will need for the PHP online to be able to decrypt it using that random number. It will need to be a custom encryption if you want maximum security, although most encryption systems should be good enough for what you need.

ANY system is crackable. If you make an encryption system, someone may crack it and use it to upload modified scores, it's all about how difficult you make the whole process. The harder the process, the more worthwhile it has to be for the person to want to do so :-)

Edit: Although some obfuscated code in your EXE would also help, because they may try to crack it using the methods you described above. Also watch out for people using memory editor programs to change their scores in the game...there's ways around that but I won't go into it...that's a whole different issue, and you can post asking about it if you want.

[si_the_geek]

If an app is compiled in P-Code, it is easy to get nearly the source code with VBDecompiler. It isn't exactly the same, but it gives you about 90% of it.

That claim has been made repeatedly before, and every time it has always turned out that what I said is the actual case - nobody has ever shown good results, and the makers don't even claim it is a possibility (note that this quote is about 30% of their marketing!):

VB Decompiler restores many p-code instructions and although there is a long way to the generation of the source code that can be compiled, the decompiler will make analyzing the program algorithm much easier and partially restore its source code.

The highlighted part is explicit about not being able to get code that compiles, let alone the original code.

As mentioned in the FAQ article, a claim of being able to get "about 3%" of the code is the best there has been before now. Maybe this new one can do much better, but I doubt it... until there is decent evidence, it is not apt to have it mentioned in the FAQ article (as it is basically advertising), so I have hidden your post there.


However, it is good advice to compile to Native Code rather than P-Code, but that alone is by no means a solution to the issues - as smUX rightly said, the issue is much more likely to be cracking part of it somehow (which can be fairly easy) rather than partial decompiling of the executable.

How cracking can be protected against depends on what is actually going on (hence my questions), and what code/methods are used in that part of the program.