EXE Manager is designed for protecting EXE files from cracking. It has several protection methods. You can enable them separately. The methods are:
Checking
known
crackers
Intercepting
functions
calling
previous
handler
Decrypting
instructions
execute
Checking
program
terminated
normally
Of course, EXE Manager protects programs against debugging even if you disable all of the advanced protection methods listed above. (
EXE Manager can also do the following:
Protect
programs
password
message
protected
program
starts
Detect
required
hardware
Attach
programs
local
network
~CAUTION:~ It's strongly recommended that you read all about a certain option before you enable it. The reason is that some of the protection methods may not be compatible with some programs you protect, some TSRs or DOS versions. This means that even if a protected program runs correctly on your machine, it may not run somewhere else.
Most of EXE Manager's protection methods are only effective when EXE Manager is used together with some other protection systems. There are two typical sequences of actions you need to perform to protect your program. 9
~1. If you have the registered version of EXE Manager:~ +
Protect the program with EXE Manager with the following options checked:
Check
known
crackers
Intercept
calls
Dynamic
decryption
Check other options as your program requires.
If you want to protect the program with password, specify it now.
Protect the program with an external protection system. This may be
a copy-protection system, EXE packer, etc.
Protect the program with EXE Manager again. Now enable only the
Check
known
crackers
option.
Convert your program to COM format if desired.
~2. If you don't have the registered version of EXE Manager or your~ ~program is incompatible with EXE Manager's advanced features:~ _
Protect the program with an external protection system. This may be a
copy-protection system, EXE packer, etc.
Protect the program with EXE Manager with the following options checked:
Check
known
crackers
Intercept
calls
Check other options as your program requires.
Convert your program to COM format if desired.
If you have the source code of the program you protect, you may also check the
Enable
EM_Started
procedure
option and use some procedures from the
EM_PROCS.OBJ
file.
~See also:~
Index
Registration
Protection options
Trace
allowed
overlays
Code generation options
Check
known
crackers
Intercept
calls
Dynamic
decryption
Store
Store
areas
Leave
command
options
Enable
EM_Started
procedure
Novell
NetWare
attachment
Checking the required hardware
Required
Required
Supported
video
adapters
Abort
hardware
detected
Always
detect
hardware
Registration
You should register your copy in order to use all the features of EXE Manager. The registered version supports more powerful protection method - decrypting some parts of the protected program when it is running. This protects your programs against unknown to EXE Manager cracking tools.
Registration is ~free~ for hackers all over the world. Just drop me a message on boards where you find my name (Solar Designer) or catch me on IRC, I'm usually called Solar_Diz there. p
I don't mind if you ~crack~ EXE Manager to register it. In that case you have to tell me how long it took you.
~See also:~
Index
Source file
You need to enter the file name to protect here. It must be an EXE file. G
You can also use the
Select
button to select this file from a list.
Target file
You need to enter the target file name here. It must be an EXE file.
If you specify the same file as both source and target, a temporary file will be created and renamed to target only after the protection.
Selecting source & target files
You can use the Select button to select both source and target files from a list. If target file name was not specified before, both file names will be replaced with the selected name, otherwise target file name will remain the same and only source file name will be replaced.
If you specify the same file as both source and target, a temporary file will be created and renamed to target only after the protection.
Trace allowed
When both this option and the
Store
option are checked, EXE Manager will trace the specified program before protecting it to determine if its PSP is already in use (it is already protected). Z
If EXE Manager doesn't trace a certain program correctly, you may not check this option.
Copy overlays
When this option is checked, EXE Manager will copy overlays (if there are any) to the protected program.
Check for known crackers
Checking this option turns on the protection method described below.
Programs protected with this option checked will look for
known
crackers
in memory, and try to either disable them or abort the program.
~Advantages:~
It is the safest protection method.
~Disadvantages:~
It doesn't disable unknown crackers.
~Possible problems:~
None.
~See also:~ 2
Intercept
calls
Dynamic
decryption
Intercept DOS calls
Checking this option turns on the protection method described below.
Programs protected with this option checked will intercept DOS calls and perform some DOS functions without calling the previous handler. Furthermore, these programs will clear themselves from memory when they terminate.
~Advantages:~
Some crackers will not be able to popup. It will not be possible to crack a program protected with this option checked by making a memory dump after the termination.
~Disadvantages:~
It may be required to check the
Store
option and limit the command line length. <
Also, the protected program MUST terminate with DosFn 4Ch.
~Possible problems:~
If the protected program doesn't run, you may need to check the
Store
option.
If the protected program uses the EXEC function (DosFn 4Bh or INT 2Eh), it should only execute programs that terminate with DosFn 4Ch. To solve this problem, I recommend you to use the
EM_InitExec
and
EM_DoneExec
procedures.
~See also:~ l
Check
known
crackers
Dynamic
decryption
Store
Store
areas
Dynamic code decryption
Checking this option turns on the protection method that is only available in the registered version. This method is described below.
Programs protected with this option checked will have some parts of their code modified so that these parts can only be executed with the EXE Manager's INT 3 handler.
~Advantages:~
If somebody tries to crack a program protected with this option checked, even if he manages to make a memory dump, the code in this dump will not run without the EXE Manager's INT 3 handler. This means that the cracker will also have to include the handler to the cracked program. Even if he manages to do all that, he will be able to debug the cracked program only using debuggers that don't use INT 3.
~Disadvantages:~
It is required to check the
Intercept
calls
option. |
Also, you'll either have to check the
Store
areas
option or uncheck the
Leave
command
options
option.
~Possible problems:~
Some compilers that generate executable code, debuggers, etc. can't be protected with this option checked. B
Other problems are same as for the
Intercept
calls
option.
~See also:~ h
Check
known
crackers
Intercept
calls
Store
Store
areas
Store code in PSP area
In most cases you'll have to check this option if the
Intercept
calls
option is checked. Checking this option limits the command line length. If you specify more than 30 characters on the protected program's command line, an error message will be displayed.
~See also:~ k
Intercept
calls
Dynamic
decryption
Store
areas
Leave
command
options
Store code in FCB areas
When both the
Dynamic
decryption
and
Store
options are checked, you can check this option to leave some space for command line options.
~See also:~ j
Intercept
calls
Dynamic
decryption
Store
Leave
command
options
Leave command line options
When this option is unchecked the protected program will not receive its command line options.
Enable EM_Started procedure
When this option is checked the protected program will check if it was normally terminated the previous time and abort itself if it wasn't.
You must have the source code of the program you want to protect in order to use this protection method. You should insert a call to the
EM_Started
procedure to the very beginning of your program.
Novell NetWare attachment
This feature allows you to attach program to a local network so that it will run on all the computers in it, but won't run outside of it.
Every time you run a program protected using this method, it checks the NETWARE.KEY file in current directory. This file should be created using the NETWARE.COM program supplied with EXE Manager.
~See also:~ %
Specifying
attachment
keyword
EM_InitExec and EM_DoneExec procedures
These procedures may be required if you check the
Intercept
calls
option and your program uses the EXEC function (DosFn 4Bh or INT 2Eh). They are located in the
EM_PROCS.OBJ
file. |
You need to make a far call to EM_InitExec right before the call to EXEC, and EM_DoneExec after. Example for Turbo Pascal:
{$L em_procs.obj}
procedure EM_InitExec; far; external;
procedure EM_DoneExec; far; external;
SwapVectors;
EM_InitExec;
Exec(...);
EM_DoneExec;
SwapVectors;
end.
EM_Started procedure
This procedure sets the flag that indicates that your program's startup code is already executed. Definition for Turbo Pascal: :
{$L em_procs.obj}
procedure EM_Started; far; external;
~See also:~ /
Enable
EM_Started
procedure
EM_PROCS.OBJ
EM_Protected function
This function can be used to determine if the program is protected with EXE Manager or not. Definition for Turbo Pascal: D
{$L em_procs.obj}
function EM_Protected :Boolean; far; external;
~See also:~
EM_PROCS.OBJ
EM_GetCPU and EM_GetVideo functions
These functions return the detected CPU, FPU and video adapter types. Definition for Turbo Pascal: j
{$L em_procs.obj}
function EM_GetCPU :Word; far; external;
function EM_GetVideo :Word; far; external;
The EM_GetCPU function returns the CPU code in the low byte of the result, and the FPU code in the high byte.
The CPU codes are ,
Code
CPU
0
8086
2
80286
3
80386
4
80486
5
Pentium
0Fh
Not detected
The FPU codes are ,
Code
FPU
0
None
1
8087
2
80287
3
80387
4
80487
0Fh
Not detected
The value returned by the EM_GetVideo function ,
Bit
Mask
Detected adapter is compatible with ...
0
0001
MDA
1
0002
CGA
2
0004
EGA, 64 Kb
3
0008
EGA, 256 Kb
4
0010
MCGA
5
0020
VGA
6
0040
VESA SVGA
7
0080
VESA SVGA, 512 Kb
8
0100
VESA SVGA, 1 Mb
9
0200
VESA SVGA, 2 Mb
For example, the EM_GetVideo function returns the value 00FEh for a VESA SVGA with 512 Kb video memory.
~See also:~ *
Always
detect
hardware
EM_PROCS.OBJ
EM_PROCS.OBJ file
This file contains some auxiliary routines to use in programs that are intended to be protected with EXE Manager.
All the routines will work properly only if you protect your program with the
Intercept
calls
option checked. Also, all the routines should be called far.
The routines are:
EM_InitExec
EM_DoneExec
procedures
EM_Started
procedure
EM_Protected
function
EM_GetCPU
EM_GetVideo
functions
Known crackers
This version of EXE Manager knows the following cracking tools: $
Cracking tool
Version
Release
Author
EXE Manager's
Date
disabling method
INTRUDER
0.01b
MAY 94
CREAT0R, CreaSoft
Shows message
INTRUDER
1.20
JUN 94
CREAT0R, CreaSoft
'DO NOT CRACK!'
INTRUDER
1.30
JUL 94
CREAT0R, CreaSoft
and aborts the
program
AutoHack
4.1
FEB 94
J.Tolsky, BCP corp
AutoHack ][
1.0b
1994
Y.Tolsky, BCP corp
SnapShot Pro
3.0
1994
DaLe. Co
HACKTOOLS
3.00
1994
Oleg N.Kolesnikov
Cheat Compiler
1.0
1993
Steel Rat
Player's Tool
3.0
1993
Dmitry Yakunin &
Removes PT from
Player's Tool
3.996b
1994
Andy Robinson, UHC
memory
Debuggers
Soft-ICE
2.62
1992
Nu-Mega Tech.
Makes Soft-ICE's
Soft-ICE
2.64
1993
Nu-Mega Tech.
API calls
Soft-ICE/W
1.0
1992
Nu-Mega Tech.
Soft-ICE/W
1.3
1993
Nu-Mega Tech.
Soft-ICE/W
1.51
1994
Nu-Mega Tech.
Turbo Debugger
3.1
1992
Borland Int.
Changes some of
TD386
3.1
1992
Borland Int.
the debugger's
INT handlers, so
MS DOS Debug
3.30
1988
Microsoft Corp
the debugger
MS DOS Debug
5.00
1991
Microsoft Corp
won't work.
MS DOS Debug
6.20
1993
Microsoft Corp
PC DOS Debug
7.00
1995
Microsoft Corp
Symbolic Debug
4.00
1985
Microsoft Corp
386 MiniBug
2.0
1988
Phar Lap Software
386 MiniBug
2.2d
1989
Phar Lap Software
ACT N82538872
1993
Victor M.Gamayunov
D(ALF)
1.0b
1992
Obraztzow S.
EDB
0.15
1991
Serge Pachkovsky
Required CPU
You can select a CPU that your program requires. The protected program will check if it's present.
~See also:~
EM_GetCPU
EM_GetVideo
functions
Abort
hardware
detected
Always
detect
hardware
Required
Supported
video
adapters
Required FPU
You can select a FPU that your program requires. The protected program will check if it's present.
~See also:~
EM_GetCPU
EM_GetVideo
functions
Abort
hardware
detected
Always
detect
hardware
Required
Supported
video
adapters
Supported video adapters
You should select all the video adapters that your program supports. The protected program will check if one of them (or compatible) is present. }
You can only select a valid combination of adapters. For example, your program can't support CGA if it doesn't support VGA.
SVGA adapters are detected using VESA BIOS, so only VESA-compatible adapters can be detected. Realtek SVGA's bug is fixed - video memory size is determined correctly.
~See also:~
EM_GetCPU
EM_GetVideo
functions
Abort
hardware
detected
Always
detect
hardware
Required
Required
Abort if hardware not detected
When this option is checked, the protected program will terminate immediately if the required hardware isn't detected. Otherwise, the user will be asked if he wants to continue anyway.
Always detect hardware
When this option is checked, the protected program will always call all the hardware detection routines, for example, even if you specify that your program supports an 8086. z
You need to check this option if you're using procedures from the
EM_PROCS.OBJ
file to determine the type of hardware.
Show at startup
The line of text specified here will be displayed each time the protected program starts.
Password
If the
Novell
NetWare
attachment
option is not checked this field acts as a normal password that will be required to run the protected program. N
Otherwise this is the keyword you specify on the NETWARE.COM's command line.
(.txt)