WASM reverse engineering protection
821 views
Skip to first unread message
Mehaboob kk
Apr 14, 2021, 3:43:45 PM4/14/21
to emscripten-discuss
Hello All,
Is there any technique to protect the WASM code from reverse engineering? I have a licensed software which need to be protected. I am worried that the reverse engineered code can be modified to bypass the license and compile it back again
Any inputs please
Thanks,
Mehaboob
J Decker
Apr 14, 2021, 8:22:02 PM4/14/21
to emscripten-discuss
If code can be run, it can be reverse engineered; just a matter of how much work one wants to put into it.
If the code was compressed, and encrypted, then there'd still be a small bit code that has the decrypt, which can be extracted to get the rest, etc.
Remote checking is a better option; requiring a bit of external code that encodes the license in a varying way, for submission to the server, which might reply with some small code which enables it to actually function.
Of course - the really diligent would still just capture the reply and bundle it all up statically.
It's just a matter of how much time you want to make them spend... but much like a lock that can be opened can be picked, code that runs can be 'run' virtually, using just pen and paper.
--
You received this message because you are subscribed to the Google Groups "emscripten-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to emscripten-disc...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/emscripten-discuss/d9c09212-cad8-40e1-ba4c-88979f8437a2n%40googlegroups.com.
Shlomi Fish
Apr 15, 2021, 1:22:18 AM4/15/21
to J Decker, emscripte...@googlegroups.com
Hi Mehaboob!
On Wed, 14 Apr 2021 17:21:49 -0700
J Decker <d3c...@gmail.com> wrote:
> If code can be run, it can be reverse engineered; just a matter of how much
> work one wants to put into it.
> If the code was compressed, and encrypted, then there'd still be a small
> bit code that has the decrypt, which can be extracted to get the rest, etc.
> Remote checking is a better option; requiring a bit of external code that
> encodes the license in a varying way, for submission to the server, which
> might reply with some small code which enables it to actually function.
> Of course - the really diligent would still just capture the reply and
> bundle it all up statically.
>
> It's just a matter of how much time you want to make them spend... but much
> like a lock that can be opened can be picked, code that runs can be 'run'
> virtually, using just pen and paper.
>
In addition, refer to:
https://github.com/shlomif/Freenode-programming-channel-FAQ/blob/master/FAQ_with_ToC__generated.md#how-do-i-hideobscureencrypt-my-source-code-to-prevent-end-users-from-learning-how-it-works
(short URL: https://is.gd/SLSseX .)
It is a decades' old question that keeps getting asked.
Regards,
Shlomi
> On Wed, Apr 14, 2021 at 12:43 PM Mehaboob kk <mehab...@gmail.com> wrote:
>
> > Hello All,
> >
> > Is there any technique to protect the WASM code from reverse engineering?
> > I have a licensed software which need to be protected. I am worried that
> > the reverse engineered code can be modified to bypass the license and
> > compile it back again
> >
> > Any inputs please
> >
> > Thanks,
> > Mehaboob
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "emscripten-discuss" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to emscripten-disc...@googlegroups.com.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/emscripten-discuss/d9c09212-cad8-40e1-ba4c-88979f8437a2n%40googlegroups.com
> > <https://groups.google.com/d/msgid/emscripten-discuss/d9c09212-cad8-40e1-ba4c-88979f8437a2n%40googlegroups.com?utm_medium=email&utm_source=footer>
> > .
> >
>
--
Shlomi Fish https://www.shlomifish.org/
Funny Anti-Terrorism Story - https://shlom.in/enemy
Chuck Norris wrote solutions for all the problems of
https://en.wikipedia.org/wiki/Project_Euler , and they all run in under a
minute. In total.
— https://www.shlomifish.org/humour/bits/facts/Chuck-Norris/
Please reply to list if it's a mailing list post - https://shlom.in/reply .
On Wed, 14 Apr 2021 17:21:49 -0700
J Decker <d3c...@gmail.com> wrote:
> If code can be run, it can be reverse engineered; just a matter of how much
> work one wants to put into it.
> If the code was compressed, and encrypted, then there'd still be a small
> bit code that has the decrypt, which can be extracted to get the rest, etc.
> Remote checking is a better option; requiring a bit of external code that
> encodes the license in a varying way, for submission to the server, which
> might reply with some small code which enables it to actually function.
> Of course - the really diligent would still just capture the reply and
> bundle it all up statically.
>
> It's just a matter of how much time you want to make them spend... but much
> like a lock that can be opened can be picked, code that runs can be 'run'
> virtually, using just pen and paper.
>
https://github.com/shlomif/Freenode-programming-channel-FAQ/blob/master/FAQ_with_ToC__generated.md#how-do-i-hideobscureencrypt-my-source-code-to-prevent-end-users-from-learning-how-it-works
(short URL: https://is.gd/SLSseX .)
It is a decades' old question that keeps getting asked.
Regards,
Shlomi
> On Wed, Apr 14, 2021 at 12:43 PM Mehaboob kk <mehab...@gmail.com> wrote:
>
> > Hello All,
> >
> > Is there any technique to protect the WASM code from reverse engineering?
> > I have a licensed software which need to be protected. I am worried that
> > the reverse engineered code can be modified to bypass the license and
> > compile it back again
> >
> > Any inputs please
> >
> > Thanks,
> > Mehaboob
> >
> > --
> > You received this message because you are subscribed to the Google Groups
> > "emscripten-discuss" group.
> > To unsubscribe from this group and stop receiving emails from it, send an
> > email to emscripten-disc...@googlegroups.com.
> > To view this discussion on the web visit
> > https://groups.google.com/d/msgid/emscripten-discuss/d9c09212-cad8-40e1-ba4c-88979f8437a2n%40googlegroups.com
> > .
> >
>
--
Shlomi Fish https://www.shlomifish.org/
Funny Anti-Terrorism Story - https://shlom.in/enemy
Chuck Norris wrote solutions for all the problems of
https://en.wikipedia.org/wiki/Project_Euler , and they all run in under a
minute. In total.
— https://www.shlomifish.org/humour/bits/facts/Chuck-Norris/
Please reply to list if it's a mailing list post - https://shlom.in/reply .
Mehaboob kk
Apr 28, 2021, 6:27:03 PM4/28/21
to emscripte...@googlegroups.com
Hello,
Appreciate your help. Thanks for your response.
-Mehaboob
To view this discussion on the web visit https://groups.google.com/d/msgid/emscripten-discuss/CAA2GJqWtWBgix7K3VYT7NiUmRW4R%3DMHKsy570GiX_K7uhCbovA%40mail.gmail.com.
Reply all
Reply to author
Forward
0 new messages