CGTalk > Software > Autodesk 3ds max > 3dsMax SDK and MaxScript
Login register
Thread Closed share thread « Previous Thread | Next Thread »
 
Thread Tools Search this Thread Display Modes
Old 02-18-2013, 12:54 PM   #1
DaveWortley
<database error>
 
DaveWortley's Avatar
portfolio
David Wortley
Technical Director
London, United Kingdom
 
Join Date: Dec 2004
Posts: 1,863
Send a message via MSN to DaveWortley
Protecting Maxscripts -> using a bit of C++?

I'm looking for some advice with adding security to my script. I don't want to encrypt a large amount of it as I want it to be open for modifications and for people to add their own custom parts. But I do want to protect the core code and functions I've written.

How easy/complex is it to use C++ to house some of the functions so that it's protected.
__________________
Maxscript Made Easy...
http://davewortley.wordpress.com/
 
Old 02-18-2013, 01:47 PM   #2
spacefrog
Frog of the posts
 
spacefrog's Avatar
Josef Wienerroither
Freelance
Vienna, Austria
 
Join Date: Sep 2002
Posts: 2,436
Hmm - why not modularize the script and have an encrypted core part whose functions get called via your open, unencrypted parts of the script ?. Other than writing a binary plugin (with all it's disadvantages) i can't think of any scenario which would require any C++ coding..

Or are you thinking about an assembly ? Would require obfuscation, otherwise anyone could decompile it with ILSpy or Reflector anyways...
__________________

PowerPreview: High Quality Nitrous Previews for 3ds Max 2012|2013|2014

[ Free Download (ScriptSpot) ]

Home of The Frogs | Online Portfolio
 
Old 02-18-2013, 01:59 PM   #3
DaveWortley
<database error>
 
DaveWortley's Avatar
portfolio
David Wortley
Technical Director
London, United Kingdom
 
Join Date: Dec 2004
Posts: 1,863
Send a message via MSN to DaveWortley
I just want to avoid anyone being able to run a decrypter on a maxscript file to get access to the core code so it'll be harder to crack.

Maybe a dlx would work ok? I could make an interface class and use that, and put some licensing checks in there no?

I'm diving in at the deep end with all this stuff.
__________________
Maxscript Made Easy...
http://davewortley.wordpress.com/
 
Old 02-18-2013, 02:21 PM   #4
denisT
MAX Doctor
 
denisT's Avatar
portfolio
Denis Trofimov
CA, USA
 
Join Date: Jul 2009
Posts: 9,498
Send a message via ICQ to denisT
Quote:
Originally Posted by DaveWortley
I just want to avoid anyone being able to run a decrypter on a maxscript file to get access to the core code so it'll be harder to crack.

Maybe a dlx would work ok? I could make an interface class and use that, and put some licensing checks in there no?

distributing tools with specific DLX is really the pain. today you have to support at least 10 max versions (2009 32 and 64, 2010..., 2011.., 2012..., and 2013...). I've never tried but documentation says that plugins for 2011 work for 2012. maybe.
so you have to have all their SDK, both VS 2008 and VS 2010. And of course all these versions of max for testing.
 
Old 02-18-2013, 03:13 PM   #5
Klunk
Lord of the posts
 
Klunk's Avatar
portfolio
Klunk
United Kingdom
 
Join Date: Sep 2005
Posts: 701
as Denis says it can be a real pain if you want to support the current user base (I've kinda settled on 2010 32 bit, it's nice I like it ). The actual C++ coding can be pretty trivial see the mxs extension thread to see just how simple some of the stuff is (it can be easier than mxs). But nub comes with the steep learning curve on visual studio and creating the intial project, I've taken to duplicating existing project I know that work as starting from scratch is very hit and miss sometimes, though that is not without it's pitfalls (renaming resources within a project what a nightmare !)

also it's kinda not really what dlxs are for, not saying you can't do it, but it should be used for stuff that can be used in many scripts... and if you are going to the trouble making a plugin project just for one tool why not make the whole tool a plugin and add function publishing if you want to support mxs ?

Last edited by Klunk : 02-18-2013 at 03:23 PM.
 
Old 02-18-2013, 04:13 PM   #6
DaveWortley
<database error>
 
DaveWortley's Avatar
portfolio
David Wortley
Technical Director
London, United Kingdom
 
Join Date: Dec 2004
Posts: 1,863
Send a message via MSN to DaveWortley
Because I've got a tool which is 15,000 lines of code long, I don't want to re-write it all

And I'd like to keep a lot of the UI stuff open for modding.
__________________
Maxscript Made Easy...
http://davewortley.wordpress.com/
 
Old 02-18-2013, 04:38 PM   #7
spacefrog
Frog of the posts
 
spacefrog's Avatar
Josef Wienerroither
Freelance
Vienna, Austria
 
Join Date: Sep 2002
Posts: 2,436
I doubt that the effort producing a real hard to crack protection mechanism in a plugin would really pay off. Maybe you got some nice new uncommon protection ideas, but in general, if people find your script/plugin interesting enough, they will find ways to crack it...
Maybe compiling some personal buyer info into the binary, encrypt and hide it behind multiple layers of obscurety and scrambling would work., but sooner or later i guess it still would be cracked ...

EDIT: just to add
And in case you still want to go the binary plugin route, don't do it the (legacy) .dlx way. Create a Utilitiy Plugin ( *.dlu ) and use Function Publishing ...
__________________

PowerPreview: High Quality Nitrous Previews for 3ds Max 2012|2013|2014

[ Free Download (ScriptSpot) ]

Home of The Frogs | Online Portfolio

Last edited by spacefrog : 02-18-2013 at 04:42 PM.
 
Old 02-18-2013, 07:36 PM   #8
lo
the frequentest!
portfolio
Rotem Shiffman
Tel Aviv, Israel
 
Join Date: Jul 2005
Posts: 2,837
Quote:
Originally Posted by spacefrog
Maybe compiling some personal buyer info into the binary, encrypt and hide it behind multiple layers of obscurety and scrambling would work., but sooner or later i guess it still would be cracked ...


Think of it this way: If Autodesk and Adobe can't prevent their software from being cracked, what chance do you have?
 
Old 02-19-2013, 12:08 AM   #9
denisT
MAX Doctor
 
denisT's Avatar
portfolio
Denis Trofimov
CA, USA
 
Join Date: Jul 2009
Posts: 9,498
Send a message via ICQ to denisT
Quote:
Originally Posted by lo
Think of it this way: If Autodesk and Adobe can't prevent their software from being cracked, what chance do you have?

they were cracked with no knowing how they work or maybe more... with no knowing what they do.
 
Old 02-19-2013, 12:29 AM   #10
denisT
MAX Doctor
 
denisT's Avatar
portfolio
Denis Trofimov
CA, USA
 
Join Date: Jul 2009
Posts: 9,498
Send a message via ICQ to denisT
Quote:
Originally Posted by spacefrog
Maybe compiling some personal buyer info into the binary, encrypt and hide it behind multiple layers of obscurety and scrambling would work., but sooner or later i guess it still would be cracked ...

i thought about something like:
# encrypt some library scripts with your own encryptor written with c++
# have a dll or dlx written with c++ and max SDK that can decrypt your encryption and run the code

to get your code a hacker has to disassemble and crack you dll. there several ways how make it not too easy.
 
Old 02-19-2013, 07:42 AM   #11
lo
the frequentest!
portfolio
Rotem Shiffman
Tel Aviv, Israel
 
Join Date: Jul 2005
Posts: 2,837
Quote:
Originally Posted by denisT
they were cracked with no knowing how they work or maybe more... with no knowing what they do.


It depends what you're trying to protect here. Do you want to prevent unlicensed use of a product, or do you want to protect against someone revealing your source code? It's really hard to imagine anyone will bother with the latter.
 
Old 02-19-2013, 10:22 AM   #12
DaveWortley
<database error>
 
DaveWortley's Avatar
portfolio
David Wortley
Technical Director
London, United Kingdom
 
Join Date: Dec 2004
Posts: 1,863
Send a message via MSN to DaveWortley
Quote:
Originally Posted by lo
It depends what you're trying to protect here. Do you want to prevent unlicensed use of a product, or do you want to protect against someone revealing your source code? It's really hard to imagine anyone will bother with the latter.


I was under the impression that decrypting an MSE file was a fairly easy thing to do with the help of Mr. Google.
__________________
Maxscript Made Easy...
http://davewortley.wordpress.com/
 
Old 02-19-2013, 10:49 AM   #13
lo
the frequentest!
portfolio
Rotem Shiffman
Tel Aviv, Israel
 
Join Date: Jul 2005
Posts: 2,837
Quote:
Originally Posted by DaveWortley
I was under the impression that decrypting an MSE file was a fairly easy thing to do with the help of Mr. Google.


I know that decrypting MSE's from old versions of 3dsmax is straightforward, but I've never seen a public tool for new versions. Then again, I don't frequent hacking forums.

My point was that it's likely people will only bother to attempt to decrypt your code if it is necessary for cracking the software in order to be able to use it without a license, not by other developers who are interested in stealing your code. So the question is are you encrypting it in order to make it a commercial product or only to protect your IP?
 
Old 02-19-2013, 10:59 AM   #14
DaveWortley
<database error>
 
DaveWortley's Avatar
portfolio
David Wortley
Technical Director
London, United Kingdom
 
Join Date: Dec 2004
Posts: 1,863
Send a message via MSN to DaveWortley
It's hopefully (I say so because the plans to release it aren't firm), going to be released as a commercial product and whilst I know it can never be secured against Piracy, I wanted to make sure that it wouldn't be a quick easy hack to bypass the security.

I can easily write the code to check MAC addresses etc just like PEN's licensing system does, and I guess that will have to do.
__________________
Maxscript Made Easy...
http://davewortley.wordpress.com/
 
Old 02-19-2013, 03:16 PM   #15
Ruramuq
ruɾamöχ
 
Ruramuq's Avatar
portfolio
Ruramuq   
 
Join Date: Aug 2004
Posts: 678
Quote:
Originally Posted by lo
I know that decrypting MSE's from old versions of 3dsmax is straightforward, but I've never seen a public tool for new versions. Then again, I don't frequent hacking forums.

Old or new .mse files indifferently, doesn't matter. I know for sure, It's a complete disappointment for protection.
But on the other hand, IMO, the most important is to alert the user, 'the tool is not free'. Autodesk could spend lots of time and money super-protecting their software, but they don't bother, because it's products benefit from popularity and dependence.
It comes to my mind FinalRender vs Vray, the former severely damaged themselves, because of their own fears..
__________________
I may not be following this thread.
.
 
Thread Closed share thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
CGSociety
Society of Digital Artists
www.cgsociety.org

Powered by vBulletin
Copyright ©2000 - 2006,
Jelsoft Enterprises Ltd.
Minimize Ads
Forum Jump
Miscellaneous

All times are GMT. The time now is 09:02 PM.


Powered by vBulletin
Copyright ©2000 - 2016, Jelsoft Enterprises Ltd.