Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Delphi Anti Cheat (enable any disabled button)

Tags:

delphi

disabled-control

In my application there are some buttons that I've disabled for a reason. But these buttons are easily enabled by TNTEnforcer.

Is there any easy way to prevent this?

Tried to pack with some packer / obfuscator, but still can be enabled.

What is TNTEnforcer

like image 563
Bianca Avatar asked Jun 11 '14 07:06

Bianca

2 Answers

VCL controls are backed by Win32 controls and these are inherently insecure. You cannot restrict access to their properties and state. External programs can readily modify state, press buttons etc.

You might be tempted to run a timer that resets the UI state at a high frequency. This might make it a little harder for a cracker. But still not particularly hard, and at what cost to your program and code?

So, in my view, you should not attempt to stop external programs interfering with the UI state. Instead you can add checks and defences to the OnClick handlers and other code behind the UI. This is perfectly crackable too, but it does at least require a little more effect from the cracker.

You might write:

button.Enabled := False;
button.OnClick := nil;

when you disable the button. When you re-enable it you could write:

button.Enabled := True;
button.OnClick := MyOnClickHandler;

That's a rather crude way to do it. It might be preferable to push the checking down the call chain, into the OnClick handler itself, or even better, further down into your business logic. That way, no matter how the code reaches the business logic, if it needs to be blocked it will be.

like image 129
David Heffernan Avatar answered Oct 02 '22 12:10

David Heffernan

Unless the attacker has intimate knowledge of the inner workings of the particular version of the VCL that your app is using so that it can directly manipulate the VCL's internal memory, the best it can do is use standard Win32 APIs to manipulate the publicly accessible HWNDs of your app, such as by using EnableWindow() followed by BM_CLICK.

So one simple defense would be to remove the attack vector that you want to protect - in this case, by replacing TButton with TSpeedButton. TButton is a TWinControl descendant, so it has an HWND. TSpeedButton is a TGraphicControl descendant, so it does not have an HWND, and thus is not accessible to external processes because it is a custom drawn control managed exclusively by the VCL, not the OS.

like image 42
Remy Lebeau Avatar answered Oct 02 '22 11:10

Remy Lebeau
Sign in to Comment

Related questions

CheckBox in a DBGrid
Correct way to destroy a form and show another in Delphi
There is any quick way to, while debuging, to stop at a specific Windows Message or API?
Using TChromium, Delphi Chromium Embedded
Delphi self-deleting program
How can I work with Windows security groups without knowing their localized names in advance?
NSIS Plugin "nsScreenshot" not working in Windows NT 6.x
What 4 threads are running under an empty new VCL forms application? [duplicate]
Stopping Certain Keys in an Edit Box
Click through transparent form
Resize status bar panels to fit contents
How to enable line numbering in SynEdit?
How to get the list of fonts available - Delphi XE3 + Firemonkey 2?
This Form of method call only allowed for class methods error
Why does GetLastError return 0 when it's called in a DLL library?
Accidental space inserted - Why does this compile?
How to read Default Value of Registry Key
How to make a remote procedure call (SOAP client)?
How to check if a registry key exists
Hotkey to go to the function the cursor is on - Delphi

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!