Shell Protection

The shell protection method provides a fast and easy way to protect your application. Since the shell protection wraps the executable, you do not need to add or modify any source code. This method can help you to save a lot of time and effort. It is also perfect for those who do not have programming skills, or do not have the source code.

 

You can integrate the shell protection into the executable by using the provided ElecKey Integrator tool. ElecKey Integrator features the wizard-style user interface that can guide you through the settings and options. Simply follow the wizard dialogs until finish; you can create the protected version of your executable within a few minutes.

 

The shell protection can wrap most of the executables, including EXE, DLL, OCX, and .NET assembly. To support different types of executables, the shell protection uses various techniques to modify the executable and create the protected version. For Win16, Win32, Win64, and .NET applications, the following protection methods are provided: Injection-1, Injection-2, EXE Scramble, and .NET Encryption. For DOS applications, the following protection methods are provided: DOS-COM, and DOS-EXE.

Protection Methods for Windows Applications

         Injection-1. The Injection-1 method encrypts the code section of the executable. It then injects the shell protection code into the header and stub of the executable, which functions to detect the Key and decrypt the code section at run time.

This method has an advantage that the protected program remains as a single executable. However, it may not be compatible with some types of the executable due to limitations preventing modification to the header and stub of the executable.

         Injection-2. The Injection-2 method uses the same approach as Injection-1. It encrypts the code section of the executable, but uses different techniques to inject the shell protection code into the header and stub of the executable. If it appears that the Injection-1 method does not work with your program, it is recommended to try to use the Injection-2 method.

         EXE Scramble. The EXE Scramble method scrambles and encrypts the executable. It then creates a separate loader that functions to detect the Key and decrypt the executable at run time.

Since the EXE Scramble method does not modify the header and stub of the executable, it is compatible with more types of the executable. For this same reason, this method is also less likely to get a false positive detection by some anti-virus software. If it appears that the Injection methods do not work with your program, it is recommended to use the EXE Scramble method.

         .NET Encryption. The .NET Encryption method encrypts the whole managed assembly. It then creates a native executable that is composed of the encrypted assembly and the loader, which functions to detect the Key and decrypt the assembly at run time.

Protection Methods for DOS Applications

         DOS-COM. The DOS-COM method encrypts the code section of the executable. It then injects the shell protection code into the header and stub of the executable, which functions to detect the Key and decrypt the code section at run time. This method is designed for the DOS COM executable, which the size does not exceed the limit of 640 Kbytes.

         DOS-EXE. The DOS-EXE method uses the same technique as DOS-COM, but designed for the DOS EXE and overlaid DOS EXE executable.

See Also

         Protecting Applications Using Shell