Help to generate serial number...

belotrei

Member
Hmm, i think that's not the best way cableguy. One user purchased one full version and copy/share it to many other users.. (very high risk method...)
 

BPak

Active Member
Licensed User
Longtime User
Here is a method I used in Ebooks.

Create in your prog. an array of strings like this:
B7AFE3
F4D3EC
A2DEC5
BF2D6E
..... ETC.

I used about 200 items in array.

Now create a random number generator to come up with a number from 1 to 200 (numer of items in array). and save the String to a File.

Ask user to send the number (which I labelled as a Machine Number on the Registration Dialog) to you.

Loop up the correct string in the Array and send the String (A2DEC5) as the Password - which user is to enter. It is then saved to the file which is checked each time the program is started.
 

belotrei

Member
Bpak, thanks for sharing your applied method.. :)

But is it still safe if the user/someone [that finally knew how the protection works] copy the files (randomnumberfile and passwordfile) from registered device to another unregistered devices?
 

Cableguy

Expert
Licensed User
Longtime User
Hi,

I understand we all want to protect our software from hackers but, looking at all the great companies protections and how in a few days of launch their software has already been hacked...any protetion we can achieve is a good one...
 

belotrei

Member
Sorry, maybe I'm a stubborn (& a little bit perfectionist) man. You're right Cableguy.., sorry, just want to find the way as best as it can be.

Thanks guys.. (sorry for being annoying..) :(
 

Cableguy

Expert
Licensed User
Longtime User
I'm debating this isue with an "associate" of mine, and as far as we agreed, the best way to go is to find a web/e-mail based registration that returns a predefined or calculated string from a app generated "random" string...
A in my post ....

Logic:
save registry key, say "Cableguy"
Pronpt the user for name, say "Paulo Gomes"
Generate a ramdom string, say "xpto"
Crypt "Paulo Gomes" with crypto key "xpto"
Result is the registration key to send to software co. along with the User Name
With this registration key and User name we, the software co, create a serial key that when crypted with the key "registration key" cames out as "cableguy".

Not the easyest thing to crack, especially if the regestry key it sefl is randomly named....
Of course, if someone known how the protection works, it can be cracked but if not,.... very very hard to accomplish....

PS.: Hoppefully in the next weeks i'l be able to post an example of this procedure...
 

BPak

Active Member
Licensed User
Longtime User
My technique is not the best of the best but I use A to F and Numbers 2 to 8 for the strings so that if anyone looks at the code they would probably see it as HexCode which may throw them off the trail.

But there is no such thing that I have heard of to stop ALL hackers.

I use it as it is simple and effective enough for my use and most of my users would not be able to even use a HexEditor.

It could be further improved by adding other ideas for example getting user name and counting the letters instead of the Random Number.

I have found web pages that deal exclusively with discussions and articles on protecting software but they still have not come up with a perfect plan, just ideas on making it harder for the hacker.
 

dhillinmkewi

Member
Licensed User
Longtime User
Any Updates?

Hav eyou come up with sample code, yet? I have developed a scheme which uses multiple algorthms based on the Device ID - If no ID exists, then I use the owner registration, a random number generator, and may want to expand to include PPC model or SD Card information. Unless everyone who is sharing the program has the same pieces of hardware, the software will probably bomb.

Another thought I had was to use "changing passwords" scheme with frequent updates. Three of my applications are atrgeted at professionals who will likely appreciate the on-going development of new formd reports. With each release, the software is re-authorized. This is a nuisance, yes, but perhaps a sufficient one to discourage hackers.
 

elminster

New Member
Licensed User
Sorry for the long post :S

I've been playing around for a while writing a window surveying program and decided to just use something simple, the reason being that if Even m$ spending huge amounts of money and time on security get hacked within a day of release then nothing I can do will be fool proof! The only real way of securing an app is using a hardware key/dongle to protect it.

All I do is generate a random number and store it in the registry on first run. Users can register as "trial" which starts a countdown of 30 runs or ente a registration code based on the generated number multiplied by the numeric value of the current date which is again stored in the registry along with the machine ID. Can easily be defeated if you know how it works but is enough to scupper the people who'll be using it.

P.S. If anyone wants the code I've used you're more than welcome but I doubt it's anything spectacular as my programming experience is not exactly impressive :)
 

RandomCoder

Well-Known Member
Licensed User
Longtime User
Sorry to drag this up again but I've just come across this article that may be of interest to those of you that can write dll's ....... http://msdn2.microsoft.com/en-gb/library/aa446562.aspx
Apperently the .Net compact Framework has the ability to retrieve a unique device ID.

Regards,
RandomCoder
 

RandomCoder

Well-Known Member
Licensed User
Longtime User
Thanks for clarifying that Erel.
My understanding was that this would be available on all devices as it looked to be part of the .Net framwork. But as I see from your earlier post, this is possibly not available for all devices.

Thanks,
RandomCoder
 
Top