|
Hi!
I want to protect my software with very simple mechanism. I will generate license number and when user purchase my software, I will send him that number by email. It will look like HTUG-F4DK2-EKFJ-JIII32. I cannot get his information (like name or company name), so I need something like this:
if(editbox_text == "HTUG-F4DK2-EKFJ-JIII32") MessageBox("congratulations");
How to make that more secure. Where to store license numbers in my application? Should I crypt them in file and then decrypt them before if statement?
like:
open_file(serial.txt); // I will actually store 5-10 crypted serial numbers IN CODE (and not in file) and every 5-10 copy I sell, I will change license numbers
decrypted_data=decrypt(serial.txt,decrypted_data);
if(edit_box_text == decrypted_data) MessageBox("congratulations");
Is this good?
I do not want to make complicated mechanism.
How to crypt that numbers?
Thank you!
|
|
|
|
|
No, that is a horrible way to do it. Search right here on CodeProject, there are several good articles on how to do this in a much more secure way.
The best way to accelerate a Macintosh is at 9.8m/sec² - Marcus Dolengo
|
|
|
|
|
Hell no!
If you protected your app like that, I'd own it in under 10 minutes
Even if I couldn't be bothered looking for the allowed serials, I'd just patch the jump that's made after the "if (edit_box_text == decrypted_data)" comparison.
Further to searching for articles here on CP, I'd heartily recommend you find and follow the series of tutorials by lena151. I found the experience gained within to be invaluable when it comes to devising a useful protection mechanism for an app.
If it's in C#, .NET Reflector with the Deblector & Reflexil plugins leads to the breaking of most apps in under 5 minutes! For others it make may take a little longer, requiring the use of additional tools.
You would be wise to use an exe protector program on your finished program. The best type would be one that utilized the virtual machine method, one like ASProtect SKE or Themida. These protection methods are very difficult to defeat and will allow you to prevent unauthorized eyes from decompiling/dissasembling/modifying/serial-fishing your app.
modified on Monday, August 25, 2008 9:41 PM
|
|
|
|
|
I found free IntelliProtector tool to protect my program from decompiling/dissasembling/modifying. Can I then use if (edit_box_text == decrypted_data) technique? Or what?
|
|
|
|
|
Nice find! Looks like a good tool - especially for free.
That may well provide enough protection for your app - it's all about statistics at the end of the day. Even Autodesk & Microsoft can be hacked - it's only our limited exposure that helps delay/avoid any hacking.
If you want to be sure, look up crackmes - simple programs that do nothing but check username/serial combos. The aim is to create one that no-one can break or conversely to break every one that comes your way.
You may wish to sign up at a ReverseEngineering forum and post your own crackme - a small program with your serial-checking method that has been protected with IntelliProtector too. One forum that you may find good value is: http://forum.tuts4you.com/index.php?act=idx[^]
|
|
|
|
|
I think IntelliProtector offers me what I need. It is also very simple to use. Thank you for your information. I am interested in reverse engineering but never had enough time to learn about it more than simple monitoring of API calls.
|
|
|
|
|
how do i convert a unsigned char to int ?
-Thanks
Nice things do nice works
|
|
|
|
|
unsigned char uc = 15;
int i = uc;
|
|
|
|
|
whoa - that's creepy
Would be scary if we used the same variable names and value.
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
wait, I have better code:
unsigned char uc = 15;
int i = (signed int)(unsigned int)(unsigned short)uc;
|
|
|
|
|
Extreme coercion....I like it!
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
unsigned char g = 42;
int h = g;
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
Unsigned data can only hold positive data, whereas signed data can hold both positive and negative data. In your case, the unsigned data is a char, and the signed one is an int and the conversion goes on smoothly. Converting an unsigned double to a signed int MAY be disastrous, depending on the value of the double. You Google for signed vs unsigned - these are the basics.
Many are stubborn in pursuit of the path they have chosen, few in pursuit of the goal - Friedrich Nietzsche
.·´¯`·->Rajesh<-·´¯`·.
[Microsoft MVP - Visual C++]
|
|
|
|
|
Dear All,
I am experiencing a different problem with CFile class. I am getting pThread error (memory exception) when I read some huge files using CFile class. The below code is working for file sizes upto 450 MB perfectly but for more than 450 MB I got error while reading 15 MB in that big file(s).
Please tell me whether I am doing correct with my code or is there any other ways to read huge files.
CString fname;
fname=pFileReading->OpenFileOL();
unsigned char *buffer1;
buffer1=(unsigned char*)malloc(16356 * sizeof(unsigned char));
bool x = cdata.Open((LPCTSTR(fname)), CFile::modeRead | CFile::typeBinary);
while(::WaitForSingleObject(filereadhandle,0)==WAIT_TIMEOUT)
{
tempvar=cdata.Read(buffer1,16356);
pFileReading->analyze(16356,buffer1,xi2);
xi2++;
if(tempvar<16356)
{
break;
}
}
cdata.Close();
|
|
|
|
|
Where does the exception occur?
Mark Salsbery
Microsoft MVP - Visual C++
|
|
|
|
|
Please kindly refer my last post.
|
|
|
|
|
bhanu_8509 wrote: ...but for more than 450 MB I got error...
And what would that error be?
What happens if you comment out the call to analyze() ?
What happens if you change the condition in the while() loop?
"Love people and use things, not love things and use people." - Unknown
"The brick walls are there for a reason...to stop the people who don't want it badly enough." - Randy Pausch
|
|
|
|
|
DavidCrow wrote: What happens if you comment out the call to analyze()?
It reads all the content of the file, but takes some time.
DavidCrow wrote: What happens if you change the condition in the while() loop?
Nothing happens (I mean the same error is throwing) even I change the conditions.
DavidCrow wrote: And what would that error be?
Error is :
Unhandled exception at 0x782c8cce (mfc80d.dll) in Analyzer.exe: 0xC0000005: Access violation reading location 0x6d6168af.
This is occuring at thrdcore.cpp at line no. 285.
I think the problem is with the analyze() function, but it is working for other files, please help me out to overcome this issue.
|
|
|
|
|
bhanu_8509 wrote: It reads all the content of the file, but takes some time.
And if you put the call back in, an exception is thrown?
"Love people and use things, not love things and use people." - Unknown
"The brick walls are there for a reason...to stop the people who don't want it badly enough." - Randy Pausch
|
|
|
|
|
Yes. Now I am checking the analyze() function. If you have any clue please advice me. Thank you very much for your help.
Many thanks.
|
|
|
|
|
bhanu_8509 wrote: If you have any clue please advice me.
I suspect it's the while() loop condition. It appears you are reading the file until EOF is encountered or some event is signaled. Is that correct?
"Love people and use things, not love things and use people." - Unknown
"The brick walls are there for a reason...to stop the people who don't want it badly enough." - Randy Pausch
|
|
|
|
|
I've modified CDialog to draw a window in a Windows Live Messenger style, using SerWindowRgn and with a custom drawn client area. One of the problems I’m having is when you size the window smaller, you see a gray border which shouldn’t be there. Please see My Code[^]. Am I handling the custom drawing correctly? Another problem is with controls flickering when I resize. I understand that this is caused by invalidating the entire window, but that's the only way I can cause the whole background to update. I will be adding in dynamic positioning and ownerdrawn controls.
Any help would be greatly appreciated,
Thank you.
modified on Monday, August 25, 2008 12:10 PM
|
|
|
|
|
Dear All
I want to Add some code when a Non Modal Windows is closed.
Which Event is Fired when such a situation is occured.
I test following Items and dont get answer:
1. OnDestroy
2. OnClose
Best Regards
Mahdi
|
|
|
|
|
Are you sure OnClose is not called? Are you not using OnCancel to close the dialog?
Somethings seem HARD to do, until we know how to do them.
_AnShUmAn_
|
|
|
|
|
Are you sure OnDestroy isn't called?
How do you 'close' the window?
If the Lord God Almighty had consulted me before embarking upon the Creation, I would have recommended something simpler.
-- Alfonso the Wise, 13th Century King of Castile.
This is going on my arrogant assumptions. You may have a superb reason why I'm completely wrong.
-- Iain Clarke
[My articles]
|
|
|
|