an5w3r
09-02-2004, 12:58 PM
What is Create License?
How many of you have been wondering this: "I've seen programs that works only for a specified pc, that are licensed for that pc only. How can a program like this, be done?"
Here's the an5w3r: "Create License" is a program that will cover the basics of creating "licenses", using the HDD serial number of the C drive and a basic XOR encryption algorithm.
The mechanism is the following: in the attachment you have 2 programs -> the one that makes the license and the sample program that tests if the current app is licensed for running on that pc.
Here's a little description of the two programs:
"Create License" is the program that creates the encrypted file, that in fact is the "license". In the main form you have a little textbox for entering the name of the user/license name. That info and the HDD serial number of the C drive will be stored into "licence.txt" in the current folder and then the app will self close, popping up a message like "The license has just been created.".
"Sample program" is the program that opens the encrypted file in BINARY mode, decrypt the info and then compare the decrypted HDD serial number of the C drive with the actual HDD serial number of the C drive on which the program is running. If the serials match then the program is licensed and the main form will be displayed, if not a message will pop up saying that you're running a unauthorized version and that you should contact the vendor for purchasing a license.
Some notes for further improving ("taking it to the next level"):
The encrypted file should have another name and should be placed in another folder... something like "C:\Windows\System", etc... there are billions of names and places, you just have to be creative.
For the XOR encryption method you'll need an encryption key (a string). In my example I've chosen "www.xtremevbtalk", just as an example, but you can change that and the larger the length of the string is, the more secure the encryption is. Lastly, putting a text string into an EXE directly is not a great idea for it can be read directly by a Hex editor. A hash function or pseudo random generator here would be more secure.
Maybe you're wondering why I've chosen to read the encrypted file in binary mode. The XOR encryption changes the ascii value of a character to something around 0 and 255. The problem occurs when the Chr(0) (Null Terminator) is placed in the encrypted text. If you read the file normally, then your encrypted text will be cut off once Chr(0) is encountered and this way the license is gone. Reading it binary will assure you that all the text is read and you won't have problems with the license. The binary reading method is commented in the source file.
The serial retrieved by me (using the GetVolumeInformation API function) is not the UNIC HDD serial. This serial will be changed once the partition is formatted. For retrieving the UNIC HDD you'll need some serious API knowledge. Of course you can identify the pc by other methods, like the MAC address, but of course not all the pc have network cards.
There are a lots of ideas if you want to do it in the proper way, so that it wouldn't be cracked by those mean guys who just want to ruin your work.
If you want to find more about the encryption methods, a really nice tutorial, is BillSoo's (http://www.xtremevbtalk.com/showthread.php?t=31778).
How many of you have been wondering this: "I've seen programs that works only for a specified pc, that are licensed for that pc only. How can a program like this, be done?"
Here's the an5w3r: "Create License" is a program that will cover the basics of creating "licenses", using the HDD serial number of the C drive and a basic XOR encryption algorithm.
The mechanism is the following: in the attachment you have 2 programs -> the one that makes the license and the sample program that tests if the current app is licensed for running on that pc.
Here's a little description of the two programs:
"Create License" is the program that creates the encrypted file, that in fact is the "license". In the main form you have a little textbox for entering the name of the user/license name. That info and the HDD serial number of the C drive will be stored into "licence.txt" in the current folder and then the app will self close, popping up a message like "The license has just been created.".
"Sample program" is the program that opens the encrypted file in BINARY mode, decrypt the info and then compare the decrypted HDD serial number of the C drive with the actual HDD serial number of the C drive on which the program is running. If the serials match then the program is licensed and the main form will be displayed, if not a message will pop up saying that you're running a unauthorized version and that you should contact the vendor for purchasing a license.
Some notes for further improving ("taking it to the next level"):
The encrypted file should have another name and should be placed in another folder... something like "C:\Windows\System", etc... there are billions of names and places, you just have to be creative.
For the XOR encryption method you'll need an encryption key (a string). In my example I've chosen "www.xtremevbtalk", just as an example, but you can change that and the larger the length of the string is, the more secure the encryption is. Lastly, putting a text string into an EXE directly is not a great idea for it can be read directly by a Hex editor. A hash function or pseudo random generator here would be more secure.
Maybe you're wondering why I've chosen to read the encrypted file in binary mode. The XOR encryption changes the ascii value of a character to something around 0 and 255. The problem occurs when the Chr(0) (Null Terminator) is placed in the encrypted text. If you read the file normally, then your encrypted text will be cut off once Chr(0) is encountered and this way the license is gone. Reading it binary will assure you that all the text is read and you won't have problems with the license. The binary reading method is commented in the source file.
The serial retrieved by me (using the GetVolumeInformation API function) is not the UNIC HDD serial. This serial will be changed once the partition is formatted. For retrieving the UNIC HDD you'll need some serious API knowledge. Of course you can identify the pc by other methods, like the MAC address, but of course not all the pc have network cards.
There are a lots of ideas if you want to do it in the proper way, so that it wouldn't be cracked by those mean guys who just want to ruin your work.
If you want to find more about the encryption methods, a really nice tutorial, is BillSoo's (http://www.xtremevbtalk.com/showthread.php?t=31778).