Re: shareware locking
----- Original Message -----
From: "cklester" <guest at RapidEuphoria.com>
To: <EUforum at topica.com>
Sent: Wednesday, June 30, 2004 11:55 AM
Subject: Re: shareware locking
>
>
> posted by: cklester <cklester at yahoo.com>
>
> Mike Lester wrote:
> >
> > I am writing a game (think Tetris) and want
> > to try and distribute it via shareware.
> >
> > Does anyone have any experience using any
> > shareware locking with Euphoria.
> >
> > Is there any programs that work with Euphoria
> > or has anyone done anything written in Euphoria.
>
> Michael, I don't know of any particular library or program
> specifically for locking shareware. Here's what I would
> probably do...
>
> Have the program look for an *.ini file (like "reg.ini").
> If it doesn't exist, the program is "unregistered" and could
> show the splash screen or nag screen or whatever you choose to do.
>
> If the file does exist, it should contain the following info:
1. Registration Name
2. Registration Key (ill explain this later)
> 3. date of registration - if this date is BEYOND the current
> date (meaning they've backdated their PC), file is invalid.
> 4. date of expiration - if any. If current date is beyond this,
> file is invalid.
> 5. date AND time of last use - if the current date/time is
> BEFORE this time, file is invalid. This helps against
> users backdating their PC to bypass the protection.
> 6. Serial number of primary hard drive - this is generally
> considered unique from user to user. If this number does
> not match that of the current PC, file is invalid.
> 7. a "lock" - simply a checksum created from the ini file such
> that any change to the file will invalidate the file.
> The file could be encrypted (but wouldn't have to be because
> of the checksum lock).
8. two or three fake dlls in %system% that their existence would
indicate that the program had been installed.
9. A CLSID in HKEY_CLASSES_ROOT\CLSID (i.e.
{090EAA64-9B63-11D3-97C6-0060084856D4} )
As for the calculation of the registration key, it would be something
like the following
Start with USERNAMESECRETNUMBER1
as a text string, where USERNAME is the name of a user, and
SECRETNUMBER1 is a number KNOWN ONLY TO YOU
of which, in the text string, should be the ascii representation of the
hex representation of the secret number in 00000000 format.
Thus your secret number should be from 0 to 4294967295,
inclusive.
So what you started out with might be something like (without qoutes)
'William Heimbigner499602D2'
Then you get the SHA-1 or SHA-256 of this (SHA-256 is stronger)
In this case, SHA-1 would be:
3789126590B7930F04F70D32BB7F4CFBD513DF2F
and SHA-256 would be:
2ADBA8C11A5ACB9014C19E779050DFC2F86A92FAFDA0CBC42826284DECC135B8
then, as an optional *second* layer of protection, use the Blowfish
encryption algorithm to encrypt the above value, using a *second*
secret text-string as the password. That way, the 'codes' would be
very close to crack-proof. Don't believe there are real cracking groups
out there? Check out...
lomalka.ru
crackspider.net
mscracks.com
allcracks.net
crackway.com
you get the picture.
You could also use a different hash method (tho i wouldn't recommend it)
To get a feel for the various hash methods, check out the 'DAMN' Hash
Calculator ('DAMN' is the name of the group that made it) at:
http://www.damn.to/software/files/dm_hc151.zip
Hope my advice helps!!!!
Give in.. to the Euphoric Phorce!! - William Heimbigner - Euphoric Phorce.
If you need anything else, email me at:
icxcnika at hotpop.com
id love to help!!!
Original message by:
> -=ck
> "Programming in a state of EUPHORIA."
|
Not Categorized, Please Help
|
|
