a SIMPLE example of Multi-Part Serials

[localmotion34]

So the debate about software protection and cracks continues to rage. Well, i put together a little EXAMPLE, not foolproof, but definitely showing what can be done.

It uses a multi-part serial inside a packed EXE. The serial is verified at startup, or the registration dialog, but OTHER checking is done when you want to save the image of my meter control.

I threw this together from the "Meter Control" example i posted before, just to show people that you can use multipart serials an image watermarking successfully. there are some comments, and a PDF, test app, and the PROPER keygen, as well as one like FFF or SND would make.

http://www.penguinbyte.com/apps/pbwebst ... ection.zip


I know Thefool is probably going to crack it shortly, but there are only 2 checks, and not 15-20. I can make one with 15-20, and i guarantee no one here would crack it for quite a while.

And by then, i would have UPDATED the app and modified the serial routine, which would make patches and keygens useless.

[THCM]

Nice idea, but do you really think the bad boys don't take a look at at least one regular registered key and don't recognize it's a lot longer?

[thefool]

I like the idea about the "good boy" message. It will for sure annoy a lot of people

do you really think the bad boys don't take a look at at least one regular registered key and don't recognize it's a lot longer?

They would need a working serial for this. Eventually I would add some sort of "random-lenght" to this if possible, so it looks like it just changes a bit in size if they SHOULD get hold of a few working serials.

[localmotion34]

Nice idea, but do you really think the bad boys don't take a look at at least one regular registered key and don't recognize it's a lot longer?

thats the thing: the FIRST part of the serial is simply the MD5 hash of the name and email added together. that ALWAYS comes out to 64 characters.

the SECOND part is the RC4 encryption of the name with email as the key plus the RC4 encryption of the email with name as a key. thats ALWAYS VARIABLE in length.

if you hide the secondary checks well enough, most groups will not think to ever find them.


you can always make a long time delay to alert the user that their serial is not fully correct. so they get a keygen and obtain the first 64 characters and get the "thank you message".

now, in some procedure or clicked menu item or button, you calculate the OTHER part of the serial and check to see if it exists. if it doesnt, the you can set a registry key with the encrypted date, and 10 days later from that set date, you reset the app to trial mode by deleting registry keys or INI files with the registration data. BAM, trial mode all over again.

NO group is going to test the app for 10 days to see if their crack still works.

The KEY here is to use the second or third, fourth ect calculations in UNEXPECTED places, such as the clicking of a "preferences" menu, or the "help" menu, or a tab item. and use LOTS of them.

you can actually use a serial that is hundreds of characters long, with tons and tons of encrypted information in it such as the user name, email, date purchased, country. so if anyone shares the serial, you have their entire life history right there. ONLY you would know how to decrypt the serial.

you can also tack on the CRC32 or MD5 file hash of that particular version of the EXE, so if a group tries to patch it, it will never add up, and no serial will ever be accepted.

[Pantcho!!]

good stuff!

[Paul]

Use UnFSG2.exe to unpack your Application.exe
It will save the original unpacked file as "unpacked.exe"

Now run this little PB code to modify a single byte in your program...

Code: Select all

If OpenFile(0,"unpacked.exe")
  FileSeek(0,$a0d2)
  WriteByte(0,$85)
  CloseFile(0)
EndIf

You can now run "unpacked.exe" and use "Save Meter Image" without a watermark

[localmotion34]

Good job paul. The old $84 to $85 jump patch.

HOWEVER, this was just a simple example to demonstrate the use of MULTIPLE serials, and i didnt include a CRC32 check. hence the title SIMPLE--lol. Unpacking the EXE most definitely changes the MD5 or CRC32 of the file itself. UnFSG (or quick unpack, PEID ect) also leaves a characteristic signature in the EXE that comes from the realign.dll or realign.lib written by Yoda. there is a nastly little bug that puts an extra byte at the end of the IAT that is known to crash apps if the last IAT entry is createmutexA. One can use a DLL to read the EXE and search for that particular pattern.

the way i did it was to patch the MEMORY using an inline patcher. its much cleaner using a loader.

im working on a version of this with anti-debug, and anti-unpacker tricks, and lots more serial checking. but i think people can get the idea about using many, many parts of a serial in many places along with standard anti-cracking tricks.

maybe ill use ASprotect 2.3 SKE, which has no unpacker as of yet. Armadillo is too easy, aspack is a joke, and themidia is all but wasted.

[ricardo]

thats the thing: the FIRST part of the serial is simply the MD5 hash of the name and email added together. that ALWAYS comes out to 64 characters.

the SECOND part is the RC4 encryption of the name with email as the key plus the RC4 encryption of the email with name as a key. thats ALWAYS VARIABLE in length.

if you hide the secondary checks well enough, most groups will not think to ever find them.

I do something VERY similar in one app of mine.
Just make it shorter, using only some part of the MD5 per example (first 6 cahts per example) and so on.

Iit can be cracked, but i hope it takes much labour and time so if i release a new version often, it will be no so fun for them to make a new patch/key-gen, etc.

[kinglestat]

very clever and very nice localmotion34
very clever indeed. Took me a couple of hours to understand *blush*

cheers

KingLestat

[thanos]

So the debate about software protection and cracks continues to rage. Well, i put together a little EXAMPLE, not foolproof, but definitely showing what can be done.

It uses a multi-part serial inside a packed EXE. The serial is verified at startup, or the registration dialog, but OTHER checking is done when you want to save the image of my meter control.

I threw this together from the "Meter Control" example i posted before, just to show people that you can use multipart serials an image watermarking successfully. there are some comments, and a PDF, test app, and the PROPER keygen, as well as one like FFF or SND would make.

http://www.penguinbyte.com/apps/pbwebst ... ection.zip


I know Thefool is probably going to crack it shortly, but there are only 2 checks, and not 15-20. I can make one with 15-20, and i guarantee no one here would crack it for quite a while.

And by then, i would have UPDATED the app and modified the serial routine, which would make patches and keygens useless.

Excellent code! Thank you for sharing this!
I had used a similar solution in my one old dos application at the middle of 90's (programmed in Clipper), with 10 part serial key, and i really had a very good protection system.
I think that is necessary to combine the user name, user e-mail with something unique of the user's computer (like his disk serial number, cpu serial number or both etc.) to make the algorithm and the generated key more private to the user.
What thing can be unique? Can the system produce a unique GUID which is remain unchanged even the user change the hard disk or his cpu?
Otherwise, the unfair user could share its data (user name, email and registration key) to anyone and everybody can register the application with the stolen key.
And which is the best way to store the registration data? Into an encrypted file into the directory of windows (eg. C:\Windows or C:\Windows\system32) and store the same data into a key in the system registry?
And in case for the time limited demos how can store and hide the information of first installation of the program or for its expiry date or its countdown etc.?
I would like to see your opinion because i have read many posts of you and you are very well informed about software protection and anti piracy techniques.
Regards.

Thanos

[Rook Zimbabwe]

Can the system produce a unique GUID which is remain unchanged even the user change the hard disk or his cpu?

There is a BIOS GUID... I have no idea how to see it, but I learned about it here on this board because someone wanted to change it.

search for BIOS GUID and ther emay be more info!

[SFSxOI]

The BIOS GUID would be good to use.

Or you could also hash a combination of hardware items that don't change in a computer very frequently like a combination of motherboard serial number and processor serial number. This would actually tie the product to a specific computer instead of a specific person.

If your really serious and have the resources to do so, you could have your app report to an authentication server of some type and send the hash. If the hash is still the same the program operation continues, if its changed the program operation is stopped. This would ensure that it is still the same computer, and by inference it would be assumed its still the same person who licensened (purchased) the software.

If the person changes computers a small fee could be charged to license to another computer. Or you could sell the product license in various tiers like tier 1 would get a license to a single computer with a small fee for computer changes, tier 2 would have a main computer use license with flexability to change to an additional computer, etc.....

Just some ideas.

[ts-soft]

Not all motherboards have a serial-number and most of cpu haven't a serial-number.

[SFSxOI]

True, not all mother boards have a serial number, but all motherboards have some sort of identifying information returned in their information. You could even hash the mother board type/chipset type/ along with the persons IP subnet.

[thanos]

@Rook Zimbabwe
Thanks for the post.
I searched the forums and i found the following topic: http://www.purebasic.fr/english/viewtop ... =bios+guid which is enlightening, but i go on to find a solution to take the GUID from PureBasic without calling external scripts.
And of course the solution has to support also the older os like W95,W98,Me etc.
Any idea is welcome.
Regards.

Thanos