1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Software licensing by hardware footprints

Discussion in 'Black Hat SEO Tools' started by xrfanatic, Nov 24, 2012.

  1. xrfanatic

    xrfanatic Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 28, 2010
    Messages:
    368
    Likes Received:
    166
    Location:
    http://bit.ly/slb64
    Home Page:
    Hi guys and gals,

    Do you know any good solution to authorize the software by hardware ID ? I'm looking for solution to authorize the software with IDs for eventual future customers of my software I'm thinking about developing. I would like to authorize users by hardware footprints + serial number . Do you have any experience on that field ? Has anybody had opportunity to work with Themida protection ? Can you tell anything about this solution ?

    Thanks
     
  2. Scritty

    Scritty Elite Member Premium Member

    Joined:
    May 1, 2010
    Messages:
    2,807
    Likes Received:
    4,496
    Occupation:
    Affiliate Marketer
    Location:
    UK
    Home Page:
    There are a couple of solutions out there.

    A company called Intsol does some software.
    However it requires that the user install an application that runs in their task tray, and whoever they sell this solution to needs a US govt license to use it. There's a SHIT load of paperwork required (data privacy issues etc)

    There may be some other solitions, but all the ones my old company looked at required some quite intense form filling in, updates, cost and the authorities interrogating you and what you did with the data you collected. In the end we gave up and used a call home (server based) solution on software startup.

    Scritty
     
    • Thanks Thanks x 1
  3. blackguy81

    blackguy81 Power Member

    Joined:
    Jan 7, 2009
    Messages:
    755
    Likes Received:
    142
    Looking for exact similar solution - if anybody has a better/cheaper/easier way than Scritty mentioned above - please update here !
     
  4. qrazy

    qrazy Senior Member

    Joined:
    Mar 19, 2012
    Messages:
    1,111
    Likes Received:
    1,712
    Location:
    Banana Republic
    • Thanks Thanks x 3
  5. blackguy81

    blackguy81 Power Member

    Joined:
    Jan 7, 2009
    Messages:
    755
    Likes Received:
    142
    Thanks for your links bro, checking those now :) +rep given !
     
  6. qrazy

    qrazy Senior Member

    Joined:
    Mar 19, 2012
    Messages:
    1,111
    Likes Received:
    1,712
    Location:
    Banana Republic
    One simple way is to get the user's hardware ID(HDD no, BIOS no, CPU id, etc) + user's email and encrypt them, send it to you and you'll have the serial key generator which'll generate appropriate keys to unlock the software. This method is simple and validates the key only once during the product registration. Other way is bit advanced which uses the above mentioned mechanism to generate keys and give the user + it also validates the key against the server everytime when the software is started.

    But again if someone wants to crack it by decompiling the source and patch it, none of the methods are very effective. These methods are only helpful to avoid casual copying or sharing of files between computers.

     
  7. StevenJones

    StevenJones Junior Member

    Joined:
    Mar 15, 2011
    Messages:
    148
    Likes Received:
    130
    Occupation:
    From pathetic school dropout to Succesful & Awesom
    Location:
    The Mountain Of Gold
    Home Page:
    Some recommendations for UBot developers concerning Hardware Licensing?

    Do not get me wrong though, the list shared is something I will forward to my programmers team.
    As simple obfuscating and license verification doesn't do the trick any more.

    The UBot thing is soley for me as I want to have another challenge in my IM carreer. Looking forward to a
    reply.
     
  8. ampedsoftware

    ampedsoftware Newbie

    Joined:
    Dec 25, 2012
    Messages:
    26
    Likes Received:
    12
    Just use a good EXE protection mechanism that gives reverse engineers headaches - the good solutions come with hardware based licensing like Strongbit EXECryptor (Google it) <- I've had the pleasure of trying to reverse engineer that myself, has some very nasty anti-debugging and anti-dumping features and can obfuscate the machine code for you in critical sections (however a skilled reverse engineer can get the original machine code back). No protection is 100% bulletproof, but if you provide the reverse engineer with enough headaches it won't be worth their time.

    This post is assuming you are protecting Win32 software. For other platforms you'll need other protection mechanisms, and some platforms are much harder to secure your app on than others.

    Edit: Themida is also good, but has a much higher performance impact IMO
     
    • Thanks Thanks x 1