See my License Generator post going up right now.
Time limitation is too old, go with license limitation....
PS - Wayne good to see ya!!
-
A lot of early methods like this had flaws with signed and unsigned too and did only a > or a < test and not <> and when the number went too high or negative then it turned it into a 4 Billion day eval. PESX had this issue then he released it as Freeware. Some apps use access dates of system files and other methods to check if a date was cracked. Checking for the key being deleted is good too. Then you have things like making their life difficult where you can uninstall/remove your app if cracking is detected, or even delaying it until something important like they have just worked 4 hours on a project/file using what you developed and you could "accidently" close the app on them without saving if cracking was detected earlier, etc.Leave a comment:
-
btw just to clarify - obviously nothing is uncrackable, but if you simply use a static key location then its easy for a cracker to write and distribute a program (or even .reg file) to attack that key, whereas if its dynamic then its a lot harder - the cracker has to debug your program to try and figure out how youre calculating the dynamic names.
Any more questions/comments etc please post to the Programming subforum instead, cheers!Leave a comment:
-
I used Wise installer to capture product setup and build a master installer. The capture program takes a snapshot of the registry and directories before install and then after install. Any changes are added to the installation being build.Originally posted by Wayne Diamond View Post
SysInternal's RegMon watches the registry for read/write of keys and I am sure there are other products. I've used this product for debugging purposes. As well as checking for spyware. Is a product looking at registry keys it shouldn't. Anyway, I am off topic. I believe it would be very easy to find the dynamic key name and delete it.
One solution would be to encrypt the data in the key. The user would not be able to create a valid key even knowing the key location/name.
Also, if the username is used as part of the key name, change the username and the demo starts over again. This is good if the system has multiple users and you want to provde each user a demo period; not good if one just changes their username.Leave a comment:
-
Time-limited evaluation period made easy
A simple example of how to create a time-limited evaluation program (for example 15 days). It is not affected by leap years, the number of days in a month or any other tripe.
It works simply by converting the current date to a Julian date (ie. 06-10-2008 to 2454628), adds %NumDays (ie. 15) to that to become 2454643, and stores that in the registry. Whenever the program is run it checks to see if the current Julian date is greater than the registry stored one, and if it is you know the program has expired.
A quick note on cracking ...Code:#COMPILE EXE #INCLUDE "win32api.inc" '// Config ... $sKEY = "Software\Test\30 Day Limit Test" $sVAL = "ExpDate" %hKEY = %HKEY_LOCAL_MACHINE %NumDays = 15 FUNCTION reg32CreateKey(BYVAL Hive AS LONG, szKey AS ASCIIZ) AS LONG LOCAL hKey AS LONG, Result AS LONG IF RegCreateKeyEx(BYVAL Hive, szKey, BYVAL 0, "", %REG_OPTION_NON_VOLATILE, _ %KEY_ALL_ACCESS, BYVAL %NULL, hKey, Result) = %ERROR_SUCCESS THEN FUNCTION = 1 END FUNCTION FUNCTION reg32SetValueDword(BYVAL Hive AS LONG, szKey AS ASCIIZ, szValue AS ASCIIZ, BYVAL dwData AS DWORD) AS LONG DIM lRet AS LONG, hKey AS LONG lRet = RegOpenKeyEx(Hive, szKey , 0&, %KEY_ALL_ACCESS, hKey) IF lRet = %ERROR_FILE_NOT_FOUND THEN lRet = reg32CreateKey(BYVAL Hive, szKey) IF lRet = 0 THEN EXIT FUNCTION CALL RegOpenKeyEx(Hive, szKey, 0&, %KEY_ALL_ACCESS, hKey) IF hKey = 0 THEN EXIT FUNCTION END IF lRet = RegSetValueEx(hKey, szValue, 0&, %REG_DWORD, dwData, BYVAL 4) RegCloseKey hKey: IF lRet = 0 THEN FUNCTION = 1 END FUNCTION FUNCTION reg32GetValueDword(BYVAL Hive AS LONG, szKey AS ASCIIZ, szValue AS ASCIIZ) AS DWORD ON ERROR RESUME NEXT LOCAL dwBuf AS DWORD, hKey AS LONG IF RegOpenKeyEx(Hive, szKey, 0&, %KEY_ALL_ACCESS, hKey) = %ERROR_SUCCESS THEN CALL RegQueryValueEx(BYVAL hKey, szValue, BYVAL 0, %REG_DWORD, BYVAL VARPTR(dwBuf), 4) RegCloseKey hKey FUNCTION = dwBuf END IF END FUNCTION FUNCTION Date2Julian(MM_DD_YYYY AS STRING) AS LONG '// by Mike Doty DIM Month&,Day&,Year& Month = VAL(LEFT$(MM_DD_YYYY$,2)) Day = VAL(MID$(MM_DD_YYYY$,4,2)) Year = VAL (RIGHT$(MM_DD_YYYY$,4)) LOCAL k AS LONG, Julian AS LONG k = INT((14 - Month) / 12) Julian = Day + INT(367 * (Month + (k * 12) - 2) / 12) _ + INT(1461 * (Year + 4800 - k) / 4) - 32113 Julian = Julian - (INT(3 * INT((Year + 100 - k) / 100) / 4) - 2) 'Convert to Gregorian Date2Julian = Julian END FUNCTION '################################################################################################################ FUNCTION PBMAIN() AS LONG LOCAL dwCurDay AS LONG, dwDays AS LONG, dwDaysLeft AS LONG dwCurDay = Date2Julian(DATE$) dwDays = reg32GetValueDword(BYVAL %hKEY, $sKEY, $sVAL) IF dwDays = 0 THEN '// NEW INSTALLATION dwDays = dwCurDay + %NumDays reg32SetValueDword(BYVAL %hKEY, $sKEY, $sVAL, BYVAL dwDays) STDOUT "Installed" ELSE '// ALREADY BEEN INSTALLED dwDaysLeft = dwDays - dwCurDay IF dwDaysLeft > %NumDays THEN STDOUT "Cracker warning, number of days left is greater than the evaluation period" ELSEIF dwDaysLeft =< 0 THEN STDOUT "EXPIRED" ELSE STDOUT "Days left = " & STR$(dwDaysLeft) END IF END IF WAITKEY$ END FUNCTION
I kept this example as minimal as possible - it obviously provides very little security against crackers. A cracker could simply release a program (or .reg file) to delete the HKLM\Software\Test\30 Day Limit Test\ExpDate key, resetting the evaluation back to day 1.
The reason it's so easy is obviously because my example uses a static key. To make that harder for them you could use hashes of things that are at least somewhat unique to their machine, so as to create a dynamic key name. For example, the Windows directory location, or their username, or hardware 'signatures' such as their CPU ID.
Leave a comment: