Announcement

Collapse

Forum Guidelines

This forum is for finished source code that is working properly. If you have questions about this or any other source code, please post it in one of the Discussion Forums, not here.
See more
See less

For shareware - check if registered username is legal

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • For shareware - check if registered username is legal

    A simple function suitable for shareware applications to check if a registered username is "legal". For example, if a username contains the string "cracked by", or ends with " krew", or matches the name of a known cracker group then it returns 0 (illegal name). It returns 1 if the name is legal.

    Just a couple notes ...
    - Only the 32bit CRC of cracking groups names are stored, not the name itself. This makes it very hard for the cracker to work out which groups are on the blacklist due to the one-way nature of hashes.

    - It 'normalizes' the text before checking it so that it doesn't matter if for example "kr3w", "KrEw", or "krêw" is used because they all become "KREW" before any checks on it are made.

    - It also checks against common generic names that shouldn't ever be used for keynames, like "Administrator", "Admin", "Registered User" etc

    - The words "crew", "krew" and "team" are ignored when making comparisons, so for example "Deviance", "Team Deviance" and "Deviance Crew" are all seen simply as "Deviance" when checks are made.

    - I often like to break up sensitive strings into individual characters. For example, instead of this:
    > strKey = "key"
    I'll use this:
    > strKey = "k"&"e"&"y"
    The end result is that the string is dynamically built at runtime by code rather than being referenced as a standard string, so you won't even find the string "key" in the executable like you normally would. This is obviously obscurity and provides no real security, but such tricks can often SLOW the progress of crackers down, and if you can slow down and frustrate a cracker enough he/she may move on.

    Code:
    #COMPILE EXE
    
    FUNCTION calcCRC32(BYVAL dwOffset AS DWORD, BYVAL dwLen AS DWORD) AS DWORD
    #REGISTER NONE
     ! mov esi, dwOffset  ;esi = ptr to buffer
     ! mov edi, dwLen     ;edi = length of buffer
     ! mov ecx, -1        ;ecx = -1
     ! mov edx, ecx       ;edx = -1
     nextbyte:           ';next byte from butter
     ! xor eax, eax       ;eax = 0
     ! xor ebx, ebx       ;ebx = 0
     ! lodsb              ;get next byte
     ! xor al, cl         ;xor al with cl
     ! mov cl, ch         ;cl = ch
     ! mov ch, dl         ;ch = dl
     ! mov dl, dh         ;dl = dh
     ! mov dh, 8          ;dh = 8
     nextbit:            ';next bit in the byte
     ! shr bx, 1          ;shift bits in bx right by 1
     ! rcr ax, 1          ;(rotate through carry) bits in ax by 1
     ! jnc nocarry        ;jump to nocarry if carry flag not set
     ! xor ax, &h08320    ;xor ax with 33568
     ! xor bx, &h0EDB8    ;xor bx with 60856
     nocarry:            ';if carry flag wasn't set
     ! dec dh             ;dh = dh - 1
     ! jnz nextbit        ;if dh isnt zero, jump to nextbit
     ! xor ecx, eax       ;xor ecx with eax
     ! xor edx, ebx       ;xor edx with ebx
     ! dec edi            ;finished with that byte, decrement counter
     ! jnz nextbyte       ;if edi counter isnt at 0, jump to nextbyte
     ! not edx            ;invert edx bits - 1s complement
     ! not ecx            ;invert ecx bits - 1s complement
     ! mov eax, edx       ;mov edx into eax
     ! rol eax, 16        ;rotate bits in eax left by 16 places
     ! mov ax, cx         ;mov cx into ax
     ! mov FUNCTION, eax  ;crc32 result is in eax
    END FUNCTION
    
    
    SUB UCaseEx(BYVAL bPtr AS BYTE PTR, BYVAL dwLen AS DWORD)
    LOCAL i AS LONG
    FOR i = 1 TO dwLen
        SELECT CASE @bPtr
            CASE 97 TO 122, 224 TO 254: @bPtr = @bPtr - 32
        END SELECT
        INCR bPtr
    NEXT i
    END SUB
    
    
    FUNCTION IsNameLegal (sName AS STRING) AS DWORD
    LOCAL bLen AS BYTE, dwCRC AS DWORD, bPtr AS BYTE PTR, dwPtr AS DWORD PTR, sTestName AS STRING, i AS DWORD, sTmp AS STRING
    sTestName = sName
    FOR i = 1 TO 10: REPLACE "  " WITH " " IN sTestName: NEXT
    REPLACE "0" WITH "O" IN sTestName
    REPLACE "1" WITH "I" IN sTestName
    REPLACE "3" WITH "E" IN sTestName
    bPtr = STRPTR(sTestName)
    FOR i = 1 TO LEN(sTestName)
       SELECT CASE @bPtr
         CASE 192 TO 197, 224 TO 229: @bPtr = 65 '("A")
         CASE 199, 231: @bPtr = 67 '("C")
         CASE 200 TO 203, 232 TO 235: @bPtr = 69 '("E")
         CASE 204 TO 207, 236 TO 239: @bPtr = 73 '("I")
         CASE 208, 240: @bPtr = 68 '("D")
         CASE 209, 241: @bPtr = 78 '("N")
         CASE 210 TO 214, 216, 242 TO 246, 248: @bPtr = 79 '("O")
         CASE 217 TO 220, 249 TO 252: @bPtr = 85 '("U")
       END SELECT
       INCR bPtr
    NEXT i
    sTmp = sTestName
    sTestName = ""
    bPtr = STRPTR(sTmp)
    FOR i = 1 TO LEN(sTmp)
        SELECT CASE @bPtr
            CASE 32, 48 TO 57, 65 TO 90, 97 TO 122: sTestName = sTestName & CHR$(@bPtr)
        END SELECT
        INCR bPtr
    NEXT i
    
    UCaseEx(BYVAL STRPTR(sTestName), BYVAL LEN(sTestName))
    sTestName = TRIM$(sTestName)
    
    IF INSTR(1, sTestName, "C"& LEFT$("X",0)&"R"& LEFT$("Z",0)& "A"&"C"&"K"&"E"&"D") > 0 OR _
       INSTR(1, sTestName, "C"&"R"&"A"&"C"&"K"&"E"&"R"&"S") > 0 OR _
       INSTR(1, sTestName, "C"&"R"&"A"&"C"&"K"&"I"&"N"&"G") > 0 OR _
       INSTR(1, sTestName, "W"&"A"&"R"&"E"&"Z") > 0 OR _
       INSTR(1, sTestName, " "&"K"&"R"&"E"&"W") > 0 OR _
       INSTR(1, sTestName, "H"&"A"&"X"&"O"&"R"&"E"&"D") > 0 OR _
       INSTR(1, sTestName, "B"&"Y"&" "&"T"&"E"&"A"&"M") > 0 THEN EXIT FUNCTION
    
    SELECT CASE LEFT$(sTestName, 5)
        CASE "T"&"E"&"A"&"M ", "C"&"R"&"E"&"W ": sTestName = RIGHT$(sTestName, LEN(sTestName) - 5)
    END SELECT
    SELECT CASE RIGHT$(sTestName, 5)
        CASE " "&"T"&"E"&"A"&"M", " "&"C"&"R"&"E"&"W", " "&"K"&"R"&"E"&"W": sTestName = LEFT$(sTestName, LEN(sTestName) - 5)
    END SELECT
    IF LEFT$(sTestName,12) = "L"&"I"&"C"&"E"&"N"&"S"&"E"&"D"&" "&"T"&"O"&" " THEN sTestName = RIGHT$(sTestName, LEN(sTestName) - 12)
    IF LEFT$(sTestName,14) = "R"&"E"&"G"&"I"&"S"&"T"&"E"&"R"&"E"&"D"&" "&"T"&"O"&" " THEN sTestName = RIGHT$(sTestName, LEN(sTestName) - 14)
    
    bLen = LEN(sTestName)
    dwCRC = calcCRC32(BYVAL STRPTR(sTestName), BYVAL bLen)
    bPtr = CODEPTR(IllegalNames)
    dwPtr = bPtr + 1
    DO
        IF @bPtr = 0 THEN EXIT DO
        IF @bPtr = bLen THEN
            IF @dwPtr = dwCRC THEN EXIT FUNCTION
        END IF
        dwPtr = dwPtr + 5
        bPtr = bPtr + 5
    LOOP
    
    FUNCTION = 1
    EXIT FUNCTION
    IllegalNames:
    ! db &h07        ;Length of name. (Both the length and CRC are used to help prevent any collisions)
    ! dd &hF70C7805  ;GOBBLES
    ! db &hE
    ! dd &h1C28628A  ;THE BITTER END
    ! db &hA
    ! dd &hD96C3A4C  ;BITTER END
    ! db &h04
    ! dd &h5301C46F  ;ICON
    ! db &h06
    ! dd &h41EC29E1  ;WOOWOO
    ! db &h04
    ! dd &h648F5A54  ;TESO
    ! db &h05
    ! dd &hA04C746E  ;LOPHT
    ! db &h0E
    ! dd &hC9830ACD  ;LEGION OF DOOM
    ! db &h08
    ! dd &h51B4A68C  ;VIRILITY
    ! db &h07
    ! dd &hA15716B9  ;PHROZEN
    ! db &h08
    ! dd &h2DCC803D  ;REG USER
    ! db &h0F
    ! dd &h523E23EF  ;REGISTERED USER
    ! db &h0D
    ! dd &hA630A548  ;LICENSED USER
    ! db &h09
    ! dd &hDC4651B5  ;THE OWNER
    ! db &h05
    ! dd &h7F5ACFC6  ;ADMIN
    ! db &h0D
    ! dd &h7E9304B4  ;ADMINISTRATOR
    ! db &h03
    ! dd &hE895935F  ;SSG
    ! db &h04
    ! dd &h5D1868FB  ;CORE
    ! db &h05
    ! dd &h64F5994C  ;AGAIN
    ! db &h03
    ! dd &hD1DDCD2A  ;UCF
    ! db &h07
    ! dd &h02983959  ;UCF2OOO
    ! db &h15
    ! dd &h308DC423  ;UNITED CRACKING FORCE
    ! db &h04
    ! dd &hFB5B2174  ;TSRH
    ! db &h03
    ! dd &h399BBA05  ;TMG
    ! db &h06
    ! dd &hF7019DBC  ;XFORCE
    ! db &h03
    ! dd &h405FD6E0  ;ICU
    ! db &h03
    ! dd &h07962C0A  ;ZWT
    ! db &hE
    ! dd &h09C2F57E  ;SEEK N DESTROY
    ! db &h03
    ! dd &h8EF0AEF9  ;SND
    ! db &h03
    ! dd &hB2CA2446  ;FFF
    ! db &h04
    ! dd &hA559FCE6  ;FHCF
    ! db &h07
    ! dd &hAEA0E24C  ;REVENGE
    ! db &h04
    ! dd &h3351578A  ;ACME
    ! db &h08
    ! dd &h5AA38F83  ;DIGERATI
    ! db &h03
    ! dd &h08359331  ;DVT
    ! db &h07
    ! dd &h8210CAA5  ;ECLIPSE
    ! db &h03
    ! dd &h62FD40DE  ;ROR
    ! db &h04
    ! dd &h485E48F8  ;HAZE
    ! db &h08
    ! dd &h1175DCF4  ;HERITAGE
    ! db &h03
    ! dd &hE939E204  ;WKT
    ! db &h03
    ! dd &h20F64469  ;LZO
    ! db &h07
    ! dd &hD967D848  ;TEAMLIB
    ! db &h03
    ! dd &h500DC7E6  ;TBE
    ! db &h04
    ! dd &h7A6BE5A3  ;FOSI
    ! db &h05
    ! dd &h228A75D5  ;FOSSI
    ! db &h03
    ! dd &h80000CF5  ;TWK
    ! db &h04
    ! dd &h28F8BD25  ;MP2K
    ! db &h03
    ! dd &h9608A818  ;TNT
    ! db &h07
    ! dd &hD7141E3C  ;EMBRACE
    ! db &h03
    ! dd &h97F06DA4  ;ARN
    ! db &h07
    ! dd &h32372338  ;EQUINOX
    ! db &h04
    ! dd &h90D9AA5E  ;DAMN
    ! db &h03
    ! dd &h0C747D90  ;EAT
    ! db &h03
    ! dd &h0E32C3C9  ;FAT
    ! db &h03
    ! dd &hADFD6FC1  ;CIA
    ! db &h03
    ! dd &h8E822A4D  ;DOD
    ! db &h02
    ! dd &h4003B888  ;AG
    ! db &h03
    ! dd &h80000CF5  ;TWK
    ! db &h04
    ! dd &hA82B15F2  ;RISE
    ! db &h0A
    ! dd &h80A28FA4  ;TERMINATOR
    ! db &h02
    ! dd &h02B896A8  ;ME
    ! db &h05
    ! dd &hE44B76BE  ;ORION
    ! db &h03
    ! dd &h8A247CC1  ;EVC
    ! db &h04
    ! dd &h38F86873  ;ETHO
    ! db &h07
    ! dd &h7E04E3E3  ;PARADOX
    ! db &h07
    ! dd &hA2FF0D78  ;SEMTHEX
    ! db &h03
    ! dd &h38C69B02  ;CZW
    ! db &h04
    ! dd &h8FB55D44  ;F4CG
    ! db &h04
    ! dd &h485E48F8  ;HAZE
    ! db &h06
    ! dd &h2F1AE200  ;SCOTCH
    ! db &h06
    ! dd &h69E59FB5  ;HYBRID
    ! db &h03
    ! dd &hBB9CBD84  ;FLT
    ! db &h0C
    ! dd &h58422AA7  ;RESURRECTION
    ! db &h03
    ! dd &h16440BAD  ;DSI
    ! db &h03
    ! dd &h9056566A  ;FAS
    ! db &h09
    ! dd &h640F5C5C  ;FAIRLIGHT
    ! db &h06
    ! dd &hB9787DDD  ;FALLEN
    ! db &h03
    ! dd &h9A2FC34D  ;HOT
    ! db &h03
    ! dd &h5ED12210  ;TFT
    ! db &h08
    ! dd &h107D79B5  ;INFECTED
    ! db &h03
    ! dd &hB2CA2446  ;FFF
    ! db &h07
    ! dd &hD7141E3C  ;EMBRACE
    ! db &h0A
    ! dd &hDF435ED6  ;AGGRESSION
    ! db &h09
    ! dd &h55A48C8F  ;TELOPHASE
    ! db &h08
    ! dd &h78FC49A4  ;ORTHODOX
    ! db &h07
    ! dd &hD3D11D92  ;NOROUZI
    ! db &h08
    ! dd &h03137C35  ;DEVOTION
    ! db &h0B
    ! dd &h517CA44F  ;PHILBUSTIER
    ! db &h04
    ! dd &h529B8A93  ;KOMA
    ! db &h08
    ! dd &h83EEA558  ;RAZOR9II
    ! db &h09
    ! dd &h87FFE916  ;RAZORI9II
    ! db &h0A
    ! dd &h82BD81F1  ;RAZOR I9II
    ! db &h08
    ! dd &hD5BCAE39  ;DEVIANCE
    ! db &h03
    ! dd &h2AC7FA71  ;AIR
    ! db &h0D
    ! dd &h30FD0022  ;ROGUEWARRIORZ
    ! db &h05
    ! dd &h5FF1F172  ;TPORT
    ! db &h06
    ! dd &hFE35CE2A  ;MIRAGE
    ! db &h04
    ! dd &h4148B0C7  ;RISC
    ! db &h00        ;Terminator.
    END FUNCTION
    
    
    FUNCTION PBMAIN() AS LONG
    LOCAL sName AS STRING
    
    '// Examples ...
    sName = "Joe Bloggs"              '// valid
    'sName = "h4x0r kr3w"              '// illegal
    'sName = "Razor 1911"              '// illegal
    'sName = "Some Company Pty. Ltd."  '// valid
    
    IF IsNameLegal(sName) = 1 THEN
        STDOUT "Yes, legal name"
    ELSE
        STDOUT "ILLEGAL!"
    END IF
    WAITKEY$
        
    END FUNCTION
    Last edited by Wayne Diamond; 24 Jun 2008, 12:44 AM.
    -
Working...
X