Jump to content

Recommended Posts

Posted

Dear computer geniuses /programmers,

 

Over the past few years I have written some programs in my current job that I would like to try selling online through a company and website I created http://www.dtmstech.com. The first program I’m going to try to sell is called DTMS Issue Control. It’s basically a simple helpdesk application. I’m offering the program as a 30-day free trial, and am selling license keys to activate the software on a per-installation basis.

 

The reason I’m coming here to you guys, is because I’m not completely confident the licensing system I have created is completely “hack proof” (or even slightly hack proof for that matter!). I’m looking for somebody actually bored enough to download and try to “hack” my registration process to see if there are any obvious bugs in my code or the process. The program can be downloaded here: http://www.dtmstech.com/downloadIC/SetupIC.exe.

 

Here is a license key that can be used for testing:

 

Customer ID: TestMe

License key: 100301611

 

This key initially only good for 10 installations, but will reset itself to 0 every 15 min. Thanks all!

Posted
The reason I’m coming here to you guys, is because I’m not completely confident the licensing system I have created is completely “hack proof” (or even slightly hack proof for that matter!). I’m looking for somebody actually bored enough to download and try to “hack” my registration process...

 

Let me just say don't even try. There is no system for registration that is hack proof and even if there were there is still brute key generation.

 

Cheers,

 

Ryan Jones

Posted

Rather than actually trying to do this, which may prove time consuming, why don't we talk about it from a theoretical viewpoint?

 

When I type in an ID/license key how does the program know that it is valid or not?

 

Is it stored in the program? If so then you can retrieve it.

 

Does the ID and/or license key follow some sort of combination, the 3rd character of the ID is the 1st and 5th character of the license key or something? If so that data can be retrieved.

 

Or are all registrations accepted by the program but then sent back to a web based "registration checker" which accepts/rejects it?

 

And I totaly agree with RyanJ... it will never be totaly hack proof.

Posted

And I totaly agree with RyanJ... it will never be totaly hack proof.

 

Its an unfortunate fact :-(

 

Most programs actually use a cross sequence algorithm that checks the product of all the values multipled by xxx and must be in a certain range or must be between two values or must contain one character at the end. This does vary but its normally some rediculously long and complex algorithm that in the end is useless.

 

Its impossible to make it fool proof for the number of reasons the biggest being people can write a progm to brute force test the keys and when it finds a set of correst ones it can then derive the algorithm used.

 

The best idea is to make test feature where the features are simply not there.

 

Cheers,

 

Ryan Jones

Posted

Im sorry but if you don't want it hacked don't put it on trial thats all i can say - because everything ends up being hacked by someone in the end

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.