Hi,
Can I check online for blocked licenses?
I ask, because there is a scenario where a user could create endless licenses with only one activation code with activation count set to 1 and hardware id to URL.
After this user activates, he looks for the returned serial number (offline activation,or file or registry). Then the user deactivates the serial number, and activates again on other hardware.
Then the user still can restore the first serial number on the original hardware, so now he has two copies of the app running, which is not the intend of the vendor....
How can I prevent such a scenario? Check online for blocked licenses would be a solution as when the first computer comes online, the first serial number could be proven blocked.
Check blocked licenses to prevent endless license creation
Re: Check blocked licenses to prevent endless license creati
Are you a registered user of VMProtect?
Re: Check blocked licenses to prevent endless license creati
The company I work for is.
Re: Check blocked licenses to prevent endless license creati
Never mind, wrote it myself in the meantime.....
Re: Check blocked licenses to prevent endless license creati
I see two ways for it:
1. Don't store the activated serial number on users's computer. In this case your software will be activate each time at start.
2. Use the black list (all deactivated licenses) for protection of next version of software. In this case the next version will know about deactivated licenses and all these licenses will be invalid.
Anyway your software cannot check deactivated licenses online.
1. Don't store the activated serial number on users's computer. In this case your software will be activate each time at start.
2. Use the black list (all deactivated licenses) for protection of next version of software. In this case the next version will know about deactivated licenses and all these licenses will be invalid.
Anyway your software cannot check deactivated licenses online.
Re: Check blocked licenses to prevent endless license creati
That's why I wrote it my self.
I took the 'deactivation.php' method as an example. Added a new 'is_license_blocked.php' file, added a new function 'IsLicenseBlocked($snhash)' to 'activation.inc.php'.
Then from c++, I create the hash of the serialnumber, and use the WinHttpOpen(), etc functions to get the resonse from 'http://server/is_license_blocked.php?hash=xxx'
This works.... But of course only in a online situation.
I took the 'deactivation.php' method as an example. Added a new 'is_license_blocked.php' file, added a new function 'IsLicenseBlocked($snhash)' to 'activation.inc.php'.
Then from c++, I create the hash of the serialnumber, and use the WinHttpOpen(), etc functions to get the resonse from 'http://server/is_license_blocked.php?hash=xxx'
This works.... But of course only in a online situation.
Re: Check blocked licenses to prevent endless license creati
Do you really think that your method will work against bad guys? 
)
For example:
1. I can turn on the firewall immediately after deactivation, so your any request to "is_license_blocked.php" will get a connection error.
2. I can change your activation server to own (add new line into "hosts") that will always send a correct result to your programm.
)For example:
1. I can turn on the firewall immediately after deactivation, so your any request to "is_license_blocked.php" will get a connection error.
2. I can change your activation server to own (add new line into "hosts") that will always send a correct result to your programm.
Re: Check blocked licenses to prevent endless license creati
Yes you are right.
In an offline scenario, if the user has a valid but blocked serial number, and the exe is not updated, he can always use the exe. Even if there is an expire date in the license, the user can simply set the system clock back. VMProtect does not detect system clock tampering.
So if one wants to use the exe, with a blocked or invalid license there are always ways to circumvent VMProtect....
In an offline scenario, if the user has a valid but blocked serial number, and the exe is not updated, he can always use the exe. Even if there is an expire date in the license, the user can simply set the system clock back. VMProtect does not detect system clock tampering.
So if one wants to use the exe, with a blocked or invalid license there are always ways to circumvent VMProtect....
Re: Check blocked licenses to prevent endless license creati
I want to tell you more:
Any software protection (exclude protection with dongles) can never detect system clock tampering on user's computer without internet connection as well as to determine that user uses blocked license. If you don't want to give the user this "feature" - your software should require internet connection each time at the start. No other ways to solve your problem.
Any software protection (exclude protection with dongles) can never detect system clock tampering on user's computer without internet connection as well as to determine that user uses blocked license. If you don't want to give the user this "feature" - your software should require internet connection each time at the start. No other ways to solve your problem.