Welcome To The Home Of The Visual FoxPro Experts  
home. signup. forum. archives. search. google. articles. downloads. faq. members. weblogs. file info. rss.
 From: Bernard Bout
  Where is Bernard Bout?
 Brisbane
 Australia
 Bernard Bout
 To: Luis
  Where is Luis?
 Guatemala
 Guatemala
 Luis
 Tags
Subject: RE: Secure demo version
Thread ID: 50134 Message ID: 51799 # Views: 5 # Ratings: 0
Version: Visual FoxPro 8 Category: Security and Application Protection
Date: Friday, September 17, 2004 5:39:29 AM         
   


verification of the correct date - u know how to do that!

recalculate the expiry date - correct date + your demo version period = expirydate

HASH - So many ways. Here I give you a very simple VFP way.

cExpirydate = the expiry date converted to a string
cPuzzlestring = "THESKIESAREBRIGHTTODAY" && just to make it harder

*/ hash it
cHashed = sys(2007,cPuzzlestring+cExpiryDate)

Using todays date converted CTOD(DATE())) and the above string my hashed value is:

48944
and will always be this number for the above string. By adding your own string values you can make it more dfficule to guess.

Now to verify that the date is within limits, you get the date and HASH it similarly. It is this hashed figure you compare. You could even hash it a number of times each time with a different string.

spaces where data can be "injected".
You compile your exe and then open it in a HEX editor. Look through the file for blocks of 0000. This will usually be scattered thorughout the file. Initially till you understand how a PE looks inside, use "Trial & Error" to find your "sweet" spot. Once you have it, you need to know the offset away from the start of the file. You could even convert the number to HEX for inserting.

use VFP's low level commands to write
FOPEN(), FREAD(), FWRITE() etc. are all useful commands for which there is already help.

Remember though that you will not be able to write to the running EXE (unless you know the API's to call but that is another story) so make a loader and an APP or EXE. User runs the loader which Reads/Writes to the second APP/EXE and then execures it.

All this is useless though if your source can be decompiled!!!

Happy Demo Creating.


> > > >Hey, these sounds great, can you explain a little more??, I'll like to learn this.
> >
> > Which part do you want explained "a little more" ?
> >
>
> "You could after verification of the correct date, then recalculate the expiry date and HASH this and store it in the EXE itself. If you open any VFP exe, you will find lots of spaces where data can be "injected". Once you know that spot, you use VFP's low level commands to write into the EXE."
>
> Luis
>
> For long you live and high you fly


ENTIRE THREAD

Secure demo version Posted by Roxana Ragneala @ 8/29/2004 8:13:35 PM
;-) Posted by Mz @ 8/30/2004 9:46:40 AM
RE: ;-) Posted by Wild Fire @ 8/30/2004 7:37:04 PM
RE: Secure demo version Posted by Bernard Bout @ 8/31/2004 9:02:26 AM
RE: Secure demo version Posted by Mz @ 8/31/2004 9:34:55 AM
Bernard, you're one cruel guy. Posted by Dale Dedoroy @ 8/31/2004 9:11:22 PM
RE: Secure demo version Posted by Luis Navas @ 9/13/2004 10:57:50 PM
RE: Secure demo version Posted by Bernard Bout @ 9/14/2004 5:59:25 AM
RE: Secure demo version Posted by Luis Navas @ 9/16/2004 10:40:44 PM
RE: Secure demo version Posted by Bernard Bout @ 9/17/2004 5:39:29 AM
RE: Secure demo version Posted by Luis Navas @ 9/17/2004 11:46:29 PM