Solved

How do I extract the Harddrive Serial Number from the client using Macromedia Flash.

Posted on 2008-10-01
10
277 Views
Last Modified: 2013-11-12
We have a game developed in Macromedia Flash using AS 2.0. We are being having problems of people trying to fraud us. We identify the IP or the customer and what we do is to proceed to block them off the game server. The problem is that is very easy to come up with a work arround and come back and try again.
What we are looking is to collect the harddrive serial number and store it on our database running a verification process at the begining of the session
On other downloadable games that we have is not a problem at all using the windows API but we do not know how to do it from flash on a Internet Browser.
Our game is accesed using a Internet Browser, after you login a pop up window will come up with the game it self, so from that point on is our quest to get the HD serial number.
0
Comment
Question by:hlaprade
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 37

Expert Comment

by:CyanBlue
ID: 22620763
No, Flash Player does not have such capability...  That's a big security issue if FP is capable of doing that...

CyanBlue
0
 
LVL 9

Expert Comment

by:asaivan
ID: 22621090
I don't know, but perhaps Adobe AIR has this capability, if so you could port your game to AIR...
0
 
LVL 39

Expert Comment

by:blue-genie
ID: 22625007
I would agree with CB and say hell no.
I doubt there's anything on a browser platform that will allow you to do that. (I could be wrong, I hope not cause that's scary).
I'm sure most basic anti-virus software would also throw a fit at any attempts.

in terms of trying to block ppl. if i'm using my laptop and i find i'm blocked, i'm gonna go use my other machine, if that one doesn't work i'm going to try it at work. My hardrive can be changed and replaced pretty easily, so how will that help?
if maybe you can tell us exactly how you're being "Defrauded" - we can offer alternatives.

0
Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

 
LVL 39

Expert Comment

by:blue-genie
ID: 22625264
me again.
i found this.

http://addressof.com/blog/archive/2004/02/13/386.aspx

i dont' know if that can be configured into some kind of server side script which flash can call and check.
0
 
LVL 2

Author Comment

by:hlaprade
ID: 22625572
blue-genie, thanks, bassically is a matter of try to prevent, not exactly to stop it 100%, that will be awesome, so we have a fraud department that let say they stop 50% of the fraud attempts, (our game is blackjack tournaments) and then we have features that detects fraud automatically (a 40%) and block the player account. So that 10%, there are a lot of things that you can do to take it to 1% and one of those preventing features, is read the harddrive serial, I have that option on my poker, but is a win32 application, the blackjack is a flash web based application. My development team are looking into asaivan approach regarding AIR. I really appreciate everyones help.
0
 
LVL 39

Expert Comment

by:blue-genie
ID: 22631248
where does the fraud comein?
are you handling any of the "logic" in flash - if so there's your problem. flash aint' secure no matter what.
this might be a conflict of interest (since i develop online gaming stuff ) - but here's how we recently handled this - don't know if it will resolve your thing.

we have a login which gets encrypted and put into the database. if the person decompiles the flash file they would be able to see the webservices i'm using and hack those, so what we do is at each login we create a session variable, which gets encrypted and that lasts x amount of time only (The games are time based) - then each time the flash file logs in it checks the session. (i think - this part gets handled by the clever .NET ppl) against a timestamp - if the data is not the same, i.e. the guy grabbed the swf file decompiled it and now wants to run it and access our webservices it doesn't allow it.
i'm not explaining this very well. basically it needs to be handled on the server side, not Flash.
also obviously SSL on the browser side.

blu.
0
 
LVL 2

Author Comment

by:hlaprade
ID: 22636896
There is no logic on the flash, basically we get players with a winning rate that is out of the scale, they may be using sofisticate software and we want to avoid them by identifying patterns on their behavior or why not, the serial on their harddrive, ip etc. That way at least we are able to stop a little bit being hit.
0
 
LVL 39

Expert Comment

by:blue-genie
ID: 22636965
i'm gonna have to leave this for other ppl to comment.
0
 
LVL 37

Accepted Solution

by:
CyanBlue earned 500 total points
ID: 22641435
You definitely got to go with the client application that can give you such information...  I don't know AIR can do that or not, but general Flash Player is not the tool that you are looking for...

CyanBlue
0
 
LVL 2

Author Closing Comment

by:hlaprade
ID: 31502226
Thank you all, we have a long way then in order to cahnge aout client application then.
0

Featured Post

Why Off-Site Backups Are The Only Way To Go

You are probably backing up your data—but how and where? Ransomware is on the rise and there are variants that specifically target backups. Read on to discover why off-site is the way to go.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Google Autocomplete API 2 107
Strange space issue in Chrome browser 8 122
SPLUNK REST  API call to Splunk to create and index? 2 179
Grunt No Clean Targets 6 306
Introduction This article is primarily concerned with ActionScript 3 and generally specific to AVM2.  Most suggestions would apply to ActionScript 2 as well, and I've noted those tips that differ between AS2 and AS3. With the advent of ActionS…
I have been doing hardcore actionscripting for some time; and needless to say I have faced a lot of problems in just understanding others' code rather than understanding what the code executes. A programmer's life can become hell when there are a lo…
The goal of the tutorial is to teach the user how to select the video input device. Make sure you have an input device that in connected and work and recognized by Adobe Flash Media Live Encoder and select it in the “video input” menu.
This Micro Tutorial will teach to how to utilize bit rate in Adobe Flash Media Live Encoder.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question