• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1070
  • Last Modified:

protect application & hardware serial number


i have developed an application in c# - .net 2.0 and i have two questions:
       * to protect my application i am using disk serial number (not volume number, since it changes after format) and create a key using this value. is there any security problems in this approch? (like rewriting disk serial number by crackers etc...) in fact i need a unique value to generate key, it may be mac id, cpu id, disk id etc... which one is more secure?

      *(main question) i am using this code but it works only win xp, not 2000 and 2000 server etc... how can i get this value in other platforms.
         it give this error: System.Management.ManagementException: Invalid class

thanks in advence...

                  searcher = new ManagementObjectSearcher("SELECT * FROM Win32_PhysicalMedia");

                  int i = 0;
                  foreach(ManagementObject wmi_HD in searcher.Get()) {

                        // get the hard drive from collection
                        // using index
                        HardDrive hd = (HardDrive)hdCollection[i];

                        // get the hardware serial no.
                if (wmi_HD["SerialNumber"] == null) {

                    hd.SerialNo = "None";
                else {

                    hd.SerialNo = wmi_HD["SerialNumber"].ToString();
                    serialNo = hd.SerialNo;
1 Solution
I'm no software developer but it strikes me that whatever you come up with, it will be no big deal for a cracker to disable whatever antipiracy checks you put in your software, irrespective of the complexity of the ID you're generating.

The Windows SDK shows that the Win32_PhysicalMedia class requires Windows XP or newer - that is why you are getting an error on Windows 2000.
Does this help you get that serial without using the WMI Class?

Anurag ThakurCommented:
in my suggestion make a id comprising of mac address, disk id and cpu id and dont save them in sequence
and either in the beginning or at the end save what is the sequence that you have used..... at least in that case it will be difficult for the hackers to crack the codes
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Éric MoreauSenior .Net ConsultantCommented:
you could use the MotherBoard ID and/or the Processor ID as shown at http://www.codeproject.com/KB/vb/hardware_Security_2.aspx

Apply this one:

Get the real HD serial number, not the volume serial number.

Frankly, I've hack some software that's using volume serial number for protection, but never been hack a real HD serial number.

komputerAuthor Commented:
thank guys, cantoris solution works fine.
i am creating my native exe via xenocode. it works fine on my local but when i moved to any machine which .net framework is not installed, it gives this error although the dll in the same folde
 System.Runtime.InteropServices.COMException (0x800736B1)

i tried to register
>regsvr32 DriveInfoEx.dll
it gives this error;
DriveInfoEx.dll was loaded, but the DllRegisterServer entry point was not found.

do i need to open a new question?
That page I pointed you to does say "it's mandatory to use .net 2.0".
Maybe that's the problem?
komputerAuthor Commented:
i think i am using .net 2.0 by creating native code (i suppose xenocode moves all need .net2.0 files into native exe since 500 kb file increases up to 20 mb)
I can't help you there - I'm not a developer.  Maybe you need to ask a fresh question to find someone who knows about xenocode since this is a different subject to before.  Otherwise you end up with two complete questions asked and potentially two sets of solutions in one thread!
I'm not all that versed with the netiquette of this site either yet to know for sure - perhaps someone else will chip in on this?
komputerAuthor Commented:

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now