Link to home
Start Free TrialLog in
Avatar of komputer
komputer

asked on

protect application & hardware serial number

hi,

i have developed an application in c# - .net 2.0 and i have two questions:
       * to protect my application i am using disk serial number (not volume number, since it changes after format) and create a key using this value. is there any security problems in this approch? (like rewriting disk serial number by crackers etc...) in fact i need a unique value to generate key, it may be mac id, cpu id, disk id etc... which one is more secure?

      *(main question) i am using this code but it works only win xp, not 2000 and 2000 server etc... how can i get this value in other platforms.
         it give this error: System.Management.ManagementException: Invalid class

thanks in advence...

code
----------------------------
                  searcher = new ManagementObjectSearcher("SELECT * FROM Win32_PhysicalMedia");

                  int i = 0;
                  foreach(ManagementObject wmi_HD in searcher.Get()) {

                        // get the hard drive from collection
                        // using index
                        HardDrive hd = (HardDrive)hdCollection[i];

                        // get the hardware serial no.
                if (wmi_HD["SerialNumber"] == null) {

                    hd.SerialNo = "None";
                }
                else {

                    hd.SerialNo = wmi_HD["SerialNumber"].ToString();
                    serialNo = hd.SerialNo;
                    break;
                }
                        ++i;
                  }
Avatar of cantoris
cantoris
Flag of United Kingdom of Great Britain and Northern Ireland image

I'm no software developer but it strikes me that whatever you come up with, it will be no big deal for a cracker to disable whatever antipiracy checks you put in your software, irrespective of the complexity of the ID you're generating.

The Windows SDK shows that the Win32_PhysicalMedia class requires Windows XP or newer - that is why you are getting an error on Windows 2000.
ASKER CERTIFIED SOLUTION
Avatar of cantoris
cantoris
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
in my suggestion make a id comprising of mac address, disk id and cpu id and dont save them in sequence
and either in the beginning or at the end save what is the sequence that you have used..... at least in that case it will be difficult for the hackers to crack the codes
Avatar of Éric Moreau
you could use the MotherBoard ID and/or the Processor ID as shown at http://www.codeproject.com/KB/vb/hardware_Security_2.aspx
Hello

Apply this one:
http://www.codeproject.com/KB/cs/hard_disk_serialno.aspx

Get the real HD serial number, not the volume serial number.

Frankly, I've hack some software that's using volume serial number for protection, but never been hack a real HD serial number.


:)
rionroc
Avatar of komputer
komputer

ASKER

thank guys, cantoris solution works fine.
i am creating my native exe via xenocode. it works fine on my local but when i moved to any machine which .net framework is not installed, it gives this error although the dll in the same folde
 System.Runtime.InteropServices.COMException (0x800736B1)

i tried to register
>regsvr32 DriveInfoEx.dll
it gives this error;
DriveInfoEx.dll was loaded, but the DllRegisterServer entry point was not found.

do i need to open a new question?
thanks.
That page I pointed you to does say "it's mandatory to use .net 2.0".
Maybe that's the problem?
i think i am using .net 2.0 by creating native code (i suppose xenocode moves all need .net2.0 files into native exe since 500 kb file increases up to 20 mb)
I can't help you there - I'm not a developer.  Maybe you need to ask a fresh question to find someone who knows about xenocode since this is a different subject to before.  Otherwise you end up with two complete questions asked and potentially two sets of solutions in one thread!
I'm not all that versed with the netiquette of this site either yet to know for sure - perhaps someone else will chip in on this?
thanks