Solved

Retrieving the real harddisk serial number and in any condition for any hard drive

Posted on 2010-08-19
7
1,242 Views
Last Modified: 2012-06-21
Hi,

I am using VB.NET in VS2005 and trying to get the manufacturer assigned (unchangeable) serial number of the harddisk. I will use this id for distribution protection of my software.

The number should not be the HardDisk VolumeSerialNumber of the partition that can be re-assigned by software methods.

I am working on this problem for a period and searched some solutions the first one is "using WMI" by the value "Win32_physicalmedia". But this method returns the serial number as blank for some harddrives or for some PC configuration (I could not find the actual reason for it is doing so but I am lucky to find it happening on my development PC). There are many different examples of WMI, for example the following;
---
Dim TheSearcher As ManagementObjectSearcher = New ManagementObjectSearcher("SELECT * FROM Win32_PhysicalMedia")

For Each wmi_HD As ManagementObject In TheSearcher.Get()
            MessageBox.Show(wmi_HD("SerialNumber"))
Next
---
It returns an empty string in my PC, but returns the actual manufacturer assigned serial when run at my colleagues PC's.

And the second method I found; Using CreateFile from "kernel32.dll" API. It is something like this (not the full code given here because the original example is long, just for giving an idea about the example);
---
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Integer, ByVal dwShareMode As Integer, ByVal lpSecurityAttributes As Integer, ByVal dwCreationDisposition As Integer, ByVal dwFlagsAndAttributes As Integer, ByVal hTemplateFile As Integer) As Integer

handle = CreateFile("\\.\PhysicalDrive" & "0", HDDID_GENERIC_READ + HDDID_GENERIC_WRITE, HDDID_FILE_SHARE_READ + HDDID_FILE_SHARE_WRITE, 0, HDDID_OPEN_EXISTING, 0, 0)

serialNumber = HDDID_SwapChars(sco.IDS.SerialNumber)
model = HDDID_SwapChars(sco.IDS.ModelNumber)
CloseHandle(handle)
---
It works for all disks that I have, but the "CreateFile" function does not work when logged in with limited administrative privileges (i.e. logged in as limited user account in Windows).

Is there any third method that works in all conditions? Or a trick to make above examples working.
0
Comment
Question by:Weigher
  • 4
  • 2
7 Comments
 
LVL 18

Expert Comment

by:Cluskitt
ID: 33474430
It could be that some hard drives don't have serial numbers assigned internally, that is, all they have is a sticker with the serial number but the manufacturer hasn't inserted it mechanically.

Using hard drive serial isn't a good idea anyway, because it's a component that isn't meant to last that long, and once it breaks and the owner replaces it, they can't use your software anymore.
0
 

Author Comment

by:Weigher
ID: 33474746
Hi,

I am sure the harddisk does have a serial number where WMI fails, because the second method (API) gets the number on the PC that WMI returns an empty string. And both return same ID on PC's those both methods run succesfully.

Reinstallation is not a problem for me because the installation is under control, the user may reactivate the product from internet or phone after reinstallation. It is for protecting against some semi-pro crackers those use simple known methods or easy software to crack.

Is there any other cost-free method providing protection that can the PC can be identified (Board Id, Bios Id, etc. also WMI depended)? I do not want to use MAC of ETH interface.
0
 
LVL 18

Expert Comment

by:Cluskitt
ID: 33474878
Crackers will be able to bypass it anyway. But sorry, I can't help you with it, as I'm not familiar with hardware programming.

However, if you want, you can go the way of internet activation, meaning, the user must have internet when using the program, requiring it to connect to your server and authenticate. Still crackable, but less so.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 18

Accepted Solution

by:
BigSchmuh earned 500 total points
ID: 33474987
We had this kind of topic some month/year ago where the conclusion was:
-Using more than 1 figure with a N-1/N validation may strongly reduce licence support
-Figures can come serials or full model number from : NIC, HDD, MB

Ex of a validation rule: Use the Network Mac address + HDD Model + GPU Model; validate the license and update the license referral figures if 2 of 3 are valid (Same Mac adress + One HDD has same model + Same GPU Model)
==> So your "bad" user have to know the Mac address and buy the exact same HDD or GPU of the licensee which add some real complexity and price to the piracy
0
 

Author Comment

by:Weigher
ID: 33475079
Cluskitt:
I agree in general and any software can be cracked. But I think cracking the hardware serial number encrypted (by multiple number of scrambled tricks used together) will not be as easy as directly copying the files competely to another computer. And unfortunatelly my PC's are at locations those are far from a continuous internet connection. Anyway, thank you for the comments.
0
 

Author Comment

by:Weigher
ID: 33475427
BigSchmuh:
I considered to use three HW ID sources together, that WMI returns. But have lost my trust for WMI method after I have seen it is returning an empty string as the Serial Number where other method returns it successfully (provided that with administrator privilleges). I will have to find out methods to obtain the MB, CPU, MAC Address etc, other than using WMI.

I think the number will be a simple string concatenation of the collected possible ID's prior to be encoded by the cipher, because this string is not reproducable locally after validation, it is hased to a shorter value. The validation phase is already scrambled by doing some fake, misguiding validations in code (and some other methods that I do not want to say here) against reverse compiling and debugging of the executable (Unfortunatelly, I have only the chance to use limited free obfuscator provided with VS).

How secure is the information provided by the WMI in general? Does anyone have an idea?
0
 

Author Comment

by:Weigher
ID: 33483057
I created a new question regarding the WMI Win32 classes security in
 http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/Q_26417011.html because the subject of the questin has been changed.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is about my first experience with programming Arduino.
When we purchase storage, we typically are advertised storage of 500GB, 1TB, 2TB and so on. However, when you actually install it into your computer, your 500GB HDD will actually show up as 465GB. Why? It has to do with the way people and computers…
An introduction to basic programming syntax in Java by creating a simple program. Viewers can follow the tutorial as they create their first class in Java. Definitions and explanations about each element are given to help prepare viewers for future …
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question