06-03-2011, 08:53 AM
Hello,
NOTE: This kind of protection is used all over the game hacking scene, its the best protection available
If you having trouble with the login, read this:
I saw some topics about GUIDtech (Globally Unique Identifier), I recently reinstalled my computer but I found some files I wrote a few months ago. It was creating for selling purposes but I decided to stop the project(Note that because of this lots of things aren't finished, also LOTS of thing could be done better and are bugged).
One of the files says it also contains a VB.Net (Can be used in every language that can make a web connection) example on how to use it, if you have read the above line you understand I don't have it anymore, but I explain you how it works:
- The user opens the program
- A web connection (No webbrowser) is established
- It will send a encrypted (md5) GUID to the server
- This will check if its appearing it the database and will check if its a valid customer or not.
- Then it will return a value, make it random so its harder to crack.
- Its using a database, which is almost impossible to get access to, (free) HWID system's are mostly using .txt files
- Pretty good alternative if you don't want to use HWID's
Crypting GUIDs:
- Get the customers GUID
- Encrypt this and encrypt the result again (IPB way) and encrypt that result again, store this into your database.
This GUIDtech can:
- Receive the GUID
- Receive the Username/Nickname (Used for forums)
- Receive the Package (Eg: Gold, Silver, Bronze)(Needs some work)
- Receive the Date the users license ends(Needs some work)
- Receive News
- Receive IP addresses
- Receive Version
- Receive Program name
- Receive the .exe's CRC (Prevention for running cracked .exe's) <-- You can find this code somewhere here on the forum
All of the above things are changable (for admins) on the webhost, simply go to www.yoursite.com, and you will be asked to login. Login with your details (Standard details are inside the .txt file of the .rar) and you can edit everything.
It contains all .php files, .sql file and the setup text.
As I don't have a webhost right now I can't post a image of it. So if someone wants to take a picture or make a demo it would be nice.
This was based on the Phatom Coding - Gaming GUIDtech.
Please post thanks or something nice.
Note that I posted this for free and will not help you with any problems.
Download:
I found my old test source from this:
Images(Thanks to kutzki):
NOTE: This kind of protection is used all over the game hacking scene, its the best protection available
If you having trouble with the login, read this:
Spoiler (Click to View)
There are two fixes, one:
Open up login.php, find the following line:
replace it with:
now, you only have to encrypt it once(YOUR PASSWORD) then enter it in the database.
The second fix is way more secure, it uses hash>hash+salt.
You can just leave the
Now, I know people are having trouble with getting the hash.
I made a little php script who generates the hash
login.php:
login2.php:
Now, the Original selection will just hash the password once, like you need in the first method. The Modified selection will do it like hash > hash & salt.
The Original one will not use the salt and the modified one will require a salt, make sure you enter the salt in the database.
Open up login.php, find the following line:
Code:
//Use IPB hashing algorithm to compare passwords
$password = md5( md5( $salt ) . md5( $password ) );
replace it with:
Code:
//Use IPB hashing algorithm to compare passwords
$password = md5($password );
now, you only have to encrypt it once(YOUR PASSWORD) then enter it in the database.
The second fix is way more secure, it uses hash>hash+salt.
You can just leave the
Code:
//Use IPB hashing algorithm to compare passwords
$password = md5( md5( $salt ) . md5( $password ) );
Now, I know people are having trouble with getting the hash.
I made a little php script who generates the hash
login.php:
Code:
Option:<form method="POST" action="login2.php">
<SELECT NAME="Actions" SIZE="1">
<OPTION VALUE="1">Original
<OPTION VALUE="2">Modified
</SELECT>
<br>Password: <br>
<input type="text" name="password">
<br>Salt(Leave blank if NOT needed):<br>
<input type="text" name="salt"> <br><br>
<input type="submit" value="Generate">
</form>
login2.php:
Code:
<?php
$LOLx = $_POST[Actions];
if ($LOLx == 1) {
$LOL = md5($_POST['password']);
echo $LOL;
exit; }
if ($LOLx == 2) {
$LOL2 = md5( md5( $_POST['salt'] ) . md5( $_POST['password'] ) );
echo $LOL2;
exit; }
?>
Now, the Original selection will just hash the password once, like you need in the first method. The Modified selection will do it like hash > hash & salt.
The Original one will not use the salt and the modified one will require a salt, make sure you enter the salt in the database.
I saw some topics about GUIDtech (Globally Unique Identifier), I recently reinstalled my computer but I found some files I wrote a few months ago. It was creating for selling purposes but I decided to stop the project(Note that because of this lots of things aren't finished, also LOTS of thing could be done better and are bugged).
One of the files says it also contains a VB.Net (Can be used in every language that can make a web connection) example on how to use it, if you have read the above line you understand I don't have it anymore, but I explain you how it works:
- The user opens the program
- A web connection (No webbrowser) is established
- It will send a encrypted (md5) GUID to the server
- This will check if its appearing it the database and will check if its a valid customer or not.
- Then it will return a value, make it random so its harder to crack.
- Its using a database, which is almost impossible to get access to, (free) HWID system's are mostly using .txt files
- Pretty good alternative if you don't want to use HWID's
Crypting GUIDs:
- Get the customers GUID
- Encrypt this and encrypt the result again (IPB way) and encrypt that result again, store this into your database.
This GUIDtech can:
- Receive the GUID
- Receive the Username/Nickname (Used for forums)
- Receive the Package (Eg: Gold, Silver, Bronze)(Needs some work)
- Receive the Date the users license ends(Needs some work)
- Receive News
- Receive IP addresses
- Receive Version
- Receive Program name
- Receive the .exe's CRC (Prevention for running cracked .exe's) <-- You can find this code somewhere here on the forum
All of the above things are changable (for admins) on the webhost, simply go to www.yoursite.com, and you will be asked to login. Login with your details (Standard details are inside the .txt file of the .rar) and you can edit everything.
It contains all .php files, .sql file and the setup text.
As I don't have a webhost right now I can't post a image of it. So if someone wants to take a picture or make a demo it would be nice.
This was based on the Phatom Coding - Gaming GUIDtech.
Please post thanks or something nice.
Note that I posted this for free and will not help you with any problems.
Download:
I found my old test source from this:
Images(Thanks to kutzki):
Spoiler (Click to View)