| Author |
Anti-anti-trial-period |
SQuirreL
Member
Posts: 24
Location:
Joined: 17.08.06
Rank: God |
|
I've built a prototype of a trial-period system for a shareware.
It refers to a certain hidden file to check its valid range of date.
Here's the problem:
Is there any way for regular users to track down to the hidden file by analyzing the file access behavior of the program?
If so, where can I find/how can I build a PoC for it?
My project is for Mac OS Xs.
By the way, I Googled these combinations:
"mac file access debug"
"mac monitor application behavior"
"mac file access monitor"
"mac program track file access"
I don't know any debuggers other than gdb. If you can introduce me some other good debuggers, I'd appreciate it.
Thanks in advance.
This account is no longer used. |
|
| Author |
RE: Anti-anti-trial-period |
AldarHawk
The Manager
Posts: 1661
Location: Canada
Joined: 26.01.06
Rank: God |
|
Using a hidden file to track validity is not the way to go. you need to hard code in a variable that carries the installation date and the expiration period. The "hidden file" can be easily modified. Then again, the shareware date bit can be as well. However, this is far more secure than a simple file.
That is just my opinion, lets see what others have to say.
|
   
|
| Author |
RE: Anti-anti-trial-period |
wolfmankurd
Member
Posts: 1519
Location: UK
Joined: 30.05.05
Rank: God |
|
quiet interesting thoughts, storing them online would mean someone could access it too perhaps set up a hosts file and run a local validater.
In unix( mac is unix like) lsof shows all open files, not to mention someone could just do a directory listing showing hidden files?
This seems ott maybe, but how about using RSA to encrypt the information from a server, then it couldn't be simulated offline. Unless you changed the programs public key.... idk I'm not very good at this.
BY READING MY POST, YOU ACCEPT IT AS IS AND AGREE TO MY DISCLAIMER OF ALL WARRANTIES, EXPRESS OR IMPLIED, AS WELL AS DISCLAIMERS OF ALL LIABILITY, DIRECT, INDIRECT, CONSEQUENTIAL OR INCIDENTAL, THAT MAY ARISE FROM THE USE OF THIS (MIS)INFORMATION.
Edited by wolfmankurd on 19-11-09 18:09 |
|
|
| Author |
RE: Anti-anti-trial-period |
SQuirreL
Member
Posts: 24
Location:
Joined: 17.08.06
Rank: God |
|
Thank you all for the replies.
I guess I'll stop going after the system time as MoshBat mentioned - it's way too simple.
Validating via the network is deceivable, like always.
I might try to hardcore it into the program.
Case closed, but any more thoughts are welcome.
Oh, and Wolfmankurd, thank you very much pointing out the "lsof" command. it was VEEERY helpful.
This account is no longer used.
Edited by SQuirreL on 20-11-09 08:16 |
|
|
| Author |
RE: Anti-anti-trial-period |
l3m0np13
Banned
Posts: 98
Location: Under there!
Joined: 20.05.08
Rank: Uber Elite
Warn Level: 20
|
|
could you have them submit their zip code and have it feed off of a live streaming clock for where they reside?
or have a count down sequence for X amount of hours in Y amount of days?
sorry of those are stupid ideas, just thoughts.
i have a 1 Geopbyte of brain capacity.
-Legalize Marijuana! Please? 
 |
|
|
| Author |
RE: Anti-anti-trial-period |
jjbutler88
Colemak User
Posts: 590
Location:
Joined: 22.04.07
Rank: Guru |
|
Surely it would be easier and better to allow the program to be started a certain number of times?
Failing that, the hidden file idea could work, just as long as you use a hash function to validate integrity. You could use a unique, hardcoded variable, along with some other program data and the expiration date, and hash them. Put that value in the file, and check it on launch. You can even make it visible, it doesnt matter if a 'hacker' can see it, what matters is that they can't change it without corrupting the hash check. If a hash doesnt check out you can just exit the program. Job done
|
|
|
| Author |
RE: Anti-anti-trial-period |
Compromise
Member
Posts: 224
Location:
Joined: 11.11.09
Rank: Moderate
Warn Level: 30
|
|
The checks you guys are suggesting all translate to address jumps :+, debug a couple of programs and you'll understand.
Safest, I think, is contacting a database, do a check (server-side) and require the program to download a few strings required for the program to run out of trial. |
|
|
| Author |
RE: Anti-anti-trial-period |
jjbutler88
Colemak User
Posts: 590
Location:
Joined: 22.04.07
Rank: Guru |
|
Of course, bypassing most protections is possible with apps, but it's not like a network solution is any safer, or easier to implement, what it the user wants to use a program when they're not connected to the internet?
The effort should only justify the value, theres no point building mad security for a $20 program.
|
|
|
| Author |
RE: Anti-anti-trial-period |
Compromise
Member
Posts: 224
Location:
Joined: 11.11.09
Rank: Moderate
Warn Level: 30
|
|
|
jjbutler88 wrote:
Of course, bypassing most protections is possible with apps, but it's not like a network solution is any safer, or easier to implement, what it the user wants to use a program when they're not connected to the internet?
Activation via telephone.
The effort should only justify the value, theres no point building mad security for a $20 program.
There is. Code is reusable, recyclable. You're not building "mad" security for a twenty dollar program, you're just building "mad" security that can be implemented with any number of programs. |
|
|
| Author |
RE: Anti-anti-trial-period |
jjbutler88
Colemak User
Posts: 590
Location:
Joined: 22.04.07
Rank: Guru |
|
So you would have users of a $20 program call a number every time they start a program?? That's lunacy, plus the cost of keeping something like that running. It makes no sense, and costs loads of cash. Back to the drawing board mate.
If you are building something modular and reusable, then perhaps using asymmetric encryption is the best way, just include a signed certificate in the program.
However, I suspect you will not want to set up a PKI, and will opt for a local mechanism. If it were for widespread commercial use, then the asymmetric option becomes more feasible.
|
|
|
| Author |
RE: Anti-anti-trial-period |
l3m0np13
Banned
Posts: 98
Location: Under there!
Joined: 20.05.08
Rank: Uber Elite
Warn Level: 20
|
|
|
jjbutler88 wrote:
Surely it would be easier and better to allow the program to be started a certain number of times?
I believe if it was as suggested then people would just keep it open. At least it's what I used to do when I came across those. 
i have a 1 Geopbyte of brain capacity.
-Legalize Marijuana! Please?
|
|
|
| Author |
RE: Anti-anti-trial-period |
jjbutler88
Colemak User
Posts: 590
Location:
Joined: 22.04.07
Rank: Guru |
|
True, but its a good 'bang for your buck' scenario. Other options are either insecure or hopelessly unworkable.
|
|
|
| Author |
RE: Anti-anti-trial-period |
l3m0np13
Banned
Posts: 98
Location: Under there!
Joined: 20.05.08
Rank: Uber Elite
Warn Level: 20
|
|
Oh come on jj, quit being such a pessimist. 
i have a 1 Geopbyte of brain capacity.
-Legalize Marijuana! Please?
|
|
|
| Author |
RE: Anti-anti-trial-period |
jjbutler88
Colemak User
Posts: 590
Location:
Joined: 22.04.07
Rank: Guru |
|
Pessimist or Realist?
|
|
|
| Author |
RE: Anti-anti-trial-period |
l3m0np13
Banned
Posts: 98
Location: Under there!
Joined: 20.05.08
Rank: Uber Elite
Warn Level: 20
|
|
Jj you're a crackhead. haha
i have a 1 Geopbyte of brain capacity.
-Legalize Marijuana! Please?
|
|
|
| Author |
RE: Anti-anti-trial-period |
Compromise
Member
Posts: 224
Location:
Joined: 11.11.09
Rank: Moderate
Warn Level: 30
|
|
Wait, I just realized, what the hell serials.
OPEN-SOURCE YOUR SHIT. Sell support and custom plug-ins. |
|
|
Main:
