当前位置: 文江博客话题详情

.NET 复制保护

发布于 2024-07-27 01:23:02 字数 51 浏览 3 评论 0原文

是否可以以某种方式将 .NET 可执行文件限制到特定计算机,以便它只能在该计算机上运行。

原文

Is it possible to restrict a .NET executable to a specific machine somehow so that it can only be run on that machine.

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(8

暮色兮凉城 2024-08-03 01:23:03

无法使用处理器 ID 并每次都检查它(?)

这是我不久前写的示例代码

Imports System.Management

Public Class Form1

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

        'Declare following three object variables

        Dim objMOS As ManagementObjectSearcher
        Dim objMOC As Management.ManagementObjectCollection
        Dim objMO As Management.ManagementObject

        'Now, execute the query to get the results
        objMOS = New ManagementObjectSearcher("Select * From Win32_Processor")

        objMOC = objMOS.Get

        'Finally, get the CPU's id.
        For Each objMO In objMOC
            MessageBox.Show("CPU ID = " & objMO("ProcessorID"))
        Next

        'Dispose object variables

        objMOS.Dispose()
        objMOS = Nothing
        objMO.Dispose()
        objMO = Nothing

    End Sub
End Class

Can't use the processor id and check it everytime(?)

Here is a sample code which I wrote some time back.

Imports System.Management

Public Class Form1

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click

        'Declare following three object variables

        Dim objMOS As ManagementObjectSearcher
        Dim objMOC As Management.ManagementObjectCollection
        Dim objMO As Management.ManagementObject

        'Now, execute the query to get the results
        objMOS = New ManagementObjectSearcher("Select * From Win32_Processor")

        objMOC = objMOS.Get

        'Finally, get the CPU's id.
        For Each objMO In objMOC
            MessageBox.Show("CPU ID = " & objMO("ProcessorID"))
        Next

        'Dispose object variables

        objMOS.Dispose()
        objMOS = Nothing
        objMO.Dispose()
        objMO = Nothing

    End Sub
End Class
回复 原文
芸娘子的小脾气 2024-08-03 01:23:03

假设计算机有 NIC,您可以使用 MAC 地址

从.NET中的网络适配器读取MAC地址

Assuming the machine has an NIC you can use the MAC address:

Read MAC Address from network adapter in .NET

回复 原文
只是偏爱你 2024-08-03 01:23:03

开箱即用 - 不。

您可以尝试在安装过程中生成计算机签名,并锁定应用程序,以便在签名文件不存在或对此特定计算机无效时不启动。

Out of the box - no.

You can try generating a machine signature during installation and lock your application to not start when the signature file is not present or is not valid for this particular machine.

回复 原文
遇见了你 2024-08-03 01:23:03

.NET 很糟糕,因为使用常用工具很容易将其反转回源代码。 (我们做了一个演示,在大约 2 分钟内破解了 .NET)。 西里尔的解决方案听起来不错,因为他对目标机器使用加密和指纹哈希。 遗憾的是,这些解决方案很容易受到某些类型的中间人攻击,尽管他的解决方案听起来比大多数解决方案都要好。 机器绑定的一个问题是您想要使用的指纹令牌(例如 MAC 地址、CPU 序列号等)必须通过操作系统调用来检索,这可能会被中级破解者欺骗。

根据您软件的价值,使用 CodeMeter、Hasp HL 或 KeyLok 等优质加密狗将为您提供显着的保护。 不过,使用“坏”加密狗对您没有任何帮助。

.NET is awful because it's so easy to reverse it back to source code with commonly-available tools. (We do a demo where we crack .NET in about 2 minutes). Cyril's solution sounds good because he's using encryption and a hash of fingerprints to the target machine. These solutions regrettably are vulnerable to some kinds of man-in-the-middle attacks although his solution sounds better than most. One problem with machine binding is that the fingerprinting tokens you want to use (like MAC address, CPU serial number, etc) must be retrieved with OS calls, which can be spoofed by a mid-level cracker.

Depending on the $ value of your software using a good dongle like CodeMeter, Hasp HL, or KeyLok will give you significant protection. Using a "bad" dongle won't help you a bit, though.

回复 原文
山有枢 2024-08-03 01:23:03

您可以对您的 EXE 进行数字签名并使用证书来帮助进行某种保护,但是如果您确实想阻止您的 EXE 在特定 PC 上运行,您可能最好提示用户输入密码并使用密钥文件?

.NET 加密示例
https://web. archive.org/web/20210707015555/http://aspnet.4guysfromrolla.com/articles/112002-1.aspx
http://www.eggheadcafe.com/articles/20020630.asp

You could digitally sign your EXE and use certificates to aid some sort of protection, however if you truly want to prevent your EXE from running on a specific PC you might be better prompting the user for a password and using a key file?

.NET Encryption Examples
https://web.archive.org/web/20210707015555/http://aspnet.4guysfromrolla.com/articles/112002-1.aspx
http://www.eggheadcafe.com/articles/20020630.asp

回复 原文
谜泪 2024-08-03 01:23:03

为此,您需要将许可证代码嵌入到从机器的 MAC ID、HDD ID、CPU ID 等生成的某种机器代码中。

然后用软件运行时生成的机器代码检查此嵌入代码。 如果这些不匹配,则意味着该软件正在另一台机器上使用。

如果您想要支持此方案的现成许可证方案,请参阅 CryptoLicensing

For this, you would need to embed your license code with some sort of machine-code generated from the machine's MAC ID, HDD ID, CPU ID, etc.

Then check this embedded code with the machine code generated when your software is run. If these do not match, it means that the software is being used on a different machine.

If you want a ready-made license scheme which supports this scenario, see CryptoLicensing

回复 原文
如梦亦如幻 2024-08-03 01:23:03

如果您想要支持此场景的现成许可方案,请参阅 CryptoLicensing

这不是真的。 CryptoLicensing 仅使用计算机名称,甚至不使用 CPU ID。

If you want a ready-made license scheme which supports this scenario, see CryptoLicensing

This is not really true. CryptoLicensing only uses the computer name, not even CPU ID.

回复 原文
薔薇婲 2024-08-03 01:23:02

是的,我在我的应用程序中这样做。 它的效果非常好。

使用 WMI 可以轻松获取系统信息(CPUID、MacID、HDD 详细信息)(强烈推荐)。

我创建了一个几乎万无一失的系统(除非您是专业黑客)。

当我的应用程序首次安装在用户的 PC 上时,它们会使用 Web 服务返回到我的服务器。 他们使用密码哈希来识别自己的身份,并查找客户端的授权码/订单 ID。

如果客户端具有正确的授权代码,则应用程序会加密系统详细信息并将其存储在客户端的计算机上,并将信息的哈希值发送到存储该信息的服务器。 然后,使用一些哈希标志在客户端计算机上激活该软件,每次运行该应用程序时,系统信息都会与文件中的哈希信息进行比较。

如果客户重新格式化计算机,他所需要的只是订单 ID 来自动再次激活软件(当程序与我的服务器检查时,如果匹配,系统详细信息将被验证并批准)。 如果客户在另一台计算机上安装该软件,他必须联系我的支持团队以获得批准。

-- 所有信息均经过加密和散列处理(双重加密)。
-- 所有代码均经过混淆和打包。

目前它工作得相当安全。

所以是的,这是可能的,它已经过现场测试,并且发现它与任何其他保护系统一样有效。

Yes, and I do that in my apps. It works wonderfully.

Getting the system info (CPUID, MacID, HDD details) is easy using WMI (highly recommended).

I created a system that's practically foolproof (unless you're a pro hacker).

When my apps are installed for the first time on the user's PC, they go back to my server using web services. They identify themselves using a password hash and look for an authorisation code/order id for the client.

If the client has the correct authorisation code the application encrypts and stores the system details on the client's computer and sends a hash of the info to my server where it is stored. The software is then activated on the client's computer using some hashed flags and every time the app is run the system info is compared with the hashed info in the files.

If the client re-formats the computer, all he needs is the order id to activate the software again automatically (when the program checks with my server, the system details are verified and approved if they match). If the client installs the software on another machine he must contact my support team to get approval.

-- All the information is encrypted and hashed (double encryption).
-- All code is obfuscated and packed.

It's working pretty securely at the moment.

So yes, it's possible, it's been field tested and found working as well as any other protection system.

回复 原文
~没有更多了~

关于作者

爱已欠费

暂无简介

0 文章
0 评论
21 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

qq_FjTq5B

文章 0 评论 0

18273202778

文章 0 评论 0

WordPress小学生

文章 0 评论 0

〃温暖了心ぐ

文章 0 评论 0

迷乱花海

文章 0 评论 0

niuniu

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文