Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Secure a DLL file with a license file [closed]

Tags:

c++

licensing

dll

What is the best way to secure the use/loading of a DLL with a license file?

like image 882
pkit Avatar asked Sep 19 '08 23:09

pkit

People also ask

Where do I put a DLL license?

In the vast majority of cases, the solution is to properly reinstall license. dll on your PC, to the Windows system folder. Alternatively, some programs, notably PC games, require that the DLL file is placed in the game/application installation folder.

Can a DLL file be opened?

You can open the command prompt by going to the Windows Start menu or by holding Windows Key+R and typing "cmd" in the prompt that appears on screen. Open the folder with the DLL file. Once you find the folder, hold the Shift key and right-click the folder to open the command prompt directly in that folder.

How do I block a DLL file?

You find it at start menu with "cmd" name or press Windows key + R then type cmd. Now type cd c:\FilePathFromSearch\DLLName. dll . Then type regsvr32 /u DLLName .

What is DLL security?

DLLs are executed in the memory of the calling process, with the same access permissions. This means that there is no protection for the calling EXE if the DLL contains any anomalies. Malicious attackers may exploit this fact by using methods such as DLL Hijacking or DLL Proxying to execute their malicious code.

1 Answers

A couple of things you might want to consider:

Check sum the DLL. Using a cryptographic hash function, you can store this inside the license file or inside the DLL. This provides a verification method to determined if my original DLL file is unhacked, or if it is the license file for this DLL. A few simple byte swapping techniques can quickly take your hash function off the beaten track (and thus not easy to reproduce).

Don't store you hash as a string, split it into unsigned shorts in different places.

As Larry said, a MAC address is fairly common. There are lots of examples of how to get that on The Code Project, but be aware it's easy to fake these days.

My suggestion, should be use private/public keys for license generation.

In short, modes of attack will be binary (modify the instructions of your DLL file) so protect against this, or key generation so make each license user, machine, and even the install specific.

like image 181
titanae Avatar answered Oct 13 '22 22:10

titanae
Sign in to Comment

Related questions

How do I use SFINAE to choose the closest matching type trait?
Check if valid template specialization
How to Integrate a CMake Project with GYP-Based Libraries
understanding c++ pointers to parent/base classes
Using a template before it's specialized?
Faster way of searching array of sets
Pointer to member: works in GCC but not in VS2015
Cannot construct constexpr array from braced-init-list
Should I delete `Vertex Buffer Object` after binding it to `Vertex Array Objects`?
What does it take to write memory safe C++ applications?
How can I simplify this redundant C++ code?
What is a temporary object with static storage duration
wntdll.pdb not loaded - Can't see the exception
DXGI Desktop Duplication Screen Capture Speed [closed]
Comparison operator for std::vector<T> fails to find comparison operator for T
What is the difference between std::tie and std::forward_as_tuple
std::initializer_list, braced initialization and header
Does the standard consider non-template members of template classes to be "templates" themselves?
Custom allocators as alternatives to vector of smart pointers?
Criteria for a variable to be usable in a constant expression

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!