Show/Hide Toolbars

Licence Protector 5

Navigation: Part II - Enhanced Features > Anti Hacker Strategies

CRC Check of the Licence Protector DLL

 Scroll Prev Top Next More

One hacker approach is to replace the DLL. This can be prevented easily by checking the CRC value (cyclic redundancy check) or MD5 checksum  of the DLL.

 

The CRC value of each dll can be found here. As each DLL is available in a compressed and uncompressed version you have to check for all CRC values of a DLL - for EasyGo you also have to check for the CRC value of the signed DLL. This is due to the fact that a user could have installed an application which uses the compressed DLL and another application which uses the uncompressed DLL. The last installed DLL would be used.

 

You can also retrieve the CRC value of an file with the GetCRC32 command (you can use the license Tester to retrieve the CRC value for any file).

 

Use the check before you open the license file. You should end the application without an error message if the DLL was replaced some times later in your application. If you would end the application directly after the test this can be traced. Just write status information in a log file.

 

There a different methods to make a CRC check and the check has to be included in the source code. Below are links to source code samples. Please take care of copyright issues if stated on the web site or within the source code.

 

Articles how to implement CRC32 checks

 

http://delphi.about.com/gi/dynamic/offsite.htm?zi=1/XJ&sdn=delphi&zu=http%3A%2F%2Fwww.efg2.com%2FLab%2FMathematics%2FFileCheck.htm (Delphi)

http://www.vbaccelerator.com/home/NET/Code/Libraries/CRC32/article.asp  (.NET)

 

http://vb-tec.de/crc.htm (VB6 - German article)

http://www.aboutvb.de/khw/artikel/khwcrc.htm (VB6 - German article)

http://www.networkdls.com/Software.Asp?Review=22 (C++)

CRC on Wikipedia: http://en.wikipedia.org/wiki/Cyclic_redundancy_check

 

or search for crc32 / MD5 check in Google.

 

 

We strongly recommend making an CRC check to be sure, that the correct Licence Protector DLL is registered. The MD5 CRC check is more stronger than the CRC32. If security is a main issue use MD5.

 

How to find the LicProtector.DLL on the system

You have to find the place where the DLL is stored via registry settings. This is due to the fact that somebody could install the DLL on another folder and register it there.

 

You get the installation folder with this registry entry

 

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\CLSID of DLL\InprocServer32 (DLL)

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\CLSID of DLL\LocalServer32 (COM exe)

 

or when the DLL was registered without admin rights

 

HKEY_Current_USER\SOFTWARE\Classes\CLSID\CLSID of DLL\InprocServer32 (DLL)

HKEY_Current_USER\SOFTWARE\Classes\CLSID\CLSID of DLL\LocalServer32 (COM exe)

 

On 64bit operating systems the registry entry is

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\CLSID of DLL\InprocServer32 (DLL)

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\CLSID of DLL\LocalServer32 (COM exe)

 

Replace the CLSID of DLL with the information of the latest release - see Add the LicProtector510.DLL