Jump to content
UBot Underground

Securing Your Compiled Bots.. Need everyones feedback


  

91 members have voted

  1. 1. What version Ubot are you currently using as of 11/4/2011 ?



Recommended Posts

Currently generating a system that can be dropped into Ubot Easily, and Manage User Licenses.

 

Current features:

  • Hardware locking to PC
  • Requires email address
  • Requires and checks payment transaction number
  • Currently setup for only 1 PC use
  • Administration to add, edit, delete, disable license

 

Built with:

  • 1 MySQL database
  • 1 .ubot file (easily added to any project to secure it)
  • 3 php files (1 connection, 1 processing file that works with ubot, and 1 file to include in any ipn file paypal, google checkout, alertpay etc.)

 

*the php files are setup to only work with the ubot files and direct injection to the script is safe guarded. You also receive an email when a License is granted legitimately and securely. As well as When someone tries to inject a license fraudulently. Can see a fraudulent attempt would try to access the web page Click Here And a email if turned on in setup would be emailed to the admin / owner with ip details for blocking

 

 

 

Before releasing this for the Community I want to make sure that I have everything as cleanly and as organized as possible. I also want to make sure that any needed functionality is included within this setup from the beginning for everyone. Please share any and all ideas here. Your feedback is very well appreciated.

 

 

*Special thanks to JohnB for the hardware locking technique

 

Preview admin panel - added 5-4-2011

http://uplink.botguru.net/index/index.html

 

 

Thanks,

TJ

  • Like 2
Link to post
Share on other sites
  • Replies 259
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

trying to get things ready for before christmas but i dont want to make any promises and fall short..   As soon as its ready ill make sure to update everyone here..

Currently generating a system that can be dropped into Ubot Easily, and Manage User Licenses.   Current features: Hardware locking to PC Requires email address Requires and checks payment transacti

trying everyone... I will keep you updated for sure..

@LoWrldErTJ

 

 

Interested in cracking your current bots.

 

Who tends to be your customer?

 

That's the bigger issue on security.

 

Can't prevent every cracker... but at least making the bar high. ;)

 

Link to post
Share on other sites

@LoWrldErTJ

 

 

Interested in cracking your current bots.

 

Who tends to be your customer?

 

That's the bigger issue on security.

 

Can't prevent every cracker... but at least making the bar high. ;)

 

 

My Current customers are game owners, local business owners, and online marketers. So its a very wide market.

 

You are correct on the fact you can't prevent every cracker. However making it deterrent enough to make others not waste their time trying is the goal. All basic cracking attempts, as well as some moderate and Higher end types of measures taken to crack software are being covered in this security setup.

 

One must know how to crack software before ultimately trying to prevent it. Or at the very least how the process works on trying to crack software.

 

That said i've been around for a while now and seen a lot of things, as well as worked with a lot of programs and webmasters. Have been shown some tricks here and there. This security setup is not yet finished but when completed should work out very well.

 

The price tag on it I was thinking of the word FREE or at the most $25.00 to keep people honest.

 

Not trying to get rich off this setup. But help secure the community and those making bots can secure the bots they release.

 

TJ

  • Like 2
Link to post
Share on other sites

At that price I may even buy it, but from what I have seen no software is uncrackable once released

Link to post
Share on other sites

At that price I may even buy it, but from what I have seen no software is uncrackable once released

 

 

Im not saying it would be a full proof way. When there is a will there is a way for hackers.

 

However take for instance Micros0ft and ad0be where they store the registration to the registry and pc and never phones home after the install. Easy to work around. but if your bot requires a phone home to the server every time it is ran chances are better that you can stop this sort of thing from happening.

 

As well even if someone was to change their hosts file in the system it requires information sent back to the program to run from the database on your server which can not be masked.

 

If shown to be running from more then 1 location (you get an email and ip) block the ip and disable the license :)

Link to post
Share on other sites

Yeah im in hopes to finish it before my Honeymoon on the 17th. But if not will have to sit on hold for 11 days while on my cruise.

 

Does anyone have any more ideas for it besides what it already does?

 

TJ

 

Is there some kind of admin system that we can access? Like if we need to add or block IP's. Or automatic license block when their free trial or subscription is done?

 

Thanks

Link to post
Share on other sites

The admin area currently

Administration to add, edit, delete, disable license

 

To fully block an ip is best with ip deny in cpanel but I can build in a system quickly for ip blocking right in the admin panel

 

and trials

I think this is something I will try to incorporate into it.

Link to post
Share on other sites

It would be great with a built in handling of updating the bots, that is, when a user runs a bot executable it checks towards the validation server if there is an update and if there is, it downloads it and installs it. If this could be accomplished it should also be able to handle several bots per customer.

 

I would definitely be interested in buying such a solution if it was available.

 

And no, you can't stop all cracking, but most ppl doesn't know how to crack or even how to find nulled software, so it will still help preventing unathorized use for some if not all.

Link to post
Share on other sites

It would be great with a built in handling of updating the bots, that is, when a user runs a bot executable it checks towards the validation server if there is an update and if there is, it downloads it and installs it. If this could be accomplished it should also be able to handle several bots per customer.

 

I would definitely be interested in buying such a solution if it was available.

 

And no, you can't stop all cracking, but most ppl doesn't know how to crack or even how to find nulled software, so it will still help preventing unathorized use for some if not all.

 

 

A handling system for version type im sure can be incorporated. And Op to tell the user how to download and update, or initiate the update package for install.

 

Being able to handle several bots per custom wont be that much of an issue either.

 

Added to list of to dos.

 

 

 

Keep it coming people. I love the ideas, and I will evaluate all of them and try to get as many of them in as possible.

 

 

TJ

Link to post
Share on other sites

A handling system for version type im sure can be incorporated. And Op to tell the user how to download and update, or initiate the update package for install.

 

 

 

Automatic updating would definitely be preferred as far as I can tell.

Link to post
Share on other sites

Automatic updating would definitely be preferred as far as I can tell.

 

 

On the list and will be in this package.

Basically it will check the version of the application (compiled bot they are using) If version different then what is available it will give them the option to download and update to the new version

 

 

Be it I have 3 days before my Honeymoon Cruise I doubt I will be able to get this completed in that time, and still keep up with clients of mine, and my web sites.

 

That said however I will be getting this done first thing when I get back around the 28th of this month.

 

 

Please keep the ideas coming. I am trying to get as much as possible incorporated into this security setup

 

TJ

Link to post
Share on other sites

Automatic Updating the software, easy interface to edit license and multiple ubot programs using same license are the #1 things I believe you should incorporate.

  • Like 1
Link to post
Share on other sites

On the list and will be in this package.

Basically it will check the version of the application (compiled bot they are using) If version different then what is available it will give them the option to download and update to the new version

 

Great!

 

Be it I have 3 days before my Honeymoon Cruise I doubt I will be able to get this completed in that time, and still keep up with clients of mine, and my web sites.

 

That is the wrong priority, you need to cancel that honey moon in favour of the Ubot community. ;) :D :) ;)

 

 

(have a nice trip!)

Link to post
Share on other sites

How about being able to issue more than one license per bot per transaction ID/email address!?

 

(quite often the suppliers offers two licenses, one for the laptop and one for the desktop PC, not to be used concurrently though)

 

Maybe a tracking capability on the server side to check whether a certain license is used concurrently from different remote addresses!? That way a license could be revoked if used against the ToS.

Link to post
Share on other sites

Automatic Updating the software, easy interface to edit license and multiple ubot programs using same license are the #1 things I believe you should incorporate.

 

Is definately something that will be included. The system will come setup to be able to issue up to 3 licenses per sale. However have different license types. Unlimited number of pcs, limited number maximum 3, trial (set in days 1-however many you like which could work into play with a subscription requirement)

 

 

Great!

 

 

 

That is the wrong priority, you need to cancel that honey moon in favour of the Ubot community. ;) :D :) ;)

 

 

(have a nice trip!)

 

 

I value my life. LOL

 

 

How about being able to issue more than one license per bot per transaction ID/email address!?

 

(quite often the suppliers offers two licenses, one for the laptop and one for the desktop PC, not to be used concurrently though)

 

Maybe a tracking capability on the server side to check whether a certain license is used concurrently from different remote addresses!? That way a license could be revoked if used against the ToS.

 

 

part 1 of this covered above.

 

Part 2 tracking.. This will be included to be able to track the location of use of the program. Case someone for instance sets it up on a VPS or dedicated windows box and sells access to it as I have seen some underground sites do. The license could be disabled.

 

 

 

TJ

Link to post
Share on other sites

TJ.

 

I have nothing more to add that the others here have mentioned but it sounds excellent, would be interested in it whether it be free (which is always nice) or $25.

 

Hope the honeymoon goes well!

Link to post
Share on other sites
  • 2 weeks later...

Ok everyone...

 

I'm back from the honeymoon and this is one of the first things I am am going to complete and get ready for everyone..

 

I have taken all ideas into account and all things mentioned here are going to be implemented so far. If you have any more suggestions, ideas, or feedback please let me know so that I can try and produce the best possible solution for this.

 

Hope to have a Demo available within 2 days

 

Thanks,

TJ

Link to post
Share on other sites

Hi TJ,

 

Welcome back! I have a quick question: Can the ui be brandable? For instance, can we have the ability to style the colors and/or add our logo to the prompt that will pop up to ask for the users receipt # (or the one that prompts them to upgrade)? Not absolutely necessary but I think it would really help polish up the product. If not, please PLEASE leave it black and white. I've seen other bot-securing solutions that seem to have a more 'colorful' prompt which I think makes things a bit of an eyesore. Either way, as soon as you release this I'm in. If you need testers, let me know. I have a bot that we are only going to license internally so I could provide a controlled test environment if necessary. Lol...I'm so excited I can hardly wait :lol:

Link to post
Share on other sites

Low's concerns are very legitimate. If you are selling anything online, it needs to be properly licensed. Why do you think that all the big boys license they're software? It not to be jerks, it's to keep them in business.

 

My first product that I put out was an excellent tutorial series on a piece of software. Well, needless to say, it was pirated like nuts. I probably lost more then I made on the product.

 

People seem to think that if they find a commercial product (and we are designing commercial products, right?) and they can find it free, it's OK to keep it. Not so. They don't realize that 100's of hours could have gone into that product and taking it is the same as them coming to my house and stealing something from my house. Because that's what they essentially did. I didn't earn the profit from that sale, so I now am down that amount.

 

So, this is starting to sound like a rant, but it does frustrate me. Low, keep me on your list and I wouldn't mind chatting, because I for one would be interested.

 

Frank

Link to post
Share on other sites

Sounds good guys. I'm excited to get this finished up for beta testing further and get more people on board.

 

I so far have the administration panel about 90% complete with everything that has been mentioned here so far in this thread.

 

And about 80-85% done with the coding used within the bots.

 

Trying to keep things as simple as possible. But obviously there will be a slight bit of a learning curve for anyone. However Should be able to be used from anyone of any skill level Novice to Pro.

 

TJ

Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×
×
  • Create New...