meter 145 Posted February 4, 2016 Author Report Share Posted February 4, 2016 Glad to hear you're enjoying the product Evernano -meter Quote Link to post Share on other sites
meter 145 Posted February 4, 2016 Author Report Share Posted February 4, 2016 Just a heads up to everyone subscribed to this topic, TJ has created a slick new skin for Ubotlocker which he is offering here: http://network.ubotstudio.com/forum/index.php/topic/18999-lockerex-theme-for-ubotlocker/?do=findComment&comment=118404 Highly recommend everyone check it out -meter Quote Link to post Share on other sites
Frank 177 Posted February 5, 2016 Report Share Posted February 5, 2016 you could mode the license.dll which meter has provided the source code forHey Kev where would I find the source code? Quote Link to post Share on other sites
kev123 132 Posted February 6, 2016 Report Share Posted February 6, 2016 @frank its on one of the previous pages I would compile a bot first thou without protection to compare start times to see if its actually a ubot problem/number of plugins. meter what's needed to get running on https, is it just mods to the license.dll or backend. If you know exactly what needs doing this would save me some investigation time. thankskev123 Quote Link to post Share on other sites
meter 145 Posted February 8, 2016 Author Report Share Posted February 8, 2016 Hey kev, Sorry, it's actually a problem in the C++ portion of Ubotlocker (Locker.dll). There is no easy way to fix it, due to some dumb coding decisions I made. -meter Quote Link to post Share on other sites
meter 145 Posted February 8, 2016 Author Report Share Posted February 8, 2016 Actually, looking at License.dll, you might be able to detect when it tries to access a http:// URL in HttpClasses.HttpGet, and then change the URL to https:// -meter Quote Link to post Share on other sites
Bot-Factory 602 Posted February 8, 2016 Report Share Posted February 8, 2016 But an important question is, why is it necessary to use SSL.SSL is a transportlayer encryption protocoll which encapsulates HTTP. But if the communication itself is already encrypted (payload), then there is no added security by using SSL. So what value add do you guys expect from using SSL here? Dan Quote Link to post Share on other sites
kev123 132 Posted February 8, 2016 Report Share Posted February 8, 2016 @meter thanks seems easy fix. thinking about it you could force http to https at server side never done it but I would think it would just be a htaccess simple mod @Dan not for the security of license, mainly to work straight out the box with https sites and also keep the server backend login etc more secure when logging in while on public wiki etc Quote Link to post Share on other sites
Bot-Factory 602 Posted February 9, 2016 Report Share Posted February 9, 2016 @meter thanks seems easy fix. thinking about it you could force http to https at server side never done it but I would think it would just be a htaccess simple mod @Dan not for the security of license, mainly to work straight out the box with https sites and also keep the server backend login etc more secure when logging in while on public wiki etc I didn't test it, but I think you can run the whole system via HTTPs. The only problem is the client - server communication which is hardwired to HTTP. But the client only communicates with:http://www.yourserver.com/ulocker/VerifyLicense.php And that can be redirected with a htaccess rule. Dan Quote Link to post Share on other sites
Frank 177 Posted February 10, 2016 Report Share Posted February 10, 2016 Ugh, Meter I love the licensing system but I'm extremely hating the fact that license.dll keeps getting deleted by antivirus software. right now, Avast, Kapersky and McAfee love to wipe it from the install directory and the downloaded .exe zip file. Has anyone worked out a solution to this one? It's literally creating about 50 tickets per day in complaints. Frank Quote Link to post Share on other sites
Kreatus (Ubot Ninja) 422 Posted February 10, 2016 Report Share Posted February 10, 2016 Ugh, Meter I love the licensing system but I'm extremely hating the fact that license.dll keeps getting deleted by antivirus software. right now, Avast, Kapersky and McAfee love to wipe it from the install directory and the downloaded .exe zip file. Has anyone worked out a solution to this one? It's literally creating about 50 tickets per day in complaints. Frank Yes it's really annoying. I ended up creating a tutorial how to whitelist the software on avast anti virus and add it on readme file. Quote Link to post Share on other sites
PRO 69 Posted February 10, 2016 Report Share Posted February 10, 2016 Same problem. Hope there is a "straight forward" solution possible where the end users can just download, install and use without any further steps needed. Quote Link to post Share on other sites
sunny9495 42 Posted February 11, 2016 Report Share Posted February 11, 2016 Meter,You Have to Fix This License.dll issue pal,everyday iam getting atleast 1 complaint about this. Quote Link to post Share on other sites
meter 145 Posted February 11, 2016 Author Report Share Posted February 11, 2016 Sorry guys, at this time I have no idea why the AVs detect License.dll, or how to fix the issue. It's something I'm constantly looking at, but I am honestly out of ideas. -meter Quote Link to post Share on other sites
Frank 177 Posted February 11, 2016 Report Share Posted February 11, 2016 Hey Meter, I'd be willing to take a bit of time and just hammer through the code on the file. Is it possible to get the source code? To be honest, I'll probably be contracting a trusted programmer to pour over the code. If I do come up with a fix, I'll track the expenses and if anyone else wants a copy we can split the overall costs to fix it. Frank Quote Link to post Share on other sites
kev123 132 Posted February 11, 2016 Report Share Posted February 11, 2016 I've done a fair bit of work getting rid of false positives in .net and c++ apps. Let me know and I can take a look as well. thankskev123 Quote Link to post Share on other sites
UBOTEM 18 Posted February 11, 2016 Report Share Posted February 11, 2016 Surely signing the dll file will do the trick?! Also are you not using installers?! Once the installer has admin privileges and is accepted by the AV surely the installed files are ok?!I don't seem to be having much issues?! Just normal AV stuff?!Surely signing the dll file will do the trick?! Also are you not using installers?! Once the installer has admin privileges and is accepted by the AV surely the installed files are ok?!I don't seem to be having much issues?! Just normal AV stuff?! Quote Link to post Share on other sites
kev123 132 Posted February 11, 2016 Report Share Posted February 11, 2016 question for people having a lot of issues does your final outputted license.dll show problem in virustotal. i'm not able to test against one of mine as I mod each one for project. Quote Link to post Share on other sites
UBOTEM 18 Posted February 11, 2016 Report Share Posted February 11, 2016 Not sure I use an installer for my commercial products similar to what I have done here.... http://www.ubotem.com/product/delooper-tool-by-ubotem/ Have many customers at my other store and installers are the same, I do have to help customers with AV, when the download my exe, but normally guide them through how to whitelist my installer and then they are fine. I install my software to the program folder and setup shortcuts on desktop and start menu (these are set to prompt admin rights when customer launches software).Also set launch hot keys on installation. Please try my installer, and let me know if you get problems I am thinking of getting a certificate so can sign the exe file, but could also sign the dll file, mainly because I want to be looking as professional as possible, and it stops browser issues that try to block the download. And the admin prompt would show my developer name instead of unknown. Quote Link to post Share on other sites
meter 145 Posted February 12, 2016 Author Report Share Posted February 12, 2016 License.dll is open source and available here:https://dl.dropboxusercontent.com/u/47714945/UbotLockerOpenSource/WindowsFormsApplication21.zip Feel free to experiment with it guys -meter Quote Link to post Share on other sites
solstudioim 4 Posted February 12, 2016 Report Share Posted February 12, 2016 hi meter i want to buy protect lisence Quote Link to post Share on other sites
Frank 177 Posted February 12, 2016 Report Share Posted February 12, 2016 Hey guys, yes I do use a proper installer. I've got most things 100% but that doesn't mean that antivirus is going to ignore something that it things is a baddie. Thanks Meter, would you mind if I asked you pointed questions after i start to look at the dll? If push comes to shove, I would definitely be in on a group purchase to sign the .dll file with the antivirus companies. Frank Quote Link to post Share on other sites
kev123 132 Posted February 12, 2016 Report Share Posted February 12, 2016 for the price of signing I would just do your own. It would only take one issue with app to kill the reputation of the cert with windows smart. What I mean if one user was to get the private key hacked/stolen Quote Link to post Share on other sites
UBOTEM 18 Posted February 12, 2016 Report Share Posted February 12, 2016 Yes I will be getting cert soon, will let you know how it goes Quote Link to post Share on other sites
meter 145 Posted February 13, 2016 Author Report Share Posted February 13, 2016 Hey guys, yes I do use a proper installer. I've got most things 100% but that doesn't mean that antivirus is going to ignore something that it things is a baddie. Thanks Meter, would you mind if I asked you pointed questions after i start to look at the dll? If push comes to shove, I would definitely be in on a group purchase to sign the .dll file with the antivirus companies. Frank Yeah go for it As others have said, code signing is best done by individuals. It just takes one person to release a sketchy Ubot for the signature to be blacklisted by AVs. -meter Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.