Jump to content
UBot Underground

[SELL] UbotLocker Web: Web Based Licensing Solution That Prevents Decompiling And Cracking

meter

By meter,
in Plugins

 Share Followers 48

Recommended Posts

  • Replies 1.5k
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

meter

UPDATE: Hello all, After many years I am stepping down from maintaining Ubotlocker. I will no longer be selling Ubotlocker, and will stop providing support. After consulting with both T

Frank

Meter I wanted to pass on a very big thank you for the licensing system! I can honestly say that your software has made me very profitable. I've written and distributed bots before but I was always fi

meter

Attached is source code to License.dll, which handles entering of licenses and updates. You need Visual C# Express 2010 to edit and compile it, and ILMerge to merge the exe and DLL produced by compila

Posted Images

meter

meter 145

Posted
  • Author
Posted

Just a heads up to everyone subscribed to this topic, TJ has created a slick new skin for Ubotlocker which he is offering here:

 

http://network.ubotstudio.com/forum/index.php/topic/18999-lockerex-theme-for-ubotlocker/?do=findComment&comment=118404

 

Highly recommend everyone check it out :)

 

-meter

Link to post
Share on other sites
kev123

kev123 132

Posted
Posted

@frank its on one of the previous pages I would compile a bot first thou without protection to compare start times to see if its actually a ubot problem/number of plugins.

 

meter what's needed to get running on https, is it just mods to the license.dll or backend. If you know exactly what needs doing this would save me some investigation time.

 

thanks

kev123

Link to post
Share on other sites
meter

meter 145

Posted
  • Author
Posted

Hey kev,

 

Sorry, it's actually a problem in the C++ portion of Ubotlocker (Locker.dll). There is no easy way to fix it, due to some dumb coding decisions I made.

 

-meter

Link to post
Share on other sites
meter

meter 145

Posted
  • Author
Posted

Actually, looking at License.dll, you might be able to detect when it tries to access a http:// URL in HttpClasses.HttpGet, and then change the URL to https://

 

-meter

Link to post
Share on other sites
Bot-Factory

Bot-Factory 602

Posted
Posted

But an important question is, why is it necessary to use SSL.

SSL is a transportlayer encryption protocoll which encapsulates HTTP. But if the communication itself is already encrypted (payload), then there is no added security by using SSL. 

 

So what value add do you guys expect from using SSL here?

 

Dan

Link to post
Share on other sites
kev123

kev123 132

Posted
Posted

@meter thanks seems easy fix. thinking about it you could force http to https at server side never done it but I would think it would just be a htaccess simple mod

 

@Dan not for the security of license, mainly to work straight out the box with https sites and also keep the server backend login etc more secure when logging in while on public wiki etc

Link to post
Share on other sites
Bot-Factory

Bot-Factory 602

Posted
Posted

@meter thanks seems easy fix. thinking about it you could force http to https at server side never done it but I would think it would just be a htaccess simple mod

 

@Dan not for the security of license, mainly to work straight out the box with https sites and also keep the server backend login etc more secure when logging in while on public wiki etc

 

I didn't test it, but I think you can run the whole system via HTTPs. 

The only problem is the client - server communication which is hardwired to HTTP. 

 

But the client only communicates with:

http://www.yourserver.com/ulocker/VerifyLicense.php

 

And that can be redirected with a htaccess rule.

 

Dan

Link to post
Share on other sites
Frank

Frank 177

Posted
Posted

Ugh, Meter I love the licensing system but I'm extremely hating the fact that license.dll keeps getting deleted by antivirus software. right now, Avast, Kapersky and McAfee love to wipe it from the install directory and the downloaded .exe zip file. Has anyone worked out a solution to this one? It's literally creating about 50 tickets per day in complaints.

 

Frank

Link to post
Share on other sites
Kreatus (Ubot Ninja)

Kreatus (Ubot Ninja) 422

Posted
Posted

Ugh, Meter I love the licensing system but I'm extremely hating the fact that license.dll keeps getting deleted by antivirus software. right now, Avast, Kapersky and McAfee love to wipe it from the install directory and the downloaded .exe zip file. Has anyone worked out a solution to this one? It's literally creating about 50 tickets per day in complaints.

 

Frank

 

Yes it's really annoying. I ended up creating a tutorial how to whitelist the software on avast anti virus and add it on readme file.

Link to post
Share on other sites
PRO

PRO 69

Posted
Posted

Same problem. Hope there is a "straight forward" solution possible where the end users can just download, install and use without any further steps needed.

Link to post
Share on other sites
meter

meter 145

Posted
  • Author
Posted

Sorry guys, at this time I have no idea why the AVs detect License.dll, or how to fix the issue. It's something I'm constantly looking at, but I am honestly out of ideas.

 

-meter

Link to post
Share on other sites
Frank

Frank 177

Posted
Posted

Hey Meter, I'd be willing to take a bit of time and just hammer through the code on the file. Is it possible to get the source code? To be honest, I'll probably be contracting a trusted programmer to pour over the code. If I do come up with a fix, I'll track the expenses and if anyone else wants a copy we can split the overall costs to fix it.

 

Frank

Link to post
Share on other sites
UBOTEM

UBOTEM 18

Posted
Posted

Surely signing the dll file will do the trick?!

 

Also are you not using installers?!

 

Once the installer has admin privileges and is accepted by the AV surely the installed files are ok?!

I don't seem to be having much issues?! Just normal AV stuff?!

Surely signing the dll file will do the trick?!

 

Also are you not using installers?!

 

Once the installer has admin privileges and is accepted by the AV surely the installed files are ok?!

I don't seem to be having much issues?! Just normal AV stuff?!

Link to post
Share on other sites
kev123

kev123 132

Posted
Posted

question for people having a lot of issues does your final outputted license.dll show problem in virustotal. i'm not able to test against one of mine as I mod each one for project.

Link to post
Share on other sites
UBOTEM

UBOTEM 18

Posted
Posted

Not sure I use an installer for my commercial products similar to what I have done here.... http://www.ubotem.com/product/delooper-tool-by-ubotem/

 

Have many customers at my other store and installers are the same, I do have to help customers with AV, when the download my exe, but normally guide them through how to whitelist my installer and then they are fine.

 

I install my software to the program folder and setup shortcuts on desktop and start menu (these are set to prompt admin rights when customer launches software).

Also set launch hot keys on installation.

 

Please try my installer, and let me know if you get problems :)

 

I am thinking of getting a certificate so can sign the exe file, but could also sign the dll file, mainly because I want to be looking as professional as possible, and it stops browser issues that try to block the download. And the admin prompt would show my developer name instead of unknown. 

Link to post
Share on other sites
Frank

Frank 177

Posted
Posted

Hey guys, yes I do use a proper installer. I've got most things 100% but that doesn't mean that antivirus is going to ignore something that it things is a baddie. Thanks Meter, would you mind if I asked you pointed questions after i start to look at the dll?

 

If push comes to shove, I would definitely be in on a group purchase to sign the .dll file with the antivirus companies.

 

Frank

Link to post
Share on other sites
kev123

kev123 132

Posted
Posted

for the price of signing I would just do your own. It would only take one issue with app to kill the reputation of the cert with windows smart.

 

What I mean if one user was to get the private key hacked/stolen

Link to post
Share on other sites
meter

meter 145

Posted
  • Author
Posted

Hey guys, yes I do use a proper installer. I've got most things 100% but that doesn't mean that antivirus is going to ignore something that it things is a baddie. Thanks Meter, would you mind if I asked you pointed questions after i start to look at the dll?

 

If push comes to shove, I would definitely be in on a group purchase to sign the .dll file with the antivirus companies.

 

Frank

 

Yeah go for it :)

 

As others have said, code signing is best done by individuals. It just takes one person to release a sketchy Ubot for the signature to be blacklisted by AVs.

 

-meter

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Followers 48
Go to topic listing
×
×
  • Create New...