HWID Login

by Estivan - 01-13-2018 - 02:34 AM
Posts:
15

Reputation:
0

Credits:

Rookie User
Posts:
15

Threads:
1

Joined:
May 2018

Likes:
0

Credits:

Reputation:
0

Warning Level:

#11
Posted: 05-04-2018 - 12:46 AM
(01-13-2018 - 02:34 AM)Estivan Wrote:
Hi, this is just something someone wanted me to make for them a while back, I want to contribute to the community so I decided to share this.

Note: I got some of the code from online, but I can't remember where I got it from, but, credits to whoever wrote it.

Oh, btw, remember to import System.Management (using System.Management;)

 
Code:
public string GetHDDSerial() // Public string that contains the variable of the hardware id string from URL.txt
       {
           ManagementObjectSearcher searcher = new ManagementObjectSearcher("SELECT * FROM Win32_PhysicalMedia");
           foreach (ManagementObject wmi_HD in searcher.Get())
           {
               if (wmi_HD["SerialNumber"] != null)
                   return wmi_HD["SerialNumber"].ToString();
           }

           return string.Empty;
       }

     
       private void lgnhwid_Click(object sender, EventArgs e)
       {

           System.Net.WebClient Wc = new System.Net.WebClient();
           string pplbanned = Wc.DownloadString("Web URL"); // Banned Hardware ID's from server
           string pplallowed = Wc.DownloadString("Web URL"); // Whitelisted Hardware ID's from server

           if (pplbanned.Contains(GetHDDSerial())) // this if statement checks if the System Hardware ID matches with the string from the server
           {
               MessageBox.Show("You have been banned from '[name]'!", Text, MessageBoxButtons.OK, MessageBoxIcon.Error);
               Environment.Exit(-1);
           }
           else if (pplallowed.Contains(GetHDDSerial()))
           {
               MessageBox.Show("You're allowed to use '[name]', Welcome.", Text, MessageBoxButtons.OK, MessageBoxIcon.Information);
               HWDI_Login frm = new HWDI_Login();
               frm.Show();
               this.Hide();
           }
           else
           {
               MessageBox.Show("You're not whitelisted, make sure you sent Your" +
                   " Hwid to [name] and you bought our [product].", Text, MessageBoxButtons.OK, MessageBoxIcon.Warning);
               Environment.Exit(-1);
           }
           
       }

       private void HWDI_Login_Load(object sender, EventArgs e)
       {
           var mbs = new ManagementObjectSearcher("Select ProcessorId From Win32_processor");  // Get System Hardware id
           ManagementObjectCollection mbsList = mbs.Get();
           string id = "";
           foreach (ManagementObject mo in mbsList)
           {
               id = mo["ProcessorId"].ToString();
               break;
           }

           System_HWDI.Text = "System Hardware ID: " + id;
       }

As already saw in comments, DO NOT TRUST WMI as it can be 'easily' spoffed.
And there is also other things, like user can modify the sending HWID to get inside.
Please use USERNAME + custom things, like windows's username, computer name, CPU, Battery's ID and hash it, then obfuscate your app.
And host the most you can in your webserver, and use it runtime, so if you see something wrong, you can stop them stealing your job ! ;)




USERS BROWSING THIS THREAD:  2 Guest(s)
"Join for the content, stay for the community."
© All Rights Reserved DemonForums.
© 2015-2017 / DemonForums
Server time: 05-22-2018, 02:15 AM (940 Days Online)