VMProtect Software » Forum

Posted: **Fri Jun 17, 2022 4:35 am**

I plan to use activation code to limit my software to be installed in at most 3 different hardwares.
I plan to compare hwid base64 string returned by VMProtectGetCurrentHWID() to do the detection for simplicity.
But when I look into the weblm code. (I bought web license manager as well as vmprotect ultimate version). I saw this sql:

$sql = "SELECT licenseid, SUM(value) as c FROM " .
"(SELECT DISTINCT h.licenseid, h.type, CASE h.type WHEN 0 THEN 10 ELSE 1 END AS value FROM " .
"{$DB_PREFIX}hwdata h LEFT JOIN {$DB_PREFIX}licenses l ON h.licenseid=l.id WHERE " .
"l.activationid=" . Sql($act->id) . " AND l.blocked='0' AND h.value IN (" . Sql($hwdata) . ")) as t " .
"GROUP BY t.licenseid HAVING c>=12 ORDER BY c DESC LIMIT 1";

From my understanding, hwid (base64 decoded) is a collection of 4 bytes devices. From my own computer and some samples, hwid normally has less than 12 devices. So it means if type 0 device matches and 2 more devices match, the hardwares are considered equal. (Correct me if my understanding is incorrect)

So my questions:
1. What is this type 0 device?
2. If user does some minor change to the hardware, simply do hwid base64 string comparison would return different? It could annoy users.
3. If user reinstalls the same windows OS, would hwid returns the same?
Thanks.

Posted: **Mon Jun 20, 2022 7:35 am**

I forgot to ask a more important question:
4. Is VMProtectGetSerialNumberState() function, the part to check hwid, i.e. returns SERIAL_STATE_FLAG_BAD_HWID has the SAME logic as that in activation system, i.e. the previous sql listed?
If true, please ignore question 2, it's meaningless to do hwid encoded string comparison.

Posted: **Tue Jun 21, 2022 1:06 pm**

The $sql is too complex and make the problem too complex. I've implemented a php function which works the same as the sql which should make things simpler.

Please check the other topic:
viewtopic.php?f=2&t=27592

Posted: **Tue Jun 21, 2022 3:31 pm**

1. What is this type 0 device?

0 = CPU
1 = HOST
2 = MAC
3 = HDD

2. If user does some minor change to the hardware, simply do hwid base64 string comparison would return different? It could annoy users.

Don't compare HWIDs by value. HWIDs are needed only for compare inside VMProtectSetSerialNumber.

3. If user reinstalls the same windows OS, would hwid returns the same?

Probably HDD will be changed.

4. Is VMProtectGetSerialNumberState() function, the part to check hwid, i.e. returns SERIAL_STATE_FLAG_BAD_HWID has the SAME logic as that in activation system, i.e. the previous sql listed?

Here is C sources of compare HWIDs that called by VMProtectSetSerialNumber:

Code: Select all

bool HardwareID::IsCorrect(uint8_t *p, size_t size) const
{
	if (p == 0 || size == 0 || (size & 3)) 
		return false;

	bool equals[4];
	bool found[4];
	for (size_t i = 0; i < 4; i++) {
		equals[i] = false;
		found[i] = false;
	}

	size_t blocks = size / sizeof(uint32_t);
	uint32_t *d = reinterpret_cast<uint32_t *>(p);
	for (size_t j = 0; j < block_count_; j++) {
		uint32_t id1 = blocks_->GetDWord(j * sizeof(uint32_t));
		found[id1 & 3] = true;
		for (size_t i = 0; i < blocks; i++) {
			uint32_t id2 = d[i];
			if (id1 == id2) {
				equals[id1 & 3] = true;
				break;
			}
		}
	}

	// check CPU
	if (!equals[0])
		return false;

	// check if at least 3 items are OK
	size_t n = 0;
	size_t c = 0;
	for (size_t i = 0; i < 4; i++) {
		if (found[i])
			c++;
		if (equals[i])
			n++;
	}
	return (n == c || n >= 3);
}

Posted: **Wed Jun 22, 2022 3:28 am**

Thanks for the reply. The source code explains many things.

VMProtect Software » Forum

Compare hwid base64 string to detect hardware change

Compare hwid base64 string to detect hardware change

Re: Compare hwid base64 string to detect hardware change

Re: Compare hwid base64 string to detect hardware change

Re: Compare hwid base64 string to detect hardware change

Re: Compare hwid base64 string to detect hardware change