Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- About the license, I thought of the following record construction:
- Example user data:
- Username: softtouch
- Email: info@ssdnet.biz
- TID: 12345678901234567
- Getting a hardware fingerprint generated from the HDD serial (or volume serical if not available) and the Windows machine id
- Example data:
- HDD serial: 0025_3842_41A0_A5F5.
- Windows machine id: D61008B1-B020-4BA6-881C-B90E1F248373
- Both hashing with bobjenkins:
- HDD serial: 887A2542
- Windows machine id: 6436DAF1
- Hashing user data:
- softtouch: 3F9F9499
- info@ssdnet.biz: 0C38FAE3
- 12345678901234567: 86DDC5CF
- Joining all the 5 parts:
- 3F9F9499-0C38FAE3-86DDC5CF-887A2542-6436DAF1
- The credential store in Windows would hold the following record after the user send the activation request:
- Target: ScrapeLinker
- Username: SLUser
- Password: softtouch::info@ssdnet.biz::12345678901234567::3F9F9499-0C38FAE3-86DDC5CF-887A2542-6436DAF1 (this will be encrypted!)
- (the password is not visible in the credential store)
- When we lookup the users license, we would send just the hardware fingerprint 3F9F9499-0C38FAE3-86DDC5CF-887A2542-6436DAF1
- But first, we would locate the record in the credential store and check if the stored machine id match the current computer.
- Then we loop through all returned user records( should be normally just 1) to find one where username, email etc. match the record in the credential store.
- If we found a record in the credential store, but none returned from the server, then the activation request was sent but the license is not activated yet.
- In that case, user cannot resubmit an activation request.
- Ideas? Something unclear or something need to be changed?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
