Currently, I store in excess of 70 emails with their respective passwords and their hardware ID on my FTP server (as of now on this site, I am unable to login to AHK.net's FTP server, and I do not believe it is related to AHK.net itself being down since I had issues far before the site going down), the info is stored with TEA encryption. When logging in, it downloads the file, sees if the user info isn't correct, or the user is logged in on another pc, it will obviously lock them out. So my first question you might have guessed is if I will be able to use AHK.net to store my file again, it always claims my password is incorrect although I login to the site within the browser and it works fine. Second, is there any other more efficient/secure alternatives to my current method?
FTP Login Methods
Started by
dylan904
, Jul 24 2012 02:47 AM
7 replies to this topic
#2
Guests
-
- Guests
Posted 24 July 2012 - 04:15 PM
As it will only take a few seconds to decompile your script bypassing your security check is a very easy to do - so why bother with such "extensive" security checks, also what if the ftp or other site is down - it will make your program unusable and you'll be stuck with unhappy users - rethink your strategy.
#3
dylan904
-
- Members
- 706 posts
Posted 24 July 2012 - 06:00 PM
Well of coarse i would encrypt it considering FTP is unsecure in and of itself, so if anybody snatching FTP files wouldn't so easily be able to decipher. My FTP site guarantees a 99.9999999% up-time, and I have once come across a time i was unable to retrieve a file. Anyways, this is a post seeking suggestions. If you are to be so vague in your post, how is it helping anyone?
#4
Guests
-
- Guests
Posted 24 July 2012 - 06:28 PM
Your ftp settings are in your compiled script correct? Decompiling leaves your ftp settings out in the open + it would be very easy to simply comment your "check for registered user" section of your script as well. And nobody can predict the "uptime" of a service for too long, your ftp hoster could go bust.
#5
dylan904
-
- Members
- 706 posts
Posted 24 July 2012 - 07:32 PM
Again, I've come for any specified alternative methods, not criticism.
#6
Guests
-
- Guests
Posted 24 July 2012 - 07:40 PM
Whatever. Just saying you are wasting your time and money on something that you can not protect (the scripts source code).
#7
dylan904
-
- Members
- 706 posts
Posted 25 July 2012 - 04:19 PM
Is any .exe safe from decompilation?
If not, then that's the point. I'm trying to do what I can to protect my script.
If not, then that's the point. I'm trying to do what I can to protect my script.
#8
gamax92
-
- Members
- 410 posts
Posted 25 July 2012 - 04:36 PM
Well to protect my exe's, I exe compress the file, then hex edit out the line that says X.XX UPX at the very beginning. It might also say UPX0 and UPX1, get rid of those as well.
The exe still runs, but upx complains on decompression.
The exe still runs, but upx complains on decompression.
