Encrypt a script with an expiring password?

Get help with using AutoHotkey and its commands and hotkeys
Posts: 84
Joined: 29 May 2018, 15:10

Encrypt a script with an expiring password?

21 Oct 2018, 16:23

The thing is:
Let's say I created some nice script.
in fact in my opinion it's so good that I could sell it (is this okay with AHK rules and stuff?)

but I dont feel like seeling it once.
I wanna sell it more or less on a subcription basis.

so if you wanna use it, you pay for example a fixed fee per month.'
So it would be good if there was some kind of mechanism with an expiring password.

by itself this isnt a thing with autohotkey.

could this be somehow programed?

I think of this like having a different password every month.

and obviously the script should only be accessible if the user has the password.

which I sell him. like buying the current month's password for 10 bucks.

concerning the how:
I think of having it split in 2 parts, like the lock mechanism with the private key public key stuff.

the user gets a password p1.
when running the script, he enters said password.
that password is sent to a website which is controlled by me and contains a p2.

like the password from the user+the password from the website are oput together, somehow processed with some calculations.
and depending on the result a certain number or feedbakc is sent back to the script.
and only if that feedback is a certain one, then the script will run.
otherwise it refuses and just closes.

what I mean as an example:
on my page,for the current month the number 123 is displayed.
the user gets sold the current months password which is for example 234.

now when he enters the password in the script and the script sents the password to my webpage, the 2 numbers a and b are for example calulated like this:
k=last digit((a+b)/(a*b))

if k is for example 1 (cause i defined that as the okay condition) then "password correct" is sent back to the script.
then the script starts. if "not okay" is sent isntead, the script refuses to play, closes and maybe even deletes itself.

anyways, the important part is that ther are 2 parts, the publicly available one (public key) and the private one whcih is sold.

and they have to fit together cause only then my webpage will give them the okay.
and the script wont run without the okay.

obviously the how of the script has to be chosen carefully so that random guesssing (or somehow fiuring out the encryption) isnt possible.

normally only normal people would buy the script from me.
so a "normal" encryption thing might be good enough.

anyways people might get the idea:
well let's open it in the editor, just the delete the whole part about checking passwords before running, and have it for free forever.

I somehow want to make sure that this can never happen.

so having it as a normal script aint good enough.
perfect would be a normal exe which under normal circumstance cant be reverted back to its sourcecode.

bu I have no idea how to do that.

Another way of the password working could be:
to activate the script, you do the same as above:
enter the password, get feedback from the website.
as soon as the positive feedback is given from the website,
the script gets the current time from somewhere and starts a 1 month timer.
once that timer runs out (for example by comparing the time of the execution of the scrypt with the current time)
it wont work without new "activation" via a password.

So the password is also used once at the start to "activate" the script, therefor start the 1 month timer.
After that the script is run normally.
and it will stop working once the internal timer has run out.

anyways both implementing the wholepassword mechanism as well as the source code protection thing is beyond me.
Ayone any idea how to do that?

best would be if the ready to use script could be turned into an .exe file which's code cant be read or anipulated ast all.
just as it is with most .exe files.

Return to “Ask For Help”

Who is online

Users browsing this forum: Google [Bot], songdg and 25 guests