How to extract a unique identifier from a PC with PHP without PECL?

tags:

php
security

views:

answers:

+2 Q:

How to extract a unique identifier from a PC with PHP without PECL?

I need to distribute a PHP site and want to control the installation, to do this, I extract a unique identifier based on the hardware of the machine where it is installed and send it to a Web site for validation.

I want to find a way to extract the unique identifier without using the Win32 API PECL extension. How I can do this?

If you are planning on limiting where your app can be installed, you will have to encode it using something like Zend Guard. Otherwise, no matter what restrictions you put in place, they can be easily removed.

Heck, even having it encoded won't stop a determined user from getting to your source code.

quantumSoup 2010-07-25 18:50:48

ok, I turn to bytecode with Zend, but besides that, I need to extract data from the hardware to generate a unique identifier server

Darío 2010-07-25 18:55:24

@Dario so if your client changes the hardware somehow, the code is going to break? Uh-oh

quantumSoup 2010-07-25 19:05:48

Yes, thats is the idea

Darío 2010-07-25 19:09:22

Then just use the client's network mac as an identifier?

youssef azari 2010-07-26 13:15:50

Ok, perfect!I should get the server MAC with $ _SERVER ["HTTP_HOST"]How to extract the MAC address with PHP?PHP does not have a sentence to get the MAC addressThank you very much.

Darío 2010-07-27 16:06:30

Well... y create a function... function extraerMAC() { $MACexiste = false; $cadmac = `ipconfig /all`; echo $cadmac . " "; $macseparada = split("\n",$cadmac); foreach ($macseparada as $valor) { $valorSeparado = split(":",$valor); foreach ($valorSeparado as $linea) { if ($MACexiste) { echo "MAC : " . $linea . " "; return true; } if (trim($linea) == "Dirección física. . . . . . . . .") $MACexiste = true; } } echo " "; } extraerMAC();now I need to replace "Dirección física" by its English translation provided by ipconfigThank you very much.

Darío 2010-07-27 16:39:12

By extracting hardware information, you're necessarily rendering your 'identification' script hardware-specific. PHP's a bit too high level to provide such functions (e.g., you couldn't write a device driver in PHP, as the necessary software hooks aren't there).

The methods of getting physical fingerprints are going to be different for every OS and even hardware. A device present on an x86 PC might be named something else (or completely absent) on a PowerPC Mac). On Linux, you could use various bits from /proc, on Windows, you could try replicating the fingerprinting used by Microsoft for the Windows Activation, etc...

Basically you're opening a huge can of worms which was never closed too well to start with. It's software. If someone wants to steal your code, they can and will. Your protections have to be perfect for all eternity, they just need to find one hole to get everything.

Marc B 2010-07-25 18:59:46

PHP code will run on windows and sometimes on linux (/proc/). Linux is a simple task, but Windows is complicated me.

Darío 2010-07-25 19:12:40

NuShere's NuCoder allows you to encode and protect your PHP files with various options. One of those options is a unique hardware identifier it can generate for a system.

SourceGuardian is another tool that allows for good protection and is constantly updated. However, they only allow binding to license files, domains, IPs and MAC addresses, not hardware ids.

I've done extensive research in this area and use the the above two tools frequently. In my opinion they're much better and offer more protection than Zend Guard, for a significantly lower price point.

asnyder 2010-08-12 15:53:37

ansaurus

tags:

views:

answers:

How to extract a unique identifier from a PC with PHP without PECL?

related questions