Sign in to follow this  
CJWR

creating a code key system for my game

Recommended Posts

alright, i'm making a game i intend to sell (i don't know if it will or not, but that doesn't matter). Now, the easiest way by far to have people buy my game would be through paypal or credit card over the internet. So what i want to do is allow people to download my entire game, but unless they have a key, only play the beginning part of it (a demo if you will). Now of course i can't simply have one key, or once one person buys the game, he or she could give everyone in the world the key (in thoery). So i need my game to check when it is started if it already has a key. If it does, all is well, the user paided for the game and has full access. If it doesn't have a key, it checks if it has a code (that the user sends to me, so that i can give them the correct key). If has a code, it tells the user the code so that hopefully he or she will buy the game, and allows the user to play the beingning of the game only. If it doesn't yet have a code, it will create a code and tell the user the code so he or she will hopefully buy the game. now my question is, i need the game to create a code that if i enter into another program i will write, will give me a key. which i can then give to the user so that he or she has access to the full game. So for every code x, i need a key y. what mathimatial fomula will allow me to do this? i've seen it done in other games, so i know it can be done. thank you for your time and any help you can give me. EDIT: i'm going to try to explain this in more detail of what is going on. my game creates the code 123. now my game knows (but the user doesn't) that the correct key for this is 456. now when i enter the code 123 into my decoder (if you will) program, it produces the key 456. but i need millions of different codes and keys. so i need a mathimatial fomula to produce them. hope that helps.

Share this post


Link to post
Share on other sites
Experienced crackers will have no trouble bypassing this, but if it's a small game it probably won't draw a ton of crackers. If you're going to do it, I wouldn't worry too much about it being a great algorithm, since if one was going to crack it they would simply bypass the check of the code. Therefore as long as your algorithm produces semi-unique numbers you should be fine.

Something as simple as (gamecode << a) - (gamecode % b) + c for some constants a,b,c should generate reasonable values.
[large# for gamecode, b and c, small# for a]

PS. I'd also recommend not packaging all resources, for example if it's a puzzle game don't ship levels 10-100 or in some other kind of game don't ship all the graphics needed for the full game.

Share this post


Link to post
Share on other sites
Quote:
Original post by CJWR
why would experenced crackers have no problems bypassing this though?


Because thats what they do and they are usually very good programmers too. Think cyber vandals. If you game check is in a function, all I have to do is bypass that function call, by finding it's address and making sure that it always returns a correct code. One tip is to inline all your game check codes, so it's harder to find the function. Also if you have plenty of checks, rewrite the code slighty so pattern search won't work.

There is this Gamasutra article which has some good tips on protecting a game - <

Keeping the Pirates at Bay:
Implementing Crack Protection for Spyro: Year of the Dragon

Share this post


Link to post
Share on other sites
You could make a program that takes the customer's name (eg. what's on the credit card) and outputs a code that you can send by email. Then the customer will type their name and the code into the game. If they match then it knows it's registered. This will discourage people from giving out their registration codes because they'll also have to give out their names.

I frankly wouldn't worry too much about "elite hackers" breaking your code, as there's no prestige in cracking a small-time shareware game and no motivation to do so if all you need is a valid key code.

Share this post


Link to post
Share on other sites
Actually, even I could crack that and I only play with crackmes now and then.

You see, where you compare the key it comes to something like this in ASM:

EAX = The key you entered
EBX = The correct key

cmp EAX, EBX
jne NotCorrectCode//Just change this to a je and it will except any code (as long as it's not the right one)
//Say thanks for registering!

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Why do you think there are a bazillion key generators out there? Don't follow in
the footsteps of slaughtered cattle.

Think before you waste your time with it. There are better ways to use a code,
such as making it part of asymmetrical encryption algorithm that is locked to the
person's hardware. Can't distribute it, can't create a key generator for it.

Share this post


Link to post
Share on other sites
A graduate of my college hacked into the root account of our file systems about 5 years ago and mixed stuff up, then presented the school with the fix for the system to prevent such attacks. He came back for a guest lecture and demonstrated this. I bought his book. Haven't had a chance to read it yet though, so I don't know if it will help.

Share this post


Link to post
Share on other sites
I would actually say, use a keycode or something simple, as previously pointed out, if someone wants to crack it they will, they even crack common cd protections in matter of minutes.

And I've seen many many great (unknown) games which are not cracked at all, because they aren't of any value. Perhaps, is a little cracking really that bad (I don't speak for it), as a game being cracked means publicity, and publicity is always good for an unknown game. (and most of the people who download games never intended to buy them anyway)

Just a thought.

Share this post


Link to post
Share on other sites
Quote:
Original post by CJWR
it is an adventure game (think old zeldaish).

why would experenced crackers have no problems bypassing this though?


if(keycodeisvalid(code){
playgame
}
else {
exit()
}

is translated to (psudoasm)

Set reg1, code
goto 123456
jz reg1, exit

You change that jz to jnz, and your game will only run for bad codes.

And its pretty simple to check. (just wait for it to go to exit, then you trace what it did beforehand).

Google softice.

From,
Nice coder

Share this post


Link to post
Share on other sites
Your best off using a software package that does this for you something ASPack, Aramadillo, or some sort of Dongle system. Any cracker can simply bypass your code you need something strong doing it while also protecting it. I suggest you research your anti piracy software packages available.

How ever if you dont want to do that at least add in a few of these snipplets of code to screw with crackers heads.

__asm
{
__emit 0xEB; // JMP SHORT instruction
__emit 0x01; // JUMP over the next opcode
__emit 0xEB; // Random opcode here in this case its JMP
// It will be skipped over and code after will be executed
// but this encapsulates the asm into an instruction thus
// making it confusing.
}





[Edited by - DevLiquidKnight on July 1, 2005 7:09:08 AM]

Share this post


Link to post
Share on other sites
wow, i think maybe i'll just have 2 versions, this is a lot harder to do safely than i thought it would be. thank you all for all your help.

Share this post


Link to post
Share on other sites
Yeah, IMHO your best bet is to offer a demo for free and if they pay give them a download link to a secure pasworded server. But you should also protect that by only allowing it to be installed only once.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this