ionCube Logo
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 


 
Post new topic   Reply to topic    ionCube Forum Index -> ionCube PHP Encoder

How ioncube securly obtains MAC address

Author Message
nulled
Guest





PostPosted: Mon Jan 31, 2005 5:23 pm    Post subject: How ioncube securly obtains MAC address Reply with quote

Hello,

Great job on the encoder. I was wondering how secure is it in getting the MAC address of a server. And IP address for that matter.

Does it just look in /proc? As well as the IP address getting.

thanks
HAPPY customer
matt
Back to top
liaison
ionCube Support


Joined: 16 Dec 2004
Posts: 2788

PostPosted: Mon Jan 31, 2005 6:43 pm    Post subject: Reply with quote

Hi Matt, and thanks for a good question and your comments.

The Encoder does not look in /proc. As well as possible security issues, the proc file system isn't guaranteed to be there or to be able to yield the necessary details. The Encoder also doesn't run any external programs to do this as doing so would be trivially easy to hijack.

The detection is written using low level code, and is highly operating system specific. Linux is the most straightforward, but some systems, such as FreeBSD, require some pretty obscure code to return the information. IP address information is also returned using low level calls.
_________________
Community Admin
Back to top
View user's profile Send private message
just1question



Joined: 21 Sep 2005
Posts: 1

PostPosted: Wed Sep 21, 2005 3:44 pm    Post subject: Q about mac address Reply with quote

nick wrote:

The detection is written using low level code, and is highly operating system specific. Linux is the most straightforward, but some systems, such as FreeBSD, require some pretty obscure code to return the information. IP address information is also returned using low level calls.


Hi
Is it possible to 'fool' detection by changing mac address like this...
http://en.wikipedia.org/wiki/MAC_address#Changing_MAC_addresses
What I want is.. can you explain a bit this: 'detection is written using low level code' Does this low level code obtain physical mac address no matter what tricks have been done with operation system?

thanks
Back to top
View user's profile Send private message
liaison
ionCube Support


Joined: 16 Dec 2004
Posts: 2788

PostPosted: Wed Sep 21, 2005 5:16 pm    Post subject: Reply with quote

Without integrating into the Kernel directly, and let's face it, a product of this type that requires you rebuild your operating system isn't going to fly, you're at the mercy of any tricks that change what the OS reports. For some people, it's bad enough that they may have to make a simple one line change to a ocnfiguration file to use encoded files!

What the Loader does is to go to go in at the lowest level possible for a user space application, and generally the MAC protection is going to be effective, particularly when combined with other checks. We tried some time ago to change MAC address in the way that article described, and in fact it didn't even work for us. It's also the case that for many users even changing the system clock isn't possible, let alone MAC address, and for users on a system where they could theorhetically change it, doing so may not be practicable. There can be a big difference between playing around on a test bed, and being on a real live system.

In general, and particularly where open source software is involved, there are limits on what can be done that cannot also be undone or worked around. With that in mind, one must strive to ensure that the effort required to undo features or the implications of doing so are a strong deterrent or preventative measure for most people. The encoding techniques themselves are a good example of this.

With PHP being opensource, the strength of any encoding system is determined by the form that the encoded files are restored to at runtime. There are several encoding systems on the market that claim "bullet proof encoding" and "crack proof code", but these claims are easily shown to be effectively false as they rely on restoring source code at runtime, and accessing this restored code is trivial. In contrast, using compiled code gives a much greater strength as the restored data at runtime is still obscure binary data, and not source code. Even if a hacker experienced with PHP internals were able to access the restored binary compiled code, it is substantially non-trivial to recreate what the source code could have been from the compiled code.
_________________
Community Admin
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    ionCube Forum Index -> ionCube PHP Encoder All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum