• 0

VB6 - Creating Serial Number Code


Question

Hi guys, I'm back with a new question in continuation of my project ;)

  Quote
I'm creating a small project in Visual Basic 6 for a class I'm taking (Yes we have to create the project in VB6, teacher orders :) )

And so I'm creating a small VB6 Setup program to install a future program I might create...

I'm creating a form for a Serial Number, and it's basically done.

post-1303-0-52983300-1298679057.png

On user Serial number error:

post-1303-0-46329300-1298679084.png

So I have all fields set to setfocus when 5 characters are entered it jumps to the next text box, when 25 characters are inserted it unlocks the next button and runs an if to check the serial.

If the 25 characters don't match the serial, it gives the error msg..

Private Sub CMDNEXT_Click()

If TXTSERIAL1 = 11111 And TXTSERIAL2 = 11111 And TXTSERIAL3 = 11111 And TXTSERIAL4 = 11111 And TXTSERIAL5 = 11111 Then

    MsgBox "Test"
    Unload Me
    FRM04.Show

Else

     IMGWARNING.Visible = True
     LBLERROR.Visible = True
     CMDNEXT.Enabled = False

End If

End Sub

Now as you can see the Serial validation I made is fairly basic (I'm a VB6 noob :blush: ) and If I had to sell (remember this is just a personal project for a course) the program to 5 people, I have to enter 5 serials in the If cycle...

So I was wondering without creating too much complex code, is there a way of creating a random serial code creator ( In vb6, just another exe that creates basic 25 characters serial) , and use it in my project, like each field if it the combination of numbers makes 15 in a text box is valid or something ( did I make sense? :laugh: ) ?

Thanks guys :)

Link to comment
https://www.neowin.net/forum/topic/978416-vb6-creating-serial-number-code/
Share on other sites

11 answers to this question

Recommended Posts

  • 0
  On 26/02/2011 at 00:24, username(); said:

Wait - you are using VB6? Why??

I'm creating a small project in Visual Basic 6 for a class I'm taking (Yes we have to create the project in VB6, teacher orders :) )

And so I'm creating a small VB6 Setup program to install a future program I might create...

  On 26/02/2011 at 00:29, Subject Delta said:

If you really want to make your serial code potentially secure, wouldn't it be safer to base it on a serial algorithm, rather than a single set serial code?

I really don't have much free time to create any complex serial number generator, I have to deliver the project in some days. Remember this just a small project for a course :)

  • 0
  On 26/02/2011 at 00:32, Digitalfox said:

I'm creating a small project in Visual Basic 6 for a class I'm taking (Yes we have to create the project in VB6, teacher orders :) )

And so I'm creating a small VB6 Setup program to install a future program I might create...

I really don't have much free time to create any complex serial number generator, I have to deliver the project in some days. Remember this just a small project for a course :)

You need to come up with something to generate the serial numbers. I would do this if I was doing a class project: add up all the numbers/letters entered by the user, do some mathematical work. The serial is valid if the result is a predefined number. You can easily generate you 25-number serial keys, as long as the result is the number you want.

I hope this is clear as its 2am here and I am kinda tired :)

PS: don't use vb6 to write your setup program, learn something like WIX (Windows Installer Toolkit) or NSIS (Nullsoft's Installer). They can come in handy when distributing your software.

  • 0

Why don't you just use "key". You take that key and use a random number generator based off the work or value in the key. Then using the value generated, you can then use that value that was generated as part of your serial number, and you would include the random number that was chosen to do a mathmatical operation to generate you the value. I don't know how to explain this in sentences so here it is simply:

(with PHP variables lol)

$key = "ILikeCake"

$random_number = random_number_function();

(convert $key to a number value somehow here. Its been years since I've coded anything at all, let alone write a "hello world" application, so bear with me);

$serial= $key * $random_number; (Muliply your key by the random number generated)

$serial = $serial +$random_number (Add the random number that was generated to the beginning, middle, or end of your previous serial number generated the step above, or even mix it into your serial number somehow)

Now at the end, when you verify a serial number, the only constant variable to check for is, when you reverse your math equation used to create the serial number, you make sure it equals the original key "ILikeCake". If somebody tries to change a value of the serial number, eg enter a wrong one, when you perform the decrypt operation you could write, it would not find the original word of "ILikeCake".

So reverse:

Now you need to get the random number from the serial number entered. Wherever you decide will be the random number spot, locate it and read the number into a variable.

Divide serial by random number (the remaining portion of the serial number, NOT THE RANDOM NUMBER PART OF IT!!)

Now you will compare the value of the serial devided by the random number portion, and see if it equals ILikeCake.

I'm sorry to explain this bad, I could make a PHP version in about an hour, however it would be of no use to you. I'm not good at explaining, just doing.

  • 0

This kind of thing is typically done with 3 components: a random component, an optional flagged (feature) component, and a checksum component. The random part is, as the name implies, just some random bytes. The flagged feature component is a set of flags (enums) that map to a particular set of features in your application (for example, the hex value 0x01 might map to ENTERPRISE_EDITION, and 0x02 might map to PERSONAL_EDITION), and are then optionally transformed with the random bytes (by XOR them, for example, though this isn't necessary). The flagged feature component, of course, is entirely optional. The checksum component simply validates the rest of the serial number. For example, if my serial number is 1234-10, the "1234" might be the serial portion, and the "10" is the checksum (in this case, the sum of the individual serial components). So the serial "2345-14" would be another valid serial number. "3456-11" would be invalid. That's how the Post Office validates delivery-point bar codes; the last digit is the sum of the rest of the bar codes digits modulo 10. The random component makes it so that the same feature set creates different checksums.

DON'T LISTEN TO ANYBODY WHO TELLS YOU THAT SIMPLE CHECKSUMMING ISN'T SECURE. Of course it's not, nor is it meant to be! You CANNOT secure a serial number. Microsoft, Adobe, Autodesk, and everybody else cannot do it, so neither can you.

If you want to force somebody to have to patch your application in order to generate serial numbers, you have to digitally sign each serial with a private encryption key, embed the public encryption key in the application, and validate the digital signature of the serial number on each startup. This is what companies like Jetbrains, Atlassian, PGP, etc, do with their serial numbers. In order to crack them, you have to either A) deduce the private key (which is possible with JetBrains since they only use 512-bit RSA keys), B) replace the embedded public key with your own so that you can use your rogue private key to digitally sign serial numbers, or C) patch the program to skip the digital signature validation step. Here is an example of how the Qt configure script checks license keys for various features (it's written in C, but the idea is the same). You can see from line 133 that if the 4th part of the serial number contains "F4M" and the first character of the serial is "F", then you have the COMMERCIAL type and the UNIVERSAL edition.

I hope this provides enough info for you to complete your task. Your first 5 characters could be random, the middle 15 characters could be whatever you want them to be (even more random ones if you want), and the last 5 characters could be a checksum of the other 20. Keep things simple and remember that you cannot prevent somebody from deducing your serial generation algorithm; it's not possible.

  • 0

Thanks guys :)

Here's what I been abbe to do, a small key-gen for creating serials to use on my little project...

post-1303-0-21154000-1298729340.png

But I'm obviously screwing this up, cause Serial any Serial5 should never have less that 5 characters or more than 5 characters...

But sometimes the program just locks after working for 7 or 8 Serials been generated.... :\

I feel such a noob on this.... :(

Dim varSerial1 As Integer
Dim varSerial2 As Double
Dim varSerial3 As Double
Dim varSerial4 As Double
Dim varSerial5 As Double

Private Sub CMDGENERATE_Click()

TXT1.Text = ""
TXT2.Text = ""
TXT3.Text = ""
TXT4.Text = ""
TXT5.Text = ""

varSerial1 = 0
varSerial2 = 0
varSerial3 = 0
varSerial4 = 0
varSerial5 = 0

Randomize

Do While varSerial5 < 10000 And varSerial5 > 99998

  'Serial 1
  Do While varSerial1 < 10000
    varSerial1 = Int(Rnd * 63000) / 2
  Loop

  'Serial 2
  Do While varSerial2 < 10000
    varSerial2 = Int(Rnd * 99998) 
  Loop

  'Serial 3
  Do While varSerial3 < 10000
    varSerial3 = Int(Rnd * 99998) 
  Loop

  'Serial 4
  Do While varSerial4 < 10000
    varSerial4 = Int(Rnd * 99998) 
  Loop

  'Serial 5
  varSerial5 = varSerial3 + varSerial2 + varSerial1 - varSerial4

Loop

TXT1.Text = varSerial1
TXT2.Text = varSerial2
TXT3.Text = varSerial3
TXT4.Text = varSerial4
TXT5.Text = varSerial5

End Sub

  • 0

If the goal is just to create a setup program, I would leave out all the key verification code. Simply have stubs that always return true for the various functions if you want to have it in there at all. That code would generally be application-specific anyway and not part of the generic setup program itself anyway.

If you can manage, I would also make a very basic script file that tells the installer what to do instead of hard-coding it. Basically a file that contains the content of the various setup screens and what the program does in response to actions (ie copy a list of files or whatever.)

I do understand that this might be more complicated than you have time for, but I would rather spend my time on this than key generation/validation stuff, and I'd wager that whoever has to grade the project would think the same. It doesn't have to be advanced, just the bare minimum you can get away with to make the setup program somewhat "generic." It doesn't make much sense to be missing basic parts like that but have advanced features like key validation.

If you really do need the key stuff, you have to remember that you can't just arbitrarily decide to have a key made up of 5x5 characters. They have to actually mean something, not just be random numbers. You can't copy the format of a Microsoft (or whoever) key without understanding why it has that format. Start from scratch with something basic.

  • 0

Well after a bunch of hours the Serial part (The Serial Generator I created and the code on the Setup to accept the Serials ) It's working, even better than I expect it ;)

Thanks everyone for your help :)

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • AliExpress faces EU crackdown, makes promises to fight illegal products by Paul Hill The European Commission has taken two significant actions against the Chinese online marketplace AliExpress under the Digital Services Act (DSA) in a bid to enhance user and consumer safety online. The first action was to get AliExpress to commit to several legally binding commitments to address issues related to advertising and recommender systems. The second action was the publication of preliminary findings which found that AliExpress had breached obligations regarding the spread of illegal products. AliExpress can now respond to the Commission but if the broken rules are confirmed then AliExpress can expect to be fined. The Digital Services Act is a new tool that the EU has to regulate large online platforms. It aims to level the business playing field, protect fundamental rights of users, create a safer digital space, and improve transparency from businesses. AliExpress's pledges: More transparency, safer shopping As part of the pledges made by AliExpress, it will do more to monitor and detect illegal products such as medicines, food supplements, and adult material propagated through hidden links and affiliate programs. To help flag illegal items, AliExpress has promised to improve its notice and action mechanism. Other pledges include enhancements to the internal complaint handling system; more transparency for advertising and recommender systems; better traceability of traders on the platform; and improved data access for researchers. By implementing these rules, the European Commission hopes it can make AliExpress safer for registered and non-registered users by limiting the exposure to illegal content. Deep dive into AliExpress's alleged failures With regards to the preliminary findings, the Commission found that AliExpress had underestimated the risks because it had not allocated enough resources to moderation systems for illegal products. It also found that the company had failed to consistently enforce its penalty policy against those publishing illegal content. The Commission also discovered systemic failures in AliExpress’s proactive content moderation systems that allowed malicious traders to continue to operate or start operating on the platform. AliExpress is designated as a Very Large Online Platform (VLOP) which means it has to meet certain standards set out by the EU. The aforementioned violations are against the quality of operation that the EU expects from VLOPs. The company now has the right to defend itself against the EC’s findings, it can examine the documents and reply in writing, but if the findings are confirmed, AliExpress could face fines and be required to submit an action plan.
    • Author/Neowin... The title is incorrect and misleading... By the official blog post, it's not "indefinitely". There's a clear statement that development continues with a few specific target areas, and a new release date TBD and announced later. If it is later announced to be cancelled or delayed indefinitely, that's another story.
    • I hate Microsoft. My parents almost lost all drive content. As senior citizens they are unable to follow constant "improvements" Microsoft is dropping on its users. My mother's laptop is normally unlocked with a PIN. It is unexplicable for non-It person, that there is some cloud mictosoft account, that has a different password than the Pin and user ID is e-mail, but not necessarily normal Gmail addree, and even if the person knows this email address the password is not the password used for this email account. Just too much of twists. Suddenly her laptop ordered entering "decryption key" before booting. It was miracle we managed to guess email address associated with the PC that was used for Microsoft account. She would had lost everything on the drive. Why are they doing this? Privacy may be important for some people, but data loss is much more important for most of the people.
    • Yesterday I've got a notification that Windows Hello couldn't recognize me and asked if I would like to improve it after I manually entered my PIN in the dark If it weren't for an article like this, I would still think that there's something wrong with my camera. I can just imagine how many people are not reading tech news and are still confused.
  • Recent Achievements

    • First Post
      xuxlix earned a badge
      First Post
    • First Post
      Tomek Święcicki earned a badge
      First Post
    • One Year In
      carlitin86 earned a badge
      One Year In
    • Reacting Well
      Peterlll06 earned a badge
      Reacting Well
    • Week One Done
      Peterlll06 earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      671
    2. 2
      ATLien_0
      284
    3. 3
      Michael Scrip
      223
    4. 4
      +FloatingFatMan
      192
    5. 5
      Steven P.
      145
  • Tell a friend

    Love Neowin? Tell a friend!