• 0

VB6 - Creating Serial Number Code


Question

Hi guys, I'm back with a new question in continuation of my project ;)

  Quote
I'm creating a small project in Visual Basic 6 for a class I'm taking (Yes we have to create the project in VB6, teacher orders :) )

And so I'm creating a small VB6 Setup program to install a future program I might create...

I'm creating a form for a Serial Number, and it's basically done.

post-1303-0-52983300-1298679057.png

On user Serial number error:

post-1303-0-46329300-1298679084.png

So I have all fields set to setfocus when 5 characters are entered it jumps to the next text box, when 25 characters are inserted it unlocks the next button and runs an if to check the serial.

If the 25 characters don't match the serial, it gives the error msg..

Private Sub CMDNEXT_Click()

If TXTSERIAL1 = 11111 And TXTSERIAL2 = 11111 And TXTSERIAL3 = 11111 And TXTSERIAL4 = 11111 And TXTSERIAL5 = 11111 Then

    MsgBox "Test"
    Unload Me
    FRM04.Show

Else

     IMGWARNING.Visible = True
     LBLERROR.Visible = True
     CMDNEXT.Enabled = False

End If

End Sub

Now as you can see the Serial validation I made is fairly basic (I'm a VB6 noob :blush: ) and If I had to sell (remember this is just a personal project for a course) the program to 5 people, I have to enter 5 serials in the If cycle...

So I was wondering without creating too much complex code, is there a way of creating a random serial code creator ( In vb6, just another exe that creates basic 25 characters serial) , and use it in my project, like each field if it the combination of numbers makes 15 in a text box is valid or something ( did I make sense? :laugh: ) ?

Thanks guys :)

Link to comment
https://www.neowin.net/forum/topic/978416-vb6-creating-serial-number-code/
Share on other sites

11 answers to this question

Recommended Posts

  • 0
  On 26/02/2011 at 00:24, username(); said:

Wait - you are using VB6? Why??

I'm creating a small project in Visual Basic 6 for a class I'm taking (Yes we have to create the project in VB6, teacher orders :) )

And so I'm creating a small VB6 Setup program to install a future program I might create...

  On 26/02/2011 at 00:29, Subject Delta said:

If you really want to make your serial code potentially secure, wouldn't it be safer to base it on a serial algorithm, rather than a single set serial code?

I really don't have much free time to create any complex serial number generator, I have to deliver the project in some days. Remember this just a small project for a course :)

  • 0
  On 26/02/2011 at 00:32, Digitalfox said:

I'm creating a small project in Visual Basic 6 for a class I'm taking (Yes we have to create the project in VB6, teacher orders :) )

And so I'm creating a small VB6 Setup program to install a future program I might create...

I really don't have much free time to create any complex serial number generator, I have to deliver the project in some days. Remember this just a small project for a course :)

You need to come up with something to generate the serial numbers. I would do this if I was doing a class project: add up all the numbers/letters entered by the user, do some mathematical work. The serial is valid if the result is a predefined number. You can easily generate you 25-number serial keys, as long as the result is the number you want.

I hope this is clear as its 2am here and I am kinda tired :)

PS: don't use vb6 to write your setup program, learn something like WIX (Windows Installer Toolkit) or NSIS (Nullsoft's Installer). They can come in handy when distributing your software.

  • 0

Why don't you just use "key". You take that key and use a random number generator based off the work or value in the key. Then using the value generated, you can then use that value that was generated as part of your serial number, and you would include the random number that was chosen to do a mathmatical operation to generate you the value. I don't know how to explain this in sentences so here it is simply:

(with PHP variables lol)

$key = "ILikeCake"

$random_number = random_number_function();

(convert $key to a number value somehow here. Its been years since I've coded anything at all, let alone write a "hello world" application, so bear with me);

$serial= $key * $random_number; (Muliply your key by the random number generated)

$serial = $serial +$random_number (Add the random number that was generated to the beginning, middle, or end of your previous serial number generated the step above, or even mix it into your serial number somehow)

Now at the end, when you verify a serial number, the only constant variable to check for is, when you reverse your math equation used to create the serial number, you make sure it equals the original key "ILikeCake". If somebody tries to change a value of the serial number, eg enter a wrong one, when you perform the decrypt operation you could write, it would not find the original word of "ILikeCake".

So reverse:

Now you need to get the random number from the serial number entered. Wherever you decide will be the random number spot, locate it and read the number into a variable.

Divide serial by random number (the remaining portion of the serial number, NOT THE RANDOM NUMBER PART OF IT!!)

Now you will compare the value of the serial devided by the random number portion, and see if it equals ILikeCake.

I'm sorry to explain this bad, I could make a PHP version in about an hour, however it would be of no use to you. I'm not good at explaining, just doing.

  • 0

This kind of thing is typically done with 3 components: a random component, an optional flagged (feature) component, and a checksum component. The random part is, as the name implies, just some random bytes. The flagged feature component is a set of flags (enums) that map to a particular set of features in your application (for example, the hex value 0x01 might map to ENTERPRISE_EDITION, and 0x02 might map to PERSONAL_EDITION), and are then optionally transformed with the random bytes (by XOR them, for example, though this isn't necessary). The flagged feature component, of course, is entirely optional. The checksum component simply validates the rest of the serial number. For example, if my serial number is 1234-10, the "1234" might be the serial portion, and the "10" is the checksum (in this case, the sum of the individual serial components). So the serial "2345-14" would be another valid serial number. "3456-11" would be invalid. That's how the Post Office validates delivery-point bar codes; the last digit is the sum of the rest of the bar codes digits modulo 10. The random component makes it so that the same feature set creates different checksums.

DON'T LISTEN TO ANYBODY WHO TELLS YOU THAT SIMPLE CHECKSUMMING ISN'T SECURE. Of course it's not, nor is it meant to be! You CANNOT secure a serial number. Microsoft, Adobe, Autodesk, and everybody else cannot do it, so neither can you.

If you want to force somebody to have to patch your application in order to generate serial numbers, you have to digitally sign each serial with a private encryption key, embed the public encryption key in the application, and validate the digital signature of the serial number on each startup. This is what companies like Jetbrains, Atlassian, PGP, etc, do with their serial numbers. In order to crack them, you have to either A) deduce the private key (which is possible with JetBrains since they only use 512-bit RSA keys), B) replace the embedded public key with your own so that you can use your rogue private key to digitally sign serial numbers, or C) patch the program to skip the digital signature validation step. Here is an example of how the Qt configure script checks license keys for various features (it's written in C, but the idea is the same). You can see from line 133 that if the 4th part of the serial number contains "F4M" and the first character of the serial is "F", then you have the COMMERCIAL type and the UNIVERSAL edition.

I hope this provides enough info for you to complete your task. Your first 5 characters could be random, the middle 15 characters could be whatever you want them to be (even more random ones if you want), and the last 5 characters could be a checksum of the other 20. Keep things simple and remember that you cannot prevent somebody from deducing your serial generation algorithm; it's not possible.

  • 0

Thanks guys :)

Here's what I been abbe to do, a small key-gen for creating serials to use on my little project...

post-1303-0-21154000-1298729340.png

But I'm obviously screwing this up, cause Serial any Serial5 should never have less that 5 characters or more than 5 characters...

But sometimes the program just locks after working for 7 or 8 Serials been generated.... :\

I feel such a noob on this.... :(

Dim varSerial1 As Integer
Dim varSerial2 As Double
Dim varSerial3 As Double
Dim varSerial4 As Double
Dim varSerial5 As Double

Private Sub CMDGENERATE_Click()

TXT1.Text = ""
TXT2.Text = ""
TXT3.Text = ""
TXT4.Text = ""
TXT5.Text = ""

varSerial1 = 0
varSerial2 = 0
varSerial3 = 0
varSerial4 = 0
varSerial5 = 0

Randomize

Do While varSerial5 < 10000 And varSerial5 > 99998

  'Serial 1
  Do While varSerial1 < 10000
    varSerial1 = Int(Rnd * 63000) / 2
  Loop

  'Serial 2
  Do While varSerial2 < 10000
    varSerial2 = Int(Rnd * 99998) 
  Loop

  'Serial 3
  Do While varSerial3 < 10000
    varSerial3 = Int(Rnd * 99998) 
  Loop

  'Serial 4
  Do While varSerial4 < 10000
    varSerial4 = Int(Rnd * 99998) 
  Loop

  'Serial 5
  varSerial5 = varSerial3 + varSerial2 + varSerial1 - varSerial4

Loop

TXT1.Text = varSerial1
TXT2.Text = varSerial2
TXT3.Text = varSerial3
TXT4.Text = varSerial4
TXT5.Text = varSerial5

End Sub

  • 0

If the goal is just to create a setup program, I would leave out all the key verification code. Simply have stubs that always return true for the various functions if you want to have it in there at all. That code would generally be application-specific anyway and not part of the generic setup program itself anyway.

If you can manage, I would also make a very basic script file that tells the installer what to do instead of hard-coding it. Basically a file that contains the content of the various setup screens and what the program does in response to actions (ie copy a list of files or whatever.)

I do understand that this might be more complicated than you have time for, but I would rather spend my time on this than key generation/validation stuff, and I'd wager that whoever has to grade the project would think the same. It doesn't have to be advanced, just the bare minimum you can get away with to make the setup program somewhat "generic." It doesn't make much sense to be missing basic parts like that but have advanced features like key validation.

If you really do need the key stuff, you have to remember that you can't just arbitrarily decide to have a key made up of 5x5 characters. They have to actually mean something, not just be random numbers. You can't copy the format of a Microsoft (or whoever) key without understanding why it has that format. Start from scratch with something basic.

  • 0

Well after a bunch of hours the Serial part (The Serial Generator I created and the code on the Setup to accept the Serials ) It's working, even better than I expect it ;)

Thanks everyone for your help :)

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • Thanks to Herr Musk being a total poison pill, they can't even give those pieces of scrap away.  They can't even ship them to the UK/EU because they're completely illegal over here.  
    • Intel vs AMD? Microsoft seemingly has a clear recommendation for Windows 11 Pro PC upgrade by Sayan Sen Microsoft and its partners are now quite actively and regularly promoting the upgrade to Windows 11. Asus, for example, recently published blog posts about the "mandatory Windows 11 upgrade" that is coming as the Windows 11 end of support date nears. Microsoft itself, from time to time, urges users to upgrade to its newest OS. Back in February 2024, Microsoft released an advert highlighting the best things about Windows 11 over Windows 10. Later, in June in the same year, the tech giant busted "myths and misconceptions" surrounding a Windows 11 upgrade. And towards the end of 2024, in December, Microsoft put up a blog post outlining the gaming features a user enjoys on 11 if they were to upgrade from Windows 10. While technically there is nothing wrong with a company promoting its own product, sometimes these campaigns make little sense and they fall flat. For example, in January earlier this year, Microsoft shared a blog post headlined "Free Upgrade to Windows 11 (For a Limited Time Only)" which did not make sense as it offered little information about it being a "free upgrade," and it was rightfully, later taken down. The company is back again with a new commercial about Windows 11. This time it is aimed mainly at IT professionals and enterprises as the advert talks about upgrading to Windows 11 Pro from Windows 10. This landed a few days after Microsoft released a new backup tool for organizations for such a purpose. What is interesting is that the company is promoting Intel's vPro processors and there is no mention of AMD's Ryzen PRO parts. The commercial is posted on the Windows official YouTube channel and has been titled "Right side of risk | Windows 11 Pro and Intel". The video description says, "Windows 10 support ends October 14. Stay on the right side of risk—upgrade now to the power of Windows 11 Pro PCs with Intel vPro®." AMD does have a support article about the subject headlined "Support Your Customers’ Move to Windows 11, With AMD Ryzen™ PRO Processors" and you can find it here. This is not the first time Microsoft has promoted Intel CPUs over AMD ones. Back in 2021, the company also put up a full page explaining how users should "look for the Intel EVO badge" on a new device before making a purchase decision because such PCs are "verified wonderful" which was a bit of an odd language. Like the limited upgrade time article, the page above was taken down after we reported on it (can be viewed via the archive) and replaced with something else. The new commercial was published about a couple of days ago, and it is possible that Microsoft may have a dedicated AMD advert too in the pipeline scheduled for a later release, and that would only be fair if both companies get a similar treatment.
    • Don’t blame web developers for the downfall of Firefox. 😂
    • Microsoft, Indian police bust AI-powered tech support scam ring targeting elderly in Japan by Paul Hill Pop-up scams pretending to be Microsoft Working with India’s Central Bureau of Investigation (CBI), Microsoft recently assisted in busting a scam network that was targeting the elderly in Japan. The CBI raided 19 locations on May 28, leading to the arrest of six key operatives and the taking down of two call centers. The scammers were impersonating Microsoft specifically and using tech support scams against Japanese seniors. The raid led to the seizure of both digital and physical infrastructure, including computers, storage devices, and phones. The scammers were targeting older adults, who are more vulnerable to fraud. To put this activity to an end, Microsoft’s Digital Crimes Unit (DCU), the Japan Cybercrime Control Center (JC3), Japan’s National Police Agency (NPA), and India’s CBI conducted significant cross-border collaboration to trace the criminals. Thanks to the internet, cross-border crimes like these have been around for a while and multinational tech firms like Microsoft are making significant efforts to help law enforcement agencies crack down on cybercrime. Artificial intelligence is also starting to be used to make more sophisticated scams. The evolving threat This case reveals an evolution in how Microsoft’s DCU addresses cybercrime involving tech support fraud. Thanks to AI, scammers have been able to scale their operations. In response, Microsoft has moved away from focusing on individual call centers to target the heads of criminal operations and disrupting their technical infrastructure. Notably, Microsoft’s collaboration with JC3 is the first time the DCU has partnered with a Japan-based organization to assist victims. Microsoft is continually getting tips from JC3 about malicious pop-ups urging recipients to call fake technical support lines that claim to be Microsoft. This data has allowed Microsoft to shut down 66,000 malicious domains and URLs globally since May 2024. Microsoft noted that artificial intelligence is now being used by criminals to scale their operations. Some ways in which these entities leverage AI are for victim identification, writing convincing scam emails and building fake web pages, as well as for convincing translations. Anyone can use AI for malicious purposes so it could increase the number of people or groups carrying out attacks. It also makes attacks much more sophisticated and harder to detect and necessitates better consumer protections and more sophisticated security tools such as passkeys to reduce hacks. Protecting vulnerable populations and what readers can do Tech support fraud attacks have been found by the FBI to disproportionately affect older people, resulting in $590 million in losses in 2023 for just older Americans alone. In this operation that targeted Japanese victims, around 90% of the 200 affected people were over 50. If you’ve ever received suspicious communications from a party claiming to be Microsoft, you should know that Microsoft never sends unsolicited emails or makes phone calls requesting personal or financial information, and it doesn’t offer unsolicited tech support. If you do get any suspicious communications, then you should report it to Microsoft so that it can take action.
  • Recent Achievements

    • Week One Done
      luxoxfurniture earned a badge
      Week One Done
    • First Post
      Uranus_enjoyer earned a badge
      First Post
    • Week One Done
      Uranus_enjoyer earned a badge
      Week One Done
    • Week One Done
      jfam earned a badge
      Week One Done
    • First Post
      survivor303 earned a badge
      First Post
  • Popular Contributors

    1. 1
      +primortal
      434
    2. 2
      +FloatingFatMan
      238
    3. 3
      snowy owl
      214
    4. 4
      ATLien_0
      211
    5. 5
      Xenon
      156
  • Tell a friend

    Love Neowin? Tell a friend!