- license key for php script
- Solution 2
- Solution 3
- Solution 4
- How I cracked PHP Tools for VS Code
- # Open Extensions folder Ctrl+p
- # Open and reformat
- Product Activation
- Trial License
- Obtain License Key
- Enter License Key
- User Seats
- Related Links
- Product Activation
- Trial License
- Obtain License Key
- Enter License Key
- User Seats
- Related Links
license key for php script
There’s a reason Adobe, Microsoft, and others don’t over actively pursue pirates (not saying they don’t, just not at epic, absolutism levels) — they make most of their money from business to business sales and support. A simple license and support structure is typically enough to posture yourself for profit from legitimate businesses and parties who want your product.
Technical protection is a losing battle if you’re going to give anyone the code. That’s why SaaS is so popular.
Solution 2
Your question is very interesting because way too many php developers wonder the same thing. How can I protect my product from being stolen and copied?
Some of the comment talk about not being greedy, but the truth is that many people program for a living, so it isn’t a matter of just some software you built as a hobby, it is your work and you deserve to get paid for it, just like any other profession.
Sadly, PHP is a language that is very hard to protect, but I will give you a few pointers:
1) Don’t trust encryption: I have seen way too many tools for un-encrypting code, even some tools that I used to trust like Zend Guard, are also vulnerable. The most advanced tools I have seen can reveal your code in minutes.
EDIT: Another thing I forgot to mention about encryption. It will require the server to have certain special modules installed in order for your code to work and this is a deal-breaker for all the people who use shared hosting and can’t install the unencryption module.
2) Try obfuscation: Even though your code will be still readable, if the obfuscator does a good job at mixing variables, adding nonsense and making functions within functions, the code itself will become almost non-modificable, so it will be useless to try to modify it.
3) Take advantage of obfuscation to insert domain-lock code within your software itself: Instead of a license file, just sell the software to a certain customer with some domain verification code within the software itself, that approach combined with obfuscation, will make it very hard to figure out what to change to make it work in some other domain, so you will probably achieve your goal.
4) Make a great software: This is the most important part, build an outstanding software that people will be willing to pay for, create a proper website for it, get the word out there.
Solution 3
The only true way to lock down script-based code that you give away, is to keep a core part of that code executing on a server you control — and have the code you’ve given to your client ‘call home’ to your server on each execution. Then all you have to do is block access to this ‘call home’ script based on the requesting ip.
Also, in this ‘call home’ mechanism it is no good just performing a simple connection test or handshake because this can be worked around — the script on your server has to do something integral to the system as a whole so that the client would have to rewrite that missing part in order to use your code elsewhere without you knowing. This could be some key calculation or data provision.
Obviously this is not ideal as many clients will not like a script calling a remote server, plus you’d have to make sure your network and server could handle the number of requests — otherwise you’ll slow or timeout your clients own systems.
Solution 4
All I need is to not activate any script in any domain name, unless I have it in my clients list.
Ok you narrowed it enough.
create your openssl certificate, hardcode public part to checking code, when issuing license sign domain.name string with your private key, issue sign part as license, in your license:
in your code to check license:
O’c all should be encrypted as much as possible.
this probably vulnerable for special crafted libopenssl binaries but I hope it will help you. to avoid running of such code every you can add condition like this:
but it depends on which part is should be protected.
also, in all parts of the code you should check md5summ of file that contain license check code.
How I cracked PHP Tools for VS Code
Disclamer: This tutorial is for educational purposes only.
Last week I tried to unlock Intelephense here
(opens new window) , and I got positive results so why not try the same approach with PHP Tools
Note: that I’m applying this on the current release 1.0.4, method names might change in upcoming releases, though the same principles applies.
# Open Extensions folder Ctrl+p
Then navigate to «out/src/extention.js» file in «devsense.phptools-vscode» folder.
I recommend backup extention.js file before we continue.
# Open and reformat
This one is a little bit different from the last one
(opens new window) , there’s no unminified TypeScript to guide us this time.
- Disable any other php extension and enable PHP Tools only.
- Open extention.js and use prettier to reformat the obscured code.
- Search for » The license has been stored » you’ll find this message inside the
function ne() is responsible for entering and receiving the code
// check if the user entered a valid key function Ne() return e(this, void 0, void 0, function* () let e = yield r.window.showInputBox( prompt: J('promptText'), placeHolder: J('placeHolder'), ignoreFocusOut: !0 >); if (e) // n is the key let n = void 0; //. the rest of the function >); >
Delete Ne() completely and Replace it with
// check if the user entered a valid key function Ne() return e(this, void 0, void 0, function* () let e = yield r.window.showInputBox( prompt: J('promptText'), placeHolder: J('placeHolder'), ignoreFocusOut: !0 >); if (e) // n is a custom key returned in a json response let n = '< "signature":"9A67311816caZfsGXE6TxeS4NyN2UkaQC">'; // ie function is responsible for storing the license yield Ie(n); > >); >
Be careful when deleting or editing obscured javascript code it can broke easily
Next: Ie(n) function, we only interested to change one line
function Ie(n) return e(this, void 0, void 0, function* () try JSON.parse(n), // we intreseted to change this line only exports.o.globalState.update(H.p(ke) + '.' + g.userInfo().username, n), //. other code > >); >
I think this function is responsible for saving the key in the global state of the vscode’s context
so we’ll change only this one line
function Ie(n) return e(this, void 0, void 0, function* () try JSON.parse(n), // change commented line //exports.o.globalState.update(H.p(ke) + '.' + g.userInfo().username, n), // to just your name and the key exports.o.globalState.update('Ahmed', n), //. other code > >); >
function Ke() Which I think is responsible for checking if the license is valid or expired
// check if the key is valid function Ke() return e(this, void 0, void 0, function* () let e = yield Fe(); if (e) var n = require(H.p(H.h))(g.userInfo().username) + '#' + e.license + '#' + e.expiration; return new (require(H.p(He)))(H.p(Y)).verify(n, e.signature, 'utf8', 'base64') ? (yield Je(e)) ? K.Expired // return expired flag : K.Valid // return valid flag : K.Invalid; // return invalid flag > return K.Missing; // return missing flag >); >
We are interested in returning the Valid flag only from this function, so no matter what the key we enter it will be considered a valid key.
// simple enough we're returning only the valid flag function Ke() return e(this, void 0, void 0, function* () return K.Valid; >); >
- Save and reload vscode
- ctrl+p
- type activate in the command palette and choose PHP Tools
- Enter this fake key » 9A67311816caZfsGXE6TxeS4NyN2UkaQC «
Product Activation
After downloading PHP Tools for Visual Studio, and installing it, the product license needs to be activated.
Trial License
PHP Tools for Visual Studio comes with a free 30-day trial license, allowing to use all the features. The trial license is enabled automatically once Visual Studio starts.
You can check the state of the license in Help / About PHP Tools menu.
Note, enabling the trial license requires an Internet connection.
Obtain License Key
The license key can be purchased online from our purchase page. For detailed information about licence types, licensing model, purchase, upgrades and renewal, see our FAQ section.
The license key is sent by email immediately after the payment.
Enter License Key
Once you have a obtained the license key, activate your copy of PHP Tools for Visual Studio. The product can be activated from the Visual Studio menu.
- Go to Help / Activate PHP Tools , and the Activation Dialog will open.
- Paste the license key
- Click Activate
Note, when you’re offline, the offline activation window will appear, guiding you through the process of offline activation.
To check the status of your maintenance and support subscription, go to Help / About PHP Tools . What’s the maintenance and support subscription?
This window gives you information about your license status, product version and the option to renew your subscription.
User Seats
Licenses are assigned to individual users and computers upon first activation. In the case a computer is no longer in use, or a user is no longer actively using the license, you can unregister them to free up their seat for another user. Visit the Dashboard in the upper right corner of this web site to do so.
- Create a new user account in the dashboard, or login using available social login.
- In case there is no License Key listed in your Dashnoard, Associate License Key first.
- Navigate to Subscriptions and adjust number of seats, or disable associated seats to free them for new users.
Related Links
- Offline Activation: How to activate the product license with a blocked Internet connection.
- Licenses FAQ: More information about licenses and purchases.
Product Activation
After downloading PHP Tools for Visual Studio, and installing it, the product license needs to be activated.
Trial License
PHP Tools for Visual Studio comes with a free 30-day trial license, allowing to use all the features. The trial license is enabled automatically once Visual Studio starts.
You can check the state of the license in Help / About PHP Tools menu.
Note, enabling the trial license requires an Internet connection.
Obtain License Key
The license key can be purchased online from our purchase page. For detailed information about licence types, licensing model, purchase, upgrades and renewal, see our FAQ section.
The license key is sent by email immediately after the payment.
Enter License Key
Once you have a obtained the license key, activate your copy of PHP Tools for Visual Studio. The product can be activated from the Visual Studio menu.
- Go to Help / Activate PHP Tools , and the Activation Dialog will open.
- Paste the license key
- Click Activate
Note, when you’re offline, the offline activation window will appear, guiding you through the process of offline activation.
To check the status of your maintenance and support subscription, go to Help / About PHP Tools . What’s the maintenance and support subscription?
This window gives you information about your license status, product version and the option to renew your subscription.
User Seats
Licenses are assigned to individual users and computers upon first activation. In the case a computer is no longer in use, or a user is no longer actively using the license, you can unregister them to free up their seat for another user. Visit the Dashboard in the upper right corner of this web site to do so.
- Create a new user account in the dashboard, or login using available social login.
- In case there is no License Key listed in your Dashnoard, Associate License Key first.
- Navigate to Subscriptions and adjust number of seats, or disable associated seats to free them for new users.
Related Links
- Offline Activation: How to activate the product license with a blocked Internet connection.
- Licenses FAQ: More information about licenses and purchases.