PDA

View Full Version : How can i release my script for commercial?


atoraby
10-24-2009, 08:58 PM
hi
I've created script by max script already. now i want to release commercial version of that. how can i encode my script? i want to release a limited evaluation version.
may i use 3dmax features to do this? or i have to use external tools?
thanks for any help

Track
10-25-2009, 07:36 PM
See this topiks
http://blog.duber.cz/3ds-max/checksums-in-3ds-max
http://forums.cgsociety.org/showthread.php?f=98&t=638998&page=2&pp=15


Example from cgsociety.org :

fn fl_getMacAdressByDotNet = (
upperStr="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lowerStr="abcdefghijklmnopqrstuvwxyz"
NWIF = dotnetClass "System.Net.NetworkInformation.NetworkInterface"
the_Mac_array = NWIF.GetAllNetworkInterfaces() -- this is an array of all the Networks
the_Mac_Address = "" --The Mac Address with capital letter
the_Hex_Array = #() -- Emty Array to hold the Bytes after converted to hex
for i = 1 to the_Mac_array.count do
(
The_Physical_Address = the_Mac_array[i].GetPhysicalAddress() -- Get The Physical Address of all the networks
The_Physical_Address_Bytes = The_Physical_Address.GetAddressBytes() as array -- Get The Physical Address Bytes
for foo in The_Physical_Address_Bytes do
(
tempHex = bit.intashex foo -- convert to hex
if tempHex.count == 2 then
(
if (idx = findString lowerStr tempHex[1]) != undefined then tempHex[1] = upperStr[idx]
if (idx = findString lowerStr tempHex[2]) != undefined then tempHex[2] = upperStr[idx]
the_Mac_Address += tempHex
)
else
(
if (idx = findString lowerStr tempHex) != undefined then tempHex = upperStr[idx]
the_Mac_Address += "0" + tempHex
)
)
)
-- call the Mac Address
the_Mac_Address
)
fl_getMacAdressByDotNet()

ivanisavich
10-25-2009, 07:51 PM
encryptscript "scriptFilePath" ---put path to your .ms file in the quotes

atoraby
10-30-2009, 04:55 PM
It is straightforward to decrypt mse files!
I mean using MAC address and encyptscript isn't beneficial while it is possible to decrypt encoded max script files, simply.
I think about any external tool such as a dll file or exe file runs (by calling it from max script, if it is possible) to validate program license. i think it is more safe and reliable. have you ever thought about this before?

SyncViewS
10-30-2009, 07:11 PM
It is straightforward to decrypt mse files!

Is it? Probably it was before 3ds Max version 9. As far as I know it's not impossible (as nothing in IT is), but quite hard to decrypt .mse nowadays.

I guess the encryption level is up to the task of hiding code a plugin of a 3D software. I mean, is the effort to decrypt a script comparable to its price? I don't think so.

- Enrico

biddle
10-31-2009, 12:52 AM
At the risk of starting up yet another thread on piracy, I did some poking around of my own and discovered that decrypting an MSE scriptfile is truly trivial.

If you are counting on their security to ensure people compensate you fairly, you will probably wind up unpleasantly surprised.

On the other hand, if you are concerned about them containing malware, spyware, or whatnot, they can be inspected (and neutered)

.biddle

Is it? Probably it was before 3ds Max version 9. As far as I know it's not impossible (as nothing in IT is), but quite hard to decrypt .mse nowadays.

I guess the encryption level is up to the task of hiding code a plugin of a 3D software. I mean, is the effort to decrypt a script comparable to its price? I don't think so.

- Enrico

Rorschach
10-31-2009, 03:19 PM
At the risk of starting up yet another thread on piracy, I did some poking around of my own and discovered that decrypting an MSE scriptfile is truly trivial.

Are you saying you can see a fully decrypted MSE script? or just reverseengineer bits?

Can you show me the unencrypted version of the attached script?

edit:sorry, attachment doesn't seem to want to upload

JHN
10-31-2009, 09:13 PM
@Mike: I'd really like to know more too, I have some encrypted scripts with clients, can you elaborate how easy it is? I have seen ZeBoxx2/Richard mentioning it somewhere, and from what I remember he used a sandbox like construction or something, but didn't go into details...

So maybe there's a market for a obfuscator for maxscript.

Thanks for anything you can say on this subject!
-Johan

iceman32
11-02-2009, 02:00 PM
Well, IT IS very easy to decrypt an encrypted maxscript. With the right tool, you do it in 6 sek...
The reason Autodesk has this function is just to protect the developers code to everyone. If you want to have like a trial license, number of tries before buy or something, the best method is to code the plugins in C++ but that isnīt safe either, nothing is, everything that is coded can be decoded, but with C++ itīs at least more safe than maxscript encryption.

denisT
11-02-2009, 05:13 PM
i confirm that to decrypt maxscript is very easy. unfortunately it takes 5-10 min to find the right tool on internet.

Kramsurfer
11-02-2009, 07:05 PM
True that..

MSX encryption is designed to protect your code from the average 3Ds Max Artist, not other coders... Heck for most artists, just take the comment blocks out... ;-)

Rorschach
11-02-2009, 07:54 PM
I'm surprised.

We've had plenty of discussions about the secureness of encrypted scripts and stuff like this in the past and although it's accepted that people can always hack these things, (and get around any antipiracy features), it's never been mentioned that someone can decrypt entire .MSE into plain text.....and that seems to be what at least 4 people are saying here?

atoraby
11-02-2009, 08:03 PM
i have created my script a month ago. and it is perfect and usable for today. Perhaps it isn't attractive for the future. So consider i can't postpone release date and trying max.net and recoding it for the far future.
please suggest a way to protect a maxscript file and abandon other alternative possibilities.
thanks for your help

denisT
11-02-2009, 08:33 PM
I'm surprised.

We've had plenty of discussions about the secureness of encrypted scripts and stuff like this in the past and although it's accepted that people can always hack these things, (and get around any antipiracy features), it's never been mentioned that someone can decrypt entire .MSE into plain text.....and that seems to be what at least 4 people are saying here?

if MAX can decrypt your mse file why anyone else couldn't do it? if "people" can crack max why they can't get decrypt key?

Rorschach
11-02-2009, 09:05 PM
So would someone care to take the 6 seconds or so to decrypt the attached script and print a full plain text version here?

denisT
11-02-2009, 09:11 PM
So would someone care to take the 6 seconds or so to decrypt the attached script and print a full plain text version here?

it's illegal to do such things. and i strictly recommend do not post any "decrypters"...

biddle
11-02-2009, 09:42 PM
So would someone care to take the 6 seconds or so to decrypt the attached script and print a full plain text version here?

No, but I will tell you that you made a spelling error in the comment on line 6, column 18.

Rorschach
11-02-2009, 10:39 PM
No, but I will tell you that you made a spelling error in the comment on line 6, column 18.

Interesting.

Well, assuming you can see the entire script and not just that segment then this has enormous repercussions for lots of us.

I've always assumed there were ways of hacking scripts to get round serial protections etc, but if you can actually decrpyt the entire script into plane text then that's terrible news for the commercial scripters.

denisT
11-02-2009, 10:41 PM
the bad news is not that biddle can decrypt a script, the bad news (not new for me) is that anyone else can do it...

biddle
11-03-2009, 03:48 AM
...but if you can actually decrpyt the entire script into plane text then that's terrible news for the commercial scripters.
Yeah, I felt the same way when I was through poking around. I hope you will agree with me that knowing what you are really up against with respect to MSE files is better than operating with a false (or at least elevated) sense of security.

SyncViewS
11-03-2009, 10:37 AM
Assuming .mse are easily decriptable, I'd like to know if you get the whole text or just bits, or messed up. I'm going to publish a script of about thirty thousand lines of code, divided into several files. It's not a big issue if a spiteful person can read something here and there, because will hardly get the whole picture.

On the other hand, I'd like to know if there are better methods not involving the SDK (read: NOT compiling and publishing multiple script versions) to obtain affordable code obfuscation.

- Enrico

atoraby
11-08-2009, 06:38 PM
See this topiks
http://blog.duber.cz/3ds-max/checksums-in-3ds-max
http://forums.cgsociety.org/showthread.php?f=98&t=638998&page=2&pp=15


Example from cgsociety.org :

fn fl_getMacAdressByDotNet = (
upperStr="ABCDEFGHIJKLMNOPQRSTUVWXYZ"
lowerStr="abcdefghijklmnopqrstuvwxyz"
NWIF = dotnetClass "System.Net.NetworkInformation.NetworkInterface"
the_Mac_array = NWIF.GetAllNetworkInterfaces() -- this is an array of all the Networks
the_Mac_Address = "" --The Mac Address with capital letter
the_Hex_Array = #() -- Emty Array to hold the Bytes after converted to hex
for i = 1 to the_Mac_array.count do
(
The_Physical_Address = the_Mac_array[i].GetPhysicalAddress() -- Get The Physical Address of all the networks
The_Physical_Address_Bytes = The_Physical_Address.GetAddressBytes() as array -- Get The Physical Address Bytes
for foo in The_Physical_Address_Bytes do
(
tempHex = bit.intashex foo -- convert to hex
if tempHex.count == 2 then
(
if (idx = findString lowerStr tempHex[1]) != undefined then tempHex[1] = upperStr[idx]
if (idx = findString lowerStr tempHex[2]) != undefined then tempHex[2] = upperStr[idx]
the_Mac_Address += tempHex
)
else
(
if (idx = findString lowerStr tempHex) != undefined then tempHex = upperStr[idx]
the_Mac_Address += "0" + tempHex
)
)
)
-- call the Mac Address
the_Mac_Address
)
fl_getMacAdressByDotNet()

suppose that someone has a personal computer with a pci network card and he or she chanegs his/her nic. so this function denies his mac-address after this exchange!
I think it is not a perfect and coherent way to keeping a license by mac address! what do you think the better way is?

by the way, when i print hardwareLockID it returns 0! why?

Track
11-18-2009, 11:39 AM
suppose that someone has a personal computer with a pci network card and he or she chanegs his/her nic. so this function denies his mac-address after this exchange!
I think it is not a perfect and coherent way to keeping a license by mac address! what do you think the better way is?

by the way, when i print hardwareLockID it returns 0! why?



Strongly not recommend using hardwareLockID.
In Different versions of 3dsMax hardwareLockID will be different.
Any issues with Mac...

the bad news is not that biddle can decrypt a script, the bad news (not new for me) is that anyone else can do it...
During the test, you have opened 3d Max?
You close the source of encrypted script into the script editor and then restarted Windows?
After to do this your run test ...
:)
I think- it is not so easy - especially for large scripts.

CGTalk Moderation
11-18-2009, 11:39 AM
This thread has been automatically closed as it remained inactive for 12 months. If you wish to continue the discussion, please create a new thread in the appropriate forum.