Can a hacker surpass internet http rest calls from desktop application?
Question
我已经在C#中制作了一个桌面软件,并且我将对该软件进行30天的免费试用,现在我将从某个服务器上检查日期和时间以检查日期...我的问题是,黑客可以破解吗?并为所有人提供某种密钥或步骤以使其完整版或使其在市场上有所突破(我知道黑客可以入侵任何产品)???
2 answers
solution1
2 ACCPTED 2015-07-25 09:25:45
实际上,黑客可以通过REST API,监视HTTP流量来弄清楚您要检查的日期,然后将API的DNS名称更改为本地本地主机,并为您提供伪造的REST API响应。
solution2
1 2015-07-25 16:04:09
Sure, any software running on the desktop can be decompiled or reverse engineered. Then a patch can be created to disable any security features you've build into the application.
But this requires a lot of work. Not many applications are valuable enough for some hacker to spend so much time on it.
As others have already replied, it's trivially easy to intercept http(s) requests made to a server. Why don't you just use the date/time from the machine/device itself? Not many people will be willing to live with a date set back on their machine just to run your software illegally.
The real problem is where do you store that date. The first time the user legitimately installs your trail, that date won't be present. What is to prevent users from deleting that date and starting the trail period over?
To protect yourself from all this, run (parts of) your software in the cloud. But in that case, you'll need an authentication mechanism for your users.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.