hard drive serial number

I have a commercial software package for small business that I have been selling for a long time. Its kind of like a POS but does a lot more.

I have been using different ways of software security to avoid piracy including dongle hardware lock, third party software licensing etc. Most of these require a new compile of the product on my part for every new client.

I have come up with a way to do it within the software without having to buy a third party product which only adds on my nightmares of post-sales support. I want your openion on this:

When the product is launched, it checks for hard drive serial number and stores in the memory. It then checks for a particular place in the registry for an encrypted text. If it finds it, it decrypts it, parses out the multiple keys from the string and the remaining is hard drive serial number. Then it compares the hard drive serial number found in the decrypted text with the serial number of the hard drive it earlier retrieved. If the encrypted text in the registry was not found at all or the hard drive serial numbers didn't match, it tells the user that the software is not registered. It also displays the hard drive serial number to the user telling him to call or email my company to let me know the number.

Most of the time I am the one putting together the hardware and software for my customer so the user won't see this dialog in most cases. But I wanna be able to allow downloading the product over the web etc so I do want to be able to register the product remotely.

I have created a tool to generate a registry file. The tool uses the serial number and a combination of keys to create a encrypted string to be stored in a registry location. The registry file would then be sent to the buying/paying customer.

I didn't mean to bore you guys with the whole story here but what I want to know is that is is possible to change the serial number of a hard drive?

If you use ghost software or something similar to create ghost images and then deploy them back to a new hard drive, does the serail number of the source hard drive get copied too?

Also, let me know of what you think about it and if you have a better idea or point out and disadvantages that I am not seeing?

I know that this idea will not work with SCSI hard drives but I am not concerend about that.

I really appreciate your time...

Last software company I worked for also used the hdd serial number for registration. Worked pretty well.


Yes the serial number can be changed via a hex editor. (i've never done it as its not for the waek at heart) And yes cloning drives can be an issue too.

You cannot change the serial number, this is hard coded by manufacturer as they use it for warranty and tracking purposes.

The hardware/device serial number is pretty secure. This is the number you'll get if you are using (say) the low level (ATA) command Identify Drive to retrieve the serial number. The disk/volume serial number is not secure at all. It can be changed/altered any number of ways, even by simply formatting. This is the number you get if you use something like the windows api GetVolumeInformation call to retrieve the serial number (here the serial number is in the format XXXX-XXXX).

DrMDJ

Are u sure u are talking about serial number of the HD or the volume name?

I know that the volume name can be changed by formatting the hard drive but I never knew that serial number can also be changed like that.

When you type DIR at a dos prompt and see:

Volume Serial Number is F819-AB02

Yes, this is the serial number can be changed.

Ok, now I am confused...

When I type DIR on my command prompt, I get is C418-684B.

But when I use the API to get the volume information, I get a different serial number which is always numeric. I have tested this on more than 20 machines.

Here is an example of how I get the serial number programatically in visual basic:


Private Declare Function GetVolumeInformation Lib "Kernel32" Alias "GetVolumeInformationA" (ByVal lpRootPathName As String, ByVal lpVolumeNameBuffer As String, ByVal nVolumeNameSize As Long, lpVolumeSerialNumber As Long, lpMaximumComponentLength As Long, lpFileSystemFlags As Long, ByVal lpFileSystemNameBuffer As String, ByVal nFileSystemNameSize As Long) As Long


Private Sub Form_Load()Dim Serial As Long, VName As String, FSName As String
'Create buffers
VName = String$(255, Chr$(0))
FSName = String$(255, Chr$(0))
'Get the volume information
GetVolumeInformation "C:\", VName, 255, Serial, 0, 0, FSName, 255
'Strip the extra chr$(0)'s
VName = Left$(VName, InStr(1, VName, Chr$(0)) - 1)
FSName = Left$(FSName, InStr(1, FSName, Chr$(0)) - 1)
Debug.Print "The Volume name of C:\ is '" + VName + "', the File system name of C:\ is '" + FSName + "' and the serial number of C:\ is '" + Trim(Str$(Serial)) + "'", vbInformation + vbOKOnly, App.Title
End Sub



The output of this is following:


The Volume name of C:\ is 'C', the File system name of C:\ is 'NTFS' and the serial number of C:\ is '1082622541'



hmmmm

Are u sure we are talking about the same thing?

Quote:

---

Originally posted by Zedy
You cannot change the serial number, this is hard coded by manufacturer as they use it for warranty and tracking purposes.

---

Zedy, this is what I thought, but from all the other responses I am getting here, it sounds like I was wrong


- masif

Not sure how to phrase this. The serial number I posted: F819-AB02 is the "hexadecimal" version which calculates into 4162431746.

Quote:

---

Originally posted by Steve R Jones
Not sure how to phrase this. The serial number I posted: F819-AB02 is the "hexadecimal" version which calculates into 4162431746.

---

u can say hexadecimal. I am a programmer.

This is very interesting though. I will see if my hexadecimal number is equal to the serial number

Quote:

---

Originally posted by Steve R Jones
Not sure how to phrase this. The serial number I posted: F819-AB02 is the "hexadecimal" version which calculates into 4162431746.

---

Ok, I am still confused...

when I type DIR on dos prompt, I get: C417-683B

This calculates to decimal value of 3289868347 which is not equal to the serial number I get via the API. read on...

When I use the API, the serial number is: 1082622541

When I convert this to hexadecimal it is: 4087824D


Now the number that u posted (4162431746) does infact transtales to F819-AB02 but how did u get that number?

Quote:

---

[Not sure how to phrase this. The serial number I posted: F819-AB02 is the "hexadecimal" version which calculates into 4162431746.

---

oooops!! you are right, I was on a different drive (U:\>)when I tried DIR on dos prompt. my bad....

when I try it on c:\ they are same numbers.

Thanks for ur help....

u still stand by the fact that this number could be changed huh?

I trust greater minds than mine will answer you... but...:

I'm of the opinion that any change you make in this regard is actually changing a value that's in memory (perhaps mirrored in the registry or other config files of some sort), NOT the actual HD serial number embedded in the hardware. If this premise is correct, then a reboot would always reset this number to the actual HD serial number, thereby losing your change. But I've been wrong 3 times this year, so maybe this is the fourth?!!

:D ;)

I sent a PM to DrMDJ. Am sure he can explain where the number is etc...

Like I mentioned, my old company used the same number. We caught one company trying to beat our registration process by changing the serial number on a few machines. And the super geeks in the back room had to make us a a little to change the number on cloned drives.

Sorry for not checking back here sooner. I only rarely pop over to the 2k forum. Anway, got Steve's PM and...

Steve already explained about the fact that the number you are getting back when issuing the GetVolumeInformation API is the decimal eqivalent of the number you see doing something like the Dir command (ie. a hex number in the form xxxx-xxxx). This all is what I was talking about in my first post, that the GetVolumeInformation does not return the real "hardware" serial number. To get that number you need to issue something like the low level ATA command Identify Drive.

The number that GetVolumeInformation returns is for a partition. This number can be set and reset in a variety of ways. Like I said before, just formatting a drive changes the number. With a format the number gets set/assigned randomly. You can also force the number to a specific one programmatically. An example of a utility out there that does just this is VolumeID from www.sysinternals.com.

I kinda figured you weren't relying on the hardware serial number, but wasn't sure. Anyway, using the number returned by GetVolumeInformation is not really a reliable means of providing security in your software.

Quote:

---

Originally posted by DrMDJ
To get that number you need to issue something like the low level ATA command Identify Drive.

---

Ok, very good. I did some more research on the web as well. I am convinced from all the responses that the hard drive serial number can be changed and is not secure at all.

I really appreciate everyone's time and help in this regard.

DrMDJ, I would like to know more about low level ATA commands and how to use them. Any resource that you can post to point me into the right direction?

Wanted to see if I could dig up a somewhat specific/detailed example of what needs to be done. Figured that would be better than just referring ya to the ata/atapi command specs and/or something on the Identify Drive/Device subcommand, etc. I managed to find one set of source code that might fit the bill. Its a mix of C and assembler, but that's what would be needed. Within the context of some other things its doing the code does provide the information of the Identify Drive command. The code examples can be found here.

Even though your other code is VB something like this could be incorporated to return the necessary info.

Quote:

---

Originally posted by DrMDJ
Even though your other code is VB something like this could be incorporated to return the necessary info.

---

You are da man! I already changed my code to use the c++ object and it works great. The only pain that I may need to go thru is to update all my clients but I am wondering if I should even bother to make this change retroactive.

Thanks for all your help every1!!!

Excellent. Glad it worked out.

maybe you could use the mac address ?

This is a 2½ year old thread folks.

Quote:

---

Originally Posted by SuperSparks

This is a 2½ year old thread folks.

---

But thanks for your input TechFobe and
|
|
V

I noticed that this discussion has been posted a while back, however I want to put in my two cents of worth for any body running into this thread.

Yes you can edit the hard drive serial number, and I have a DOS POS program that is still sold today that does exactly that. This program was written well over a decade ago and stil is going strong (might be because it looks a lot like a Windows program).I later sold this program and source code to another company, and was ask to write them a Windows update as well. The same approach was use in the Windows version of this program on the new owners insistence. However in my opinion this is not a good idea to protect your program in this manner, nor are any method that makes use of any hardware serial number. The reason being that it is a logistic nightmare to keep the legal users up to speed if they do have a legitimate hardware change for any reason whatsoever. It is OK to support a couple of hundred user but very BAD when you have thousands of users.

My advice is to rather brand the product extensively with the legal user name. Very few people will use software in their company if another company's name is splashed all over it(Remember your printed output as well)

Pirates will always be with us, rather figure a way to let them work for you than against you. If your software is worth its' weight in gold people WILL buy it. Any pirated software with your name on it will eventually lead to new sales if your program is worthwile and not over priced.

I am not really sure why companies go through all this trouble trying to protect their software from piracy.., seeing as no matter what they do, there is a crack for any software popular at all within days, this is espesically true for games...

so bascally, the people who will pay, will pay, and the people who won't, get it for free off BitTorrent once it is cracked.

Quote:

---

Originally Posted by pcgroen

I noticed that this discussion has been posted a while back, however I want to put in my two cents of worth for any body running into this thread.

Yes you can edit the hard drive serial number, and I have a DOS POS program that is still sold today that does exactly that. This program was written well over a decade ago and stil is going strong (might be because it looks a lot like a Windows program).I later sold this program and source code to another company, and was ask to write them a Windows update as well. The same approach was use in the Windows version of this program on the new owners insistence. However in my opinion this is not a good idea to protect your program in this manner, nor are any method that makes use of any hardware serial number. The reason being that it is a logistic nightmare to keep the legal users up to speed if they do have a legitimate hardware change for any reason whatsoever. It is OK to support a couple of hundred user but very BAD when you have thousands of users.

My advice is to rather brand the product extensively with the legal user name. Very few people will use software in their company if another company's name is splashed all over it(Remember your printed output as well)

Pirates will always be with us, rather figure a way to let them work for you than against you. If your software is worth its' weight in gold people WILL buy it. Any pirated software with your name on it will eventually lead to new sales if your program is worthwile and not over priced.

---

Are you sure you are talking about the same thing here?

There are two serial numbers associated to the HD. One is in hardware, in HD firmware, the actual drive serial number. The other is a volume or partition number that is randomly created when you partition or format the drive. The drive serial can't be changed and/or erased, the other will. If you are infact talking about the one stored on the firmware/hardware, can you provide any links?

Anyway, this has worked great for me. Most of the installations are done my myself. The number of my customers is not very small but not very large yet either. I have created a utility that basically takes any HD serial number as input and generates a registry file with encrypted information. This registry must be merged with the computer on which the product is being installed for the product to be registered.

The logins are bound to compare the HD serial number with the encrypeted serial number and encrypted install/expiry date stored in the registry. The info in the registry represents the serial number of the drive the product was installed on and it must match (when decrypted) with the actual hd when loging in.

This did wonders for me in regards to my customers with monthyl installments. The registry stores encrypted expire dates also. It displays expiry reminder on the main screen along with the HD Serial Number (not the Volume Serial Number). I used to have a hard collecting money from them every month. Now, my customers pay my bill way ahead in advance to give me extra time to create a new registry file and to send it to them.

Quote:

---

Originally Posted by Byan

I am not really sure why companies go through all this trouble trying to protect their software from piracy.., seeing as no matter what they do, there is a crack for any software popular at all within days, this is espesically true for games...

so bascally, the people who will pay, will pay, and the people who won't, get it for free off BitTorrent once it is cracked.

---

Anyone wants to try? I will write a quick vb program that uses my authentication module and send it to anyone who is up for it. This is not a challenge. I am just curious and want to see if it really is crackable.

Sorry to bring this thread from the dead again. Has anyone tried changing the hard drive serial number (not the xxxx-xxxx volume serial number) for a virtual machine (Virtual PC)? Thanks.

I just had a quick look then, and it doesn't seem to be stored anywhere -- it's not in the .vmc file (which is just XML), and I couldn't see any reference to it in the .vhd specification.

Are you sure it's not just a constant value or something?

Quote:

---

Originally Posted by Tuttle

I just had a quick look then, and it doesn't seem to be stored anywhere -- it's not in the .vmc file (which is just XML), and I couldn't see any reference to it in the .vhd specification.

Are you sure it's not just a constant value or something?

---

Thanks for responding. Could it be "Unique ID" on page 7 of the .vhd specification document?

I couldn't even open my .vhd in a text editor - it is too large. Any ideas on that?

Try opening it in a Hex editor. I like WinHex, or here are some freeware ones:

Hackman

Free Hex Editor

Freeware Hex Editors

Quote:

---

Originally Posted by SuperSparks

Try opening it in a Hex editor. I like WinHex, or here are some freeware ones:

Hackman

Free Hex Editor

Freeware Hex Editors

---

Thanks. Free Hex Editor says can process files up to 10 MB. My .vhd is around 1.5 GB, so I don't think that will work. I appreciate your help though.

I just looked at the footer of one of mine:

Code:

---

63 6F 6E 65 63 74 69 78-00 00 00 02 00 01 00 00  conectix........
00 00 00 00 00 00 02 00-0B 0C DA 98 76 70 63 20  ............vpc
00 05 00 03 57 69 32 6B-00 00 00 00 80 00 00 00  ....Wi2k........
00 00 00 00 80 00 00 00-10 41 10 3F 00 00 00 03  .........A.?....
FF FF ED 72 9B DA 91 63-55 AF 11 DA 80 C6 EA CC  ...r...cU.......
5E FC 6D 16 00 00 00 00-00 00 00 00 00 00 00 00  ^.m.............
00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00  ................
00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00  ................

---

The "Unique ID" field is underlined. It doesn't look like any HD serial number I've seen before, and I'm all out of ancient DOS utilities to test it with (this is a DOS VM), but I suppose it's possible that the presented serial number is derived from that somehow.

Be very careful if you're going to try changing it that you don't have any differencing or undo disks associated with the one you're changing -- the Unique ID is definitely used for tracking those associations.

(No suggestions on tools btw; I cut that off the VHD with "tail -1b original.vhd > footer.vhd" (requires one of Cygwin, SFU, tools for SUA etc) and opened it up with "debug footer.vhd". Going back the other way would be harder.)



Edit: I just found a suitable DOS tool -- the hardware serial number reported in Virtual PC is blank. If there's a way to change that then it'd probably be a new setting in the .vmc file, but I can't find any documentation on the format of that file.

Quote:

---

Originally Posted by Tuttle

Edit: I just found a suitable DOS tool -- the hardware serial number reported in Virtual PC is blank. If there's a way to change that then it'd probably be a new setting in the .vmc file, but I can't find any documentation on the format of that file.

---

I also found a tool for Windows that returns the hdd serial number. When I run it on my "pyhsical" computer, it returns something that does look like a serial number. On the VM, it returns blank. So I would be most definitely interested in how to populate that field in the VM.

I have no idea if this would work, and I would definitely advise that you make a copy of the .vhd file first. Here's how to mount a .vhd file in Windows:

http://blogs.msdn.com/virtual_pc_guy...01/734435.aspx

Then you might be able to use a normal serial change utility on it. This is a good one:

http://www.microsoft.com/technet/sys.../VolumeId.mspx

That's only the software volume ID unfortunately, not the manufacturer serial number.

Note that a "Volume Serial Number" (created when formating a partition) is completely separate from a hard drive's true embedded serial number. For example:

http://www.SpywareDrGuide.com/Virtua..._sn_vsn_01.jpg

Two Seagate 250MB SATA hard drives. HD0 has two partitions, C: and E: and HD1 has a single partition, D:. Both the LABEL command and Everest show the same "Volume Serial Number"'s for the three partitions:

C: = A465-2B52
D: = 28DA-A93E
E: = 4292-E8FB

Seagate's "SeaTools for Windows" shows the true Seagate serial numbers for each drive:

HD0 = 3ND02LXC
HD1 = 3ND00WSF

Unlike a volume "Label" and/or "Volume Serial Number" which can be altered fairly easily by an end user, an embedded hard drive serial number cannot be.

I fully understand the difference between volume serial number and manufacturer serial number, and, while on a physical computer the latter cannot be changed, I thought there should be a way to change the manufacturer serial number on a virtual machine, since it appears that information is not populated by Virtual PC anyways.

It turns out that the physical serial number will always report blank on Virtual PC and Virtual Server -- it can't be changed. I haven't found anything that suggests it can be done in VMware either, although I didn't sign up to have a copy of their .vmdk spec sent to me (you can't just go and download it).

To, reactivate this thread, on some HDD's, HDD serial Number is writed in a EEprom, whitch can be changed, if you know a litle electronics and have the rigth tools.

Quote:

---

Originally Posted by mmx64

To, reactivate this thread, on some HDD's, HDD serial Number is writed in a EEprom, whitch can be changed, if you know a litle electronics and have the rigth tools.

---

Well, I know a little about electronics - would you tell me more about the right tools? Thank you in advance.