Piracy protection by Spigot

Discussion in 'Spigot Plugin Development' started by ItzMace, Apr 21, 2017.

  1. Hello Community :)

    I want to release a Premium Plugin and I want to add a piracy protection into it.

    What I found was this URL:
    http://www.spigotmc.org/api/resource.php?user_id=USER&resource_id=RESOURCE&nonce=NONCE

    Can someone explain me how this system works?


    How do I replace [USER], [RESOURCE] and [NONCE] automatically in the URL?
    Or are there any placeholders that will be automatically replaced by Spigot when downloaded or executed?

    This is what I got so far:

    Code (Text):
           try {
                URL web = new URL("http://www.spigotmc.org/api/resource.php?user_id=[USER]&resource_id=[RESOURCE]&nonce=[NONCE]");
                URLConnection yc = web.openConnection();
                BufferedReader in = new BufferedReader(new InputStreamReader(yc
                        .getInputStream()));
                String inputLine;
                while ((inputLine = in.readLine()) != null) {
                    if (inputLine.equalsIgnoreCase("false"))
                         System.out.println("Piracy detected");
                 }
     
                in.close();
            } catch (Exception e) {
                e.printStackTrace();
            }  

    Best regards
    ItzMace :)
     
  2. So replacing the URL with:

    Code (Text):
    http://www.spigotmc.org/api/resource.php?user_id=%%__USER__%%&resource_id=%%__RESOURCE__%%&nonce=%%__NONCE__%%
    and uploading the plugin will replace the placeholders with the individual information on download?

    And thats all I need to do?
     
  3. When a buyers download the plugin, in the jar spigot replace automatic the variable.
     
    • Like Like x 1
  4. Awesome!
    And the other parts of the code will also work like this?

    Code (Text):
    while ((inputLine = in.readLine()) != null) {
                    if (inputLine.equalsIgnoreCase("false"))
                         System.out.println("Piracy detected");
                 }

    So will it write "Piracy detected" into the console if a problem appears?
     
  5. I think you need create a list with a user denied.
    And check if the list contain the user block plugin.
     
  6. Does that mean I need to have a (for example) MySQL Database and store all IDs that I want to deny using my plugin?
    I thought that the URL shown above shows "false" on the side if there is a problem with the plugin
     
  7. Don't bother making an anti-piracy. Easy bypassable in seconds.
     
    • Agree Agree x 1
  8. Not in seconds, but this guy is kinda right - someone who knows what they are doing will take no time to crack most of what you will do, unless you are using some supreme obfuscator
     
  9. Give me a download, have me blacklisted and 5secs and I bypassed it. ;)
     
  10. Maybe you're right. But I think that most people having no idea of coding or bypassing anti-piracy systems.
    So I think that such a system might be useful.
     
  11. Tons of people know it. Trust me. You are just wasting ur time for it.
     
  12. Ok. Thanks for your messages. :)
    But I still want to know how to set up such a thing
     
  13. Have a document somewhere on the internet that is accessable. Read it from there, if the list contains the userID, disable the plugin. However, you are not allowed to disable the plugin if the user has no access to internet etc.
     
  14. Ok thanks :)
    But when will be the content of the following side "false"?
    http://www.spigotmc.org/api/resourc...ource_id=%%__RESOURCE__%%&nonce=%%__NONCE__%%

    I also saw people using this system and disabling the plugin, when the website shows false.
     
  15. MiniDigger

    Supporter

    • Informative Informative x 1
  16. Own Block-List thingy: (a waste of time if you ask me)

    - Install a Webserver with min. php5.0
    - Install a MySQL-Server
    - Create User and Database to use
    - Create Table for Storing the IDs
    kinda like this:
    id PRIMARY KEY
    denied BOOL, NOT NULL
    - Create PHP-Script which fetches the MySQL Data and gives back results (true/false)

    Alternative for the Webserver is a Script witch accepts TCP-Clients to Connect and Fetch Data.
     
  17. maldahleh

    Wiki Team

    Issue with any privacy protection is it won't work, sure it may slow down the average person looking to pirate your work but if your plugin becomes big then there will be people who are experts at cracking piracy protection that will crack your plugin and release it.

    Massive companies (Adobe, Microsoft, etc) are struggling all the time with piracy protection because there really is no solution that will always work, if someone is determined they will always find a way to get around your protection.