You'll need some kind of server-side backend to perform the authentication. A simple PHP script on a HTTP server can be enough; for example returning a simple 1 when valid, or a 0 when invalid.
Keep in mind that this simple example is easily bypassable.
But in theory, this is how authentication works.
I guess your question was aiming for actual implementation examples. I can't recommend any libraries for networking. I only know libcurl and boost asio (which is completely overkill for this task, if you're not using it already).
There are some things to consider when you're attempting to create an authentication mechanism that is not defeatable by any 5 y.o. fartnite kid.
Creating a hard-to-bypass authentication is pretty much kind of an art. Since the code runs on the users machine, there is (as current state of computer architecture) no way to create a 100% secure solution. Even creating a half-decent one can be time consuming.
There are several "ideas" I've came across in the past:
"Security" by obscurity:
Actually not secure at all
Theory: Create an secret algorithm to make sure the user can not easily emulate the server. Will only be pseudo-secure of a limited amount of time. Can range, depending on your popularity, from minutes to even years.
Always online:
Theory: Mandatory data (e. g. offsets, pattern, code) is retrieved from the server. Emulating will require more work.
Watermark:
Theory: Every customer gets a watermarked version of your hack. If someone shares his version of the hack, you can at least comprehend where the leak is.
BTW: If you are creating the authentication code in C# aswell, you can pretty much ignore everything I wrote before and just accept that anyone can bypass your protection by just throwing de4dot and a random decompiler on it.
|