Getting computer info with Flash

Report · Nov 27, 2007

Hello guys!

I remember once to read about how flash can get computer info.

Any ideas how?

i need something like mac adress, hd serial and some stuff like that.

Thanks!

Report · Nov 27, 2007

There's a limited amount of information available. I don't think you can directly get that information.

System capabilities offers this:
http://livedocs.adobe.com/flash/9.0/main/00001498.html#wp189495

Beyond that, if you are creating a projector style application, then you will be able to get more information if you use a 3rd party wrapper (depending on what the API of the wrapper exposes). E.g. Zinc, Swf studio and others (can't remember the names google for flash projector tools or something like that).

Report · Nov 27, 2007

Hi!

Thanks for the info so can start to wonder how to pull this off.

I have to pull some way to protect my content that will be installed in clients machines.

Can you give me some guidance in this process? Maybe someone have better ideas :)

My main idea is:

1 - User install the flash aplication;

2 - 1st time user uses the apllication it will go to a webpgae to validate his install;

3 - That info will be stored in a Shared Object inside clients machine;

4 - Each time the Client opens the Apllication it will see if there the SharedObject exists. If there is not, it will validate, if the SharedObject don't exists and is different from the one it is supposed to have, some problem occurs and maybe the Flash file was moved. Then the Flash will pull a pop up saying the user to validate it again;

Report · Nov 27, 2007

I'm far from being an expert on this type of thing. My thoughts are conceptual only (possibly not sensible!) and I do not claim to be an expert in application security:

To do it in the way I think you want...I'm not sure how you could get enough local machine info to generate a very machine specific hash to use for the type of thing you are describing. The only way I see this being possible is via an extended API offered by a 3rd party tool. So the hash in the sharedObject is a combination of the machine information and something the server based validation does to it. The local app would recreate the machine based hash each startup and then compare it to the code in the sharedObject. The codes are not the same, but the check renders them as compatible, otherwise if not or if the sharedObject is not there, a server-based validation is required to regenerate the sharedObject data.