Download MetaTrader 5

EA signature

To add comments, please log in or register
Ex Ovo Omnia
3389
Ex Ovo Omnia  

Hi, I wonder if any one has any experience how to identify a compiled script or an EA.

When simply browsing the file content, I can spot the version and copyright strings. That is fine, but the weak point is, that I cannot identify the script, when its file name changed. So I wonder, if there is something like "original name" or similar identification signature accessible when browsing the file.

Alain Verleyen
Moderator
33816
Alain Verleyen  
Ovo Cz:

Hi, I wonder if any one has any experience how to identify a compiled script or an EA.

When simply browsing the file content, I can spot the version and copyright strings. That is fine, but the weak point is, that I cannot identify the script, when its file name changed. So I wonder, if there is something like "original name" or similar identification signature accessible when browsing the file.

With a hash of the file ?
Ex Ovo Omnia
3389
Ex Ovo Omnia  
Alain Verleyen:
With a hash if the file ?

Do you mean keeping an external record of compiled binaries? Well, it could be, but it would require a track of all compiled versions, which might easily fail.

Probably easiest solution would be placing an original name into the copyright string. The cons are it looks very amateurishly.

Alain Verleyen
Moderator
33816
Alain Verleyen  
Ovo Cz:

Do you mean keeping an external record of compiled binaries? Well, it could be, but it would require a track of all compiled versions, which might easily fail.

Probably easiest solution would be placing an original name into the copyright string. The cons are it looks very amateurishly.

Yes, I was thinking to something like that. May I ask what is your goal ?
Ex Ovo Omnia
3389
Ex Ovo Omnia  
Alain Verleyen:
Yes, I was thinking to something like that. May I ask what is your goal ?
The goal is an automatic update (not stealth), to be sure it replaces the proper file.
Marco vd Heijden
Moderator
5957
Marco vd Heijden  
Ovo Cz:
The goal is an automatic update (not stealth), to be sure it replaces the proper file.

Maybe tie it to

FILE_MODIFY_DATE

Date of the last modification


Simple comparison will make sure you work with the last modified file.

And if someone tries to hack or copy the file the saved date won't match the expected date so you can lock it down entirely with a messgbox warning or statement.

Ex Ovo Omnia
3389
Ex Ovo Omnia  
Marco vd Heijden:

Maybe tie it to

FILE_MODIFY_DATE

Date of the last modification


Simple comparison will make sure you work with the last modified file.

And if someone tries to hack or copy the file the saved date won't match the expected date so you can lock it down entirely with a messgbox warning or statement.

When you download the file, it gets assigned the download time anyway. And the current files have something like CRC against a simple tampering.

I did not mean a protection, but rather an identification of the binary file. 

Marco vd Heijden
Moderator
5957
Marco vd Heijden  
Ovo Cz:

When you download the file, it gets assigned the download time anyway. And the current files have something like CRC against a simple tampering.

I did not mean a protection, but rather an identification of the binary file. 

Maybe a BASE64 fingerprint i have seen many of those around.
Ex Ovo Omnia
3389
Ex Ovo Omnia  
Marco vd Heijden:
Maybe a BASE64 fingerprint i have seen many of those around.
Well, the question is not "what", but rather "where" to store it. It does not need to be encrypted. I can read the copyright and a version strings unencrypted, but currently I cannot identify the file by other means than its name. So if the user renames the file, I have no clue which file it originally was.
Marco vd Heijden
Moderator
5957
Marco vd Heijden  
Ovo Cz:
Well, the question is not "what", but rather "where" to store it. I does not need to be encrypted. I can read the copyright and a version strings unencrypted, but currently I cannot identify the file by other means than its name. So if the user renames the file, I have no clue which file it originally was.
It means you have to scan all and look into all available files for copyright and a version strings to see which ones it be.
Stanislav Korotky
22881
Stanislav Korotky  
Ovo Cz:
Well, the question is not "what", but rather "where" to store it. It does not need to be encrypted. I can read the copyright and a version strings unencrypted, but currently I cannot identify the file by other means than its name. So if the user renames the file, I have no clue which file it originally was.

You can read url (property link) as well. And you can add file signature as a hash fragment to the url (after # sign). For example:

#property  link      "https://login.mql5.com/en/users/username#unique-string"

The unique string will not affect the link (page) availability. Additionally you may provide a page with a real anchor "unique-string" to pin-point some stuff related to specific file.

12
To add comments, please log in or register