Serialkey validator against online database

Hello everyone,

I wanted to share this simple serial generator and validator.
Off course its a simple version and only includes a serial code, meaning you dont have to have a email adress or name or whatever.

For this to work you need a website to store the hashes of all the serial codes you want to use.

This is the generator file, currently it generates random serial codes and writes them to 2 files, one file with the serial codes and the hashes (called local.txt) and one file with only the hashes (called remote.txt).

Obviously this means you have to keep local.txt on your personal computer and upload remote.txt to your site.

(* Serial Key check

Test program to generate serial keys and writes to Local.txt & Remote.txt these files will be made on your desktop's
Using md5 as hash it's not fool proof, Ofcourse it's crackable using rainbow table's or brute forcing.

set RemoteFile to (path to desktop as string) & "Remote.txt"
set LocalFile to (path to desktop as string) & "Local.txt"
repeat 1000 times
	set Serialkey to (do shell script "echo $RANDOM") * (do shell script "echo $RANDOM")
	set md5hash to (do shell script "echo -n '" & Serialkey & "' | md5")
	set SerialHashL to ("Key:" & Serialkey & "," & "Hash" & ":" & md5hash) as text
	set SerialHashL to SerialHashL & "
" as text
	set SerialHashR to md5hash & "
		set fileRef to open for access file RemoteFile with write permission
		write SerialHashR to fileRef starting at eof
		close access fileRef
	on error
			close access file RemoteFile
		end try
	end try
		set fileRef to open for access file LocalFile with write permission
		write SerialHashL to fileRef starting at eof
		close access fileRef
	on error
			close access file LocalFile
		end try
	end try
end repeat

That concludes the generator, I also made a validator and generated 1000 serial codes, from wich I uploaded the hashes to my site ( wich is under contruction but visible a.t.m.)

I actually started with the validator instead of starting with the generator, I thought it was easier that way.
and so the generator is based grandly on the validator.

set database to (do shell script "curl")
set Serialkey to text returned of (display dialog "Please enter Serial Code." default answer "Serial Code")
set md5hash to (do shell script "echo -n '" & Serialkey & "' | md5")
if md5hash is in database then
	display dialog "Serial Code is correct"
	display dialog "Serial Code is incorrect"
end if

I remind you again, it is only a simple sample code, nothing fancy and not that hard to crack (lol, just replace with: display dialog “Serial Code is correct”) So, just code it out a little more and have fun.

if you wish to try and crack it have fun with this
Serials only include numbers. No special characters or letter.

If you want to try it without cracking go to
I didn’t check all the serials, there might be doubles (although unlikely. the serials are generated using random * random), and some might even return a false negative.

I put both files on dropbox, since I don’t want to stress my servers, it’s currently being hosted on a small non-dedicated server.

All the files will soon be downloadable on my website,

Please, comment if you see a flaw. Or a way to improve my script.

Thanks in advance!
Sincerly, Xpresso