URGENT: Text strings in program visible in compiled EXE!!!!

General FreeBASIC programming questions.
cenozoite
Posts: 243
Joined: Aug 21, 2005 21:41

URGENT: Text strings in program visible in compiled EXE!!!!

Postby cenozoite » Jun 29, 2006 18:46

I notice that when I compile a program into an EXE, it can still be opened in Notepad and while most of it is garbled junk that can't be read, near the bottom there is always a section of plain ascii text that contains any and all references in the original code to plain text strings. For example, compile the code:

Code: Select all

input "Type something: ",a$
if a$="hello" then Print "Hi yourself"
Sleep
End


Then open the compiled EXE in Notepad. Look near the bottom or do a search and you'll see that all three text strings contained in the program appear in plain ascii format in the EXE file, readable by anyone who opens it that way.

Is there any way to avoid this??? Can it be compiled in a way that will hide or garble everything to anyone who reads it in an ascii editor??
arenth
Posts: 511
Joined: Aug 30, 2005 6:22

Postby arenth » Jun 29, 2006 19:10

Yeah, to hide it, you could use some form of encryption/compression on all your strings, then at runtime decompress/decrypt them to get the original result. If you dont want to go through that work, I believe there are also exe encryptors which will compress and encrypt the code and data segments of your program.
etko
Posts: 113
Joined: May 27, 2005 7:55
Location: Slovakia
Contact:

Postby etko » Jun 29, 2006 19:13

Hehe, this is normal, you can find text string even in normal windows programs. Easiest way you can encrypt string is to use XOR method it's quite easy and fast. However any only bit experienced hacker will be able to decrypt these strings.
cenozoite
Posts: 243
Joined: Aug 21, 2005 21:41

Postby cenozoite » Jun 29, 2006 19:17

Thank you for the replies. So my follow-up questions would be:

1) What is the XOR method?

2) What/Where are the best, trusted EXE encryptors that accomplish this effectively?
Last edited by cenozoite on Jun 29, 2006 19:33, edited 1 time in total.
etko
Posts: 113
Joined: May 27, 2005 7:55
Location: Slovakia
Contact:

Postby etko » Jun 29, 2006 19:32

1.) Several links about this:
VB Sample
C net code example
some QB abc packets

2.) I don't know about this, maybe packing with upx will be enough for you.

Anyway there is no way for you to encrypt the strings reliably, any encryption can be broken sooner or later if you have access to the program image, good debugger, haxorz skills and free time :).
cenozoite
Posts: 243
Joined: Aug 21, 2005 21:41

Postby cenozoite » Jun 29, 2006 19:40

I would be pretty content with encrypting against regular users being able to access the string data. If elite hackers have the time and inclination to decrypt, that's fine, but maximum protection against normal users would be good.

I have found a bunch of EXE encryptors but I have no idea how to tell the good ones from the shoddy ones. What is packing with UPX?
voodooattack
Posts: 605
Joined: Feb 18, 2006 13:30
Location: Alexandria / Egypt
Contact:

Postby voodooattack » Jun 29, 2006 20:10

UPX is an exe compressor/encryptor.. good tool imo..

http://upx.sourceforge.net/

you can use this small tool i wrote to prevent other tools from detecting upx/decompressing the exe:

maskupx.bas

Code: Select all

   
   
    Option Explicit
   
   
    Dim sSig    as ZString * 4
    Dim i       as Integer
    Dim b       as Byte
    Dim s       as Short
   
    Print "MASKUPX: " & Command$(1)
    Print
   
    Randomize (Timer * 1000)
   
    Open Command$(1) for binary as #1
       
        For i = 0 to LOF(1)
            Get #1, i, sSig
            If Left(sSig,3) = "UPX" Then
                s = rnd() * &HFFFF
                b = rnd() * &HFF
                Put #1, i, s
                Put #1, i + 2, b
                Print "Found a UPX signature at offset #" & (i), , "- Got it."
            End If
        Next i
       
    Close #1
    Print ,,,,"- Done."
   
DrV
Site Admin
Posts: 2116
Joined: May 27, 2005 18:39
Location: Midwestern USA
Contact:

Postby DrV » Jun 29, 2006 20:20

Perhaps you should reread the UPX license, an excerpt of which I quote here (the emphasis is mine):

1. You must compress your program with a completely unmodified UPX
version; either with our precompiled version, or (at your option)
with a self compiled version of the unmodified UPX sources as
distributed by us.
2. This also implies that the UPX stub must be completely unmodfied, i.e.
the stub imbedded in your compressed program must be byte-identical
to the stub that is produced by the official unmodified UPX version.
3. The decompressor and any other code from the stub must exclusively get
used by the unmodified UPX stub for decompressing your program at
program startup. No portion of the stub may get read, copied,
called or otherwise get used or accessed by your program.
voodooattack
Posts: 605
Joined: Feb 18, 2006 13:30
Location: Alexandria / Egypt
Contact:

Postby voodooattack » Jun 29, 2006 20:22

well i think i didn't bother to read it.. :P


another method is using "Yoda's Protector"

http://sourceforge.net/projects/yodap/
rugxulo
Posts: 219
Joined: Jun 30, 2006 5:31
Location: Usono (aka, USA)
Contact:

Postby rugxulo » Jun 30, 2006 5:44

Yes, they basically want you to always be able to decompress the compressed .EXE if need be. The stub itself is copyrighted by them, but you are granted free access to use and distribute programs using it as long as you don't modify it. However, lots of people modify it anyways (which I don't recommend). What is so top secret that you need to encrypt? No offense, but you are wasting your time: some people (too many, IMO) get their kicks by viruses, cracking, etc. It's ridiculous, unavoidable, not worth worrying about, IMO.

DrV wrote:Perhaps you should reread the UPX license, an excerpt of which I quote here (the emphasis is mine):

the UPX stub must be completely unmodfied
MichaelW
Posts: 3500
Joined: May 16, 2006 22:34
Location: USA

Postby MichaelW » Jun 30, 2006 7:30

For “regular” users, even the simplest form of string encryption would prevent them from reading the strings, assuming they even knew that such a thing could be done.

Code: Select all

option explicit

sub xorstr( target as string, key as byte )
    dim i as integer
    for i = 0 to len( target ) - 1
        target[i] = target[i] xor key
    next
end sub

dim s as string = "my other brother darryl"

print s
xorstr s,1
print s
xorstr s,1
print s

sleep

This could be turned into a command line utility to generate encrypted strings that you could paste into your source (don’t some IDE’s provide this capability?). For best results the key value should be <= 31.
1000101
Posts: 2556
Joined: Jun 13, 2005 23:14
Location: SK, Canada

Postby 1000101 » Jun 30, 2006 12:12

MichaelW wrote:For best results the key value should be <= 31.


Actually, for best results, the key should be random.
MichaelW
Posts: 3500
Joined: May 16, 2006 22:34
Location: USA

Postby MichaelW » Jun 30, 2006 12:48

That depends on how you define "best". For my purposes here I was defining it as "whatever is less likely to cause problems" :)

Return to “General”

Who is online

Users browsing this forum: Baidu [Spider] and 6 guests