ttobin333
asked on
Hiding text strings in my program from hex/text editors
Dear Experts,
I know that with the use of text or hex editors, strings can be seen inside compliled exe files, even when compiled to native code.
To avoid giving unnecessary clues about the workings of my software to hackers, rather than actually write the strings inside quotes, what if I convert them to the ASCI codes e.g., Chr(52)+Chr(53) instead of "45". Can this be detected? Do I need to use encryption? If so, suggestions please.
Are there any tools that make decompiling a VB6 program more difficult?
Thanks!
I know that with the use of text or hex editors, strings can be seen inside compliled exe files, even when compiled to native code.
To avoid giving unnecessary clues about the workings of my software to hackers, rather than actually write the strings inside quotes, what if I convert them to the ASCI codes e.g., Chr(52)+Chr(53) instead of "45". Can this be detected? Do I need to use encryption? If so, suggestions please.
Are there any tools that make decompiling a VB6 program more difficult?
Thanks!
ASKER
Thanks Jim! Sounds excellent. Would you please give a brief working example of this to illustrate?
The first step is to select some number of relatively random bytes, at least as long as your longest string. Here's a set that's composed of the first 32 bits of the mantissas of the cube roots of the first 64 prime numbers:
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
Now save those bytes as the mask in your program and possibly a simple utility to create the masked byte arrays from the strings you need in your program. Say one of your strings is "FRED". The corresponding bytes are:
0x46 0x52 0x45 ox 44
Then create the maskd bytes by:
masked[0] = 0x46 Xor 0x42
masked[1] = 0x52 Xor 0x8a
masked[2] = 0x45 Xor 0x2f
masked[3] = 0x44 Xor 0x98
Then Masked = 0x04 0xd8 0x6a 0xdc
Do that for each of your strings, and stored the masked strings in your code. To revert to plaintext, just use the same mask bytes with the masked bytes, as:
plain[0] = 0x04 Xor 0x42
plain[1] = 0xd8 Xor 0x8a
plain[2] = 0x6a Xor 0x2f
plain[3] = 0xdc Xor 0x98
Then plain = 0x46 0x52 0x45 0x44 = "FRED".
Jim
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
Now save those bytes as the mask in your program and possibly a simple utility to create the masked byte arrays from the strings you need in your program. Say one of your strings is "FRED". The corresponding bytes are:
0x46 0x52 0x45 ox 44
Then create the maskd bytes by:
masked[0] = 0x46 Xor 0x42
masked[1] = 0x52 Xor 0x8a
masked[2] = 0x45 Xor 0x2f
masked[3] = 0x44 Xor 0x98
Then Masked = 0x04 0xd8 0x6a 0xdc
Do that for each of your strings, and stored the masked strings in your code. To revert to plaintext, just use the same mask bytes with the masked bytes, as:
plain[0] = 0x04 Xor 0x42
plain[1] = 0xd8 Xor 0x8a
plain[2] = 0x6a Xor 0x2f
plain[3] = 0xdc Xor 0x98
Then plain = 0x46 0x52 0x45 0x44 = "FRED".
Jim
ASKER
Jim, I'm new to encryption, so here's a dumb question for you: how do I convert a character to a byte? I couldn't find a VB function that does this.
Thanks,
Tobin
Thanks,
Tobin
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Jim, thank you. I will try to take it from here...you have gotton me off to a good start.
My pleasure. Good luck.
Jim
Jim
A simple masking technique that's also quick involves the use of the Xor (Exclusive OR) operator. To do this,
1. Create a random array of bytes that's at least as long as your longest string. Call it mask.
2. convert a plaintext string to a byte array. Call it source.
3. Create a third array the same length as the source array. Call it masked.
3. Iterate over the source array. For each,
masked[i] = source[i] Xor mask[i]
4 Save the masked array for inclusion in your source code.
To convert back to the original string at runtime, for each byte,
plainText[i] = masked[i] Xor mask[i]
This is very fast.
Jim