Solved

SHA-1 checksum vs .exe obfuscation

Posted on 2012-12-22
7
562 Views
Last Modified: 2012-12-22
I have a Windows app that has been compromised (hacked).  I am looking at obfuscation but was wondering if generating a SHA-1 checksum and then checking it from within the program would suffice as far as letting me know the app has been compromised.

Comments?
0
Comment
Question by:rmmarsh
  • 3
  • 3
7 Comments
 
LVL 4

Expert Comment

by:brendonfeeley
ID: 38715619
File hashing will let you know whether or not it is different to known hashes for that file. However, it won't tell you what has changed or how it was done.

What do you mean when you say it "has been compromised"? How do you know?
0
 

Author Comment

by:rmmarsh
ID: 38715627
The guy has access to functions that are only available with a license, which he has not purchased.  I send a response to his email saying something was not working as it should, and I responded that he shouldn't even have access to that function... haven't heard from him since. :D

So, will it tell me if the program has been reverse-engineered?  (i.e. using .NET Reflector).  Is obfuscation better? (like Crypto Obfuscator)
0
 
LVL 4

Accepted Solution

by:
brendonfeeley earned 500 total points
ID: 38715634
I think it's almost certain that it has been reverse engineered and/or the application has been patched in order to grant access to locked functionality. File hashing will definitely tell you if the file has been patched.
0
3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

 

Author Comment

by:rmmarsh
ID: 38715644
So, I guess I better byte the bullet for $150 USD and buy the obfuscator...   thanks for your insight.
0
 
LVL 4

Expert Comment

by:brendonfeeley
ID: 38715651
There is a good article here on how to go about securing .NET code:
http://msdn.microsoft.com/en-us/magazine/cc164058.aspx
0
 

Author Comment

by:rmmarsh
ID: 38715663
I saw that, plus a few others... settled on Crypto Obfuscation for .NET... seems to be the most comprehensive, plus they answered my emails right away... I like good support! :D  

Thanks again...
0
 
LVL 84

Expert Comment

by:ozo
ID: 38715742
If the app can be compromised, what prevents the SHA checking within the program from being compromised?
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A long time ago (May 2011), I have written an article showing you how to create a DLL using Visual Studio 2005 to be hosted in SQL Server 2005. That was valid at that time and it is still valid if you are still using these versions. You can still re…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
A simple description of email encryption using a secure portal service. This is one of the choices offered by The Email Laundry for email encryption. The other choices are pdf encryption which creates an encrypted pdf of your email and any attachmen…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now