Obfuscating function names and the like inside exe file
BCS
none at anon.com
Sun Mar 21 14:38:06 PDT 2010
Hello bobef,
> Walter Bright Wrote:
>
>> 1. make sure you're not compiling with debug info (-g) on.
>>
> Bye bye stack traces... :(
>
Only for release builds.
>> 2. you can just use a bit editor to stomp on those names in the
>> executable (replace them with XXXXX or whatever). The exe files are
>> not checksummed, so this should be straightforward.
>>
> Too much manual work. Any clues how I can automate this? At least
> where I should look for info?
>
If you know what to look for, some kind of find/replace might work.
>> 3. rename your sensitive classes to obscure names, then alias them to
>> a readable name. The alias name shouldn't appear in the executable:
>>
>> class CXX97ASDFXX { }
>> alias CXX97ASDFXX mySensitiveName;
> Nice idea. Didn't thought about it. But it won't work for external
> libraries. For example if I'm using dcrypt it will be obvious I'm
> using one of its supported ciphers for my encrypted data. I wouldn't
> wish this to be so obvious, at least not for people without
> reverse-engineering skills.
I'd assume anyone who can identify the cypher from function names and apply
it to strings in the file already has reverse-engineering skills. And if
you are considering the attacker knowing what cypher you are using to be
a security issue, don't bother I anyone able to think about cracking any
real cypher can get that from the binary no matter what you do.
--
... <IXOYE><
More information about the Digitalmars-d
mailing list