Obfuscating function names and the like inside exe file
Daniel Keep
daniel.keep.lists at gmail.com
Sat Mar 20 20:31:49 PDT 2010
bobef wrote:
> Hello all,
>
> I was wondering if someone know of way to obfuscate all the strings and function names and class names inside DMD Windows generated exe file. Opening the file with notepad shows all kinds of strings and names in clear text and since my application handles some sensitive data it gives me an extra feeling of insecurity. Any suggestions?
>
> Thanks
module seakrit;
char[] supar_enkript(char[] mah_secret)
{
char[] result = mah_secret.dup;
for( size_t i=0; i<result.length; ++i )
result[i] = ~result[i];
return result;
}
alias supar_enkript supar_dekript;
const supar_seakrit_password = supar_enkript("O HAI THAR");
import tango.io.Stdout;
void main()
{
Stdout("Tha supar seakrit password is: ")
(supar_dekript(supar_seakrit_password)).newline;
}
Note that simply using supar_enkript("O HAI THAR") isn't sufficient; you
have to make sure you trigger compile-time evaluation or you'll end up
with the seakrit in the object file.
For extra sekuritee, put supar_enkript in another module that you never
link to.
Of course, the reason for all the bad spelling is to indicate that this
isn't really something I can imagine helping. If your program handles
sensitive data, protect the data, not your program.
If your program *contains* sensitive information, don't give it to the
wrong people.
If someone is really, seriously determined to get at that information,
there's nothing you can do to stop them.
More information about the Digitalmars-d
mailing list