News:

MASM32 SDK Description, downloads and other helpful links
MASM32.com New Forum Link
masmforum WebSite

how to hide strings data in my applications?

Started by ossama, January 13, 2008, 05:55:07 PM

Previous topic - Next topic

ToutEnMasm

Hello,
Without searching to crypt them (windows has a set of function to do it) a simple decalage (shl 1) can mask the letters.You can also add a rol to this.Write your path and key in unicode (two bytes instead of one) and there is plenty of simple methods you can used.


P1

How much data are you trying to hide?  This will determine an appropiate response to what you are asking.

Like if it's a bunch of strings, encryption in the resource section is one option.

Regards,  P1   :8)

ossama

Quote from: P1 on January 16, 2008, 03:47:00 PM
Like if it's a bunch of strings, encryption in the resource section is one option.
how can i encrypt the resource section? i am sorry , i am newbie  :bg

Jupiter

Quote from: ossama on January 16, 2008, 04:16:06 PM
how can i encrypt the resource section? i am sorry , i am newbie  :bg
if you encrypt resources (not whole section!), you must handle them using your own code, no more system LoadString API - do it via LoadResource / LockResource manually

anyway I really do not recommend to touch resource section while you're newbie.

If you want to protect your file - use commercial protectors available on market.
You may use UPX to pack your file and check at runtime file size and CRC to be sure that file is packed.
But if one need to unpack your app, he will do it even if you spend many time to create protection.
The best method against static analysis - it's decryption on request using dynamic key. Decryption routine must located in allocated memory (not as code in code section).
generic method:
crypt you code that will decrypt later your string data
at runtime allocate memory via VirtualAlloc (don't forget that allocated memory must be executable), decrypt encrypted decryptor (ooooof!) there and call it to decrypt strings data.
EnJoy!

ossama

encrypting resource section seems ok to me.
i have my strings in a STRING TABLE in the resource,can i encrypt only STRING-TABLE in the resource section (i mean the other types like menu,dialog,icon,...are not encrypted)?

P1

Quote from: Jupiter on January 16, 2008, 11:10:25 PManyway I really do not recommend to touch resource section while you're newbie.
I'll be blunt, there is nothing 'newbie' about the techniques he wants to used.

He is joining the Programming Polar Bear club, no matter how cold the water ( programming ) gets, he wants the experience.

Regards,  P1   :8)

ossama

hi P1,
can you show me how to encrypt resource section and if it is possibe to encrypt only STRING-TABLE in the resource?
thank you

xmetal

Oh well...


.686
.model flat,stdcall

option casemap:none
include \masm32\include\windows.inc

include \masm32\include\kernel32.inc
include \masm32\include\user32.inc

includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib

xorstr macro str:req,key:req

local i,l,p,c

i = 2
l sizestr <str>
c equ <>

repeat l - 2

p substr <str>,i,1
p catstr <'>,p,<'>
c catstr c,<,>,%(p xor key)

i = i + 1

endm

l sizestr c
c substr c,2,l-1

exitm c

endm

xormem macro var:req,len:req,key:req

local i

i = 0

repeat (len) / 4

xor dword ptr var[i],(key shl 24) or (key shl 16) or (key shl 8) or key
i = i + 4

endm

while i lt len

xor byte ptr var[i],key
i = i + 1

endm

endm

.data

text db xorstr("xorstr,xormem macros",45),0

.code

start:

xormem text,20,45
invoke MessageBox,0,addr text,addr text,0

invoke ExitProcess,0
ret

end start

P1

Quote from: ossama on January 17, 2008, 06:03:04 AM
encrypting resource section seems ok to me.
i have my strings in a STRING TABLE in the resource,can i encrypt only STRING-TABLE in the resource section (i mean the other types like menu,dialog,icon,...are not encrypted)?
You pre-encrypt the string as inserted into the resource section at build time.  Then decrypt them as you use them.

Regards,  P1   :8)

ossama

xmetal , good idea, i will use it (with some modifications)

ragdog

hi ossama

i have this hidden string algo from CyberDoom
i hope it´s help you

greets
ragdog

[attachment deleted by admin]