Encryption for Executable

Question

Can anyone recommend what's a good way to encrypt an executable? I was trying to use AxCrypt but I don't like the usage, i.e. you specify a passcode and the person who launches the exe needs to specify the passcode. Is there someway to encrypt it once and users just run the exe without specifying any passwords?

If you want to skip the password then whats the use of encryption? — Umair Ahmed, Jul 16 '09 at 06:48
i want to skip it from the executor's viewpoint. so the executable code is jumbled enough that it's difficult for them to reverse engineer. — Farooq, Jul 16 '09 at 07:14
What you want here is technically called *Obfuscation*, not encryption. 280Z28's answer explains the difference. — Colin Pickard, Oct 05 '09 at 14:00

score 11 · Accepted Answer · answered Jul 16 '09 at 06:48

11

It's basically pointless. If it's a .NET or Java program, obfuscators can improve performance and decrease the executable size and make it difficult to reverse engineer. Packers can decrease executable size. Signing can provide assurance to your users that you built the program. But encryption of the executable for the purpose of hiding it's executable code is rather pointless.

answered Jul 16 '09 at 06:48

Sam Harwell

97,721
20
209
280

Security through obscurity doesn't work as reverse engineers will just follow the stack trace of the byte code. He is clearly asking as he wants to make it undetectable by antivirus. – May 06 '21 at 12:48

score 6 · Answer 2 · answered Jul 16 '09 at 08:27

A program which knows how to decrypt itself will contain all the information a hacker needs to compromise the program. You are handing out the lock with the key. However, lets assume you want to put up a small barrier to entry to your program. Maybe you have cheat codes in your game and you don't want someone to be able to just run 'strings' over your program and view them.

What I suggest is packing your program with an a program like UPX. This can further obfuscate your program on disk. Your basic interrogation techniques will only see the tiny decompressor. However, a determined hacker will quickly recognize the compressor program and decompress it. In either case, once a program is running in memory, one can take a core dump of the process, or attach a debugger to it. There isn't much you can do to prevent this on most hardware.

score 1 · Answer 3 · edited Sep 19 '19 at 04:26

You guy's don't understand the question, it's normal for a programmer to think that way. But as a ethical hacker it is clear that he wants to bypass the antivirus not hide the code, anyway you may use Visual Basic.

for encryption use this code

Public Function TripleDES_Encrypt(ByVal input As String, ByVal pass As String) As String
  Dim TripleDES As New System.Security.Cryptography.TripleDESCryptoServiceProvider
  Dim Hash_TripleDES As New System.Security.Cryptography.MD5CryptoServiceProvider
  Dim encrypted As String = ""
  Try
      Dim hash(23) As Byte
      Dim temp As Byte() = Hash_TripleDES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
      Array.Copy(temp, 0, hash, 0, 16)
      Array.Copy(temp, 0, hash, 15, 8)
      TripleDES.Key = hash
      TripleDES.Mode = Security.Cryptography.CipherMode.ECB
      Dim DESEncrypter As System.Security.Cryptography.ICryptoTransform = TripleDES.CreateEncryptor
      Dim Buffer As Byte() = System.Text.ASCIIEncoding.ASCII.GetBytes(input)
      encrypted = Convert.ToBase64String(DESEncrypter.TransformFinalBlock(Buffer, 0, Buffer.Length))
      Return encrypted
  Catch ex As Exception
  End Try
End Function

for decryption

Public Function TripleDES_Decrypt(ByVal input As String, ByVal pass As String) As String
    Dim TripleDES As New System.Security.Cryptography.TripleDESCryptoServiceProvider
    Dim Hash_TripleDES As New System.Security.Cryptography.MD5CryptoServiceProvider
    Dim decrypted As String = ""
    Try
        Dim hash(23) As Byte
        Dim temp As Byte() = Hash_TripleDES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
        Array.Copy(temp, 0, hash, 0, 16)
        Array.Copy(temp, 0, hash, 15, 8)
        TripleDES.Key = hash
        TripleDES.Mode = Security.Cryptography.CipherMode.ECB
        Dim DESDecrypter As System.Security.Cryptography.ICryptoTransform = TripleDES.CreateDecryptor
        Dim Buffer As Byte() = Convert.FromBase64String(input)
        decrypted = System.Text.ASCIIEncoding.ASCII.GetString(DESDecrypter.TransformFinalBlock(Buffer, 0, Buffer.Length))
        Return decrypted
    Catch ex As Exception
    End Try
End Function

Umair Ahmed · Answer 4 · 2009-07-16T06:57:20.993

0

If you only want specific users to run the exe then, you can define policies under windows that would allow you to run it for only specific users.

but if you want to hide code then: since you have not mentioned which language you used to make the exe. If its c/c++ its already encrypted enough, it requires some work to get the code from it. If its java or csharp there are obfuscators that you can use. it would somewhat make it difficult to get the code from exe.

edited Jul 16 '09 at 06:57

answered Jul 16 '09 at 06:49

Umair Ahmed

11,238
5
33
39

i've packaged the exe using AutoIt. The reason I'm trying to do this is because for this particular solution (I know it's a horrible practice), I need to specify the local admin credentials inside the package. Trying to see if I can add on another layer of encryption on top of the encryption that AutoIt uses when you compile to exe. – Farooq Jul 16 '09 at 07:12

score 0 · Answer 5 · answered Oct 27 '22 at 20:00

To answer the OP, I am not aware of a product that does this. It seems to me that it should be possible.

I'm guessing you are trying to protect your intellectual property by encrypting your executable and not to bypass antivirus programs as others have suggested.

First, a password probably does little to protect your IP by itself. But if that is all you want, then you should be able to save the password to a credential manager.

The problem I see offhand with just a password is that customers could easily share it.

Additional issues with any system: Did you decrypt the executable to storage media? If so, the unencrypted executable can be found and copied. Will the executable run strictly from memory, and if so, how do you keep it from being read from memory using a VM or debugger? If you have another trick, will it work correctly if parts of your program are swapped to disk in a low memory situation?

If decryption is just an algorithm, the algorithm will be on the machine and can be found and reversed engineered.

If the method uses asymmetric (public/private) keys, and the necessary key is available on the machine, the key can be found.

The decryption key will need to be somewhere. If an online broker provides it, you rely on the broker to protect the key that does the decrypting. If you act as the online broker for your customers, you will have more control over the process and you also get to do all the heavy lifting.

A scenario could be that you have a separate public/private set of keys to talk to the key broker. Collect information from the customer machine, encrypt that information into a packet with one of the keys and send that to your key broker system. The key broker has the other key to decode that packet, validates the customer machine is authorized to use the program, and sends the separate decryption key to decrypt the program.

My general answer is that it should be possible to protect your IP without needing to type a password in each time, but it won't be easy and I don't know of any implementations. As others have mentioned, obfuscation is what most people use.

Encryption for Executable

5 Answers5

Linked

Related