1

I compile the release version of my application project. When I look with binary editor my compiled final exe i can see all the class name of my own created object, for example : TPolygon, TRectangle, etc..., as binary text data inside the exe.

How i can remove this information from exe. I try to remove disabling RTTI using in dpr:

{$WEAKLINKRTTI ON}
{$RTTI EXPLICIT METHODS([]) PROPERTIES([]) FIELDS([])}

But not luck, any hints.

David A
  • 763
  • 1
  • 9
  • 22
  • 1
    Instead of delete the class names, you can try using a tool which encrypt and/or obfuscate the exe. – RRUZ Jul 18 '13 at 20:33
  • @RRUZ, I try obfuscate with some packers, but after exe run and dump a memory snapshot, the classes names are in memory stream. – David A Jul 18 '13 at 20:54
  • 1
    Any good hacker will crack your app if all you want to do is hide some names. If they are able to inspect the unpacked executable in memory then they'll be able to do the rest. The question seems to be morphing somewhat. – David Heffernan Jul 18 '13 at 21:08
  • Don't struggle. Release under GPL. – OnTheFly Jul 19 '13 at 00:47

1 Answers1

2

If you were to remove class names from the executable, then your application would stop working. The .dfm files that are compiled into your application contain the class names. The runtime streaming framework needs to be able to look those classes up in the class registry and without the names then your forms and their properties could not be streamed.

On top of that, as AlexSC points out, the implementation of TObject.ClassName requires the names of the classes to be present in the executable file.

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
  • Besides that, those strings are also returned by the method TObject.ClassName. So, just like David said, those names must continue in .EXE file. – AlexSC Jul 18 '13 at 20:07
  • @David Heffernan, Yes with visual components in form it's okay, but for example to validate my serial application, I use some security class, and I not use TObject.ClassName in any place of my TSerialCheckSum object. So it's possible erase class name, at least for the securitys class. – David A Jul 18 '13 at 20:26
  • 8
    Just give that class a non-descript name – David Heffernan Jul 18 '13 at 20:41
  • 3
    Or, as it happened, I saw an application, where they use proprietary directives and preprocessor e.g. `{#ENCRYPT+}TFindSeqForm{#ENCRYPT-} = class(TForm)` – pf1957 Jul 19 '13 at 06:52
  • @pf1957,Great! +1, can you explain a little more how this work?. – David A Jul 19 '13 at 18:37
  • 1
    Symbolic names which should be obfuscated are surrounded by {#ENCRYPT+} ... {#ENCRYPT-} blocks to simplify parsing process. In the next phase, all such blocks in all source files are parsed and symbolic names are changed to cryptic ones. The result is saved into interim files from which the exe is built using command line compiler. – pf1957 Jul 19 '13 at 19:36
  • @pf you have to encrypt all class names otherwise the "hidden" one sticks out like a sore thumb – David Heffernan Jul 19 '13 at 20:01
  • 1
    @David: As I wrote: I saw it, not used it... But I don think so: IMHO it depends on imaginations: you can generate obfuscated names using dictionary to reseble real names e.g. for a form to generate **TPF1957SpeedButton** – pf1957 Jul 19 '13 at 20:27