1

I am trying to avoid literal strings from appearing in the executable. I want to put a string encrypted in the executable and then decrypt and use it at runtime. I read a bit into How to hide a string in binary code? and http://bytes.com/topic/c/answers/222096-hiding-string-compiled-code, but this is not exactly what I want.

Could it be done using macros? For example, I can declare a wide char string using

wchar_t str[] = L"value"

or

wchar_t *str = L"value"

and magical L will convert chars to widechars. Is it possible to create another magical L like this to make encrypted strings? E.g:

ENC"value"

For the moment I am defining already encrypted strings as macros:

#define SAMPLE_STRING "ftnurd eru etrth" /*Random chars for imitating encryption*/

and passing them to a normal function like

char *decstr(char *data)

Is there an easier method to do this?

I am using Windows XP SP3 with Visual C++ 2008 Express.

Community
  • 1
  • 1
BalticMusicFan
  • 653
  • 1
  • 8
  • 21

1 Answers1

1

Why not simply create an encryption and decryption function? Then you could write something like

char *hidden_password = my_encrypt("pAsSw0rd");
puts(hidden_pasword); // "aCud5Ttei23w8D"
// ...
char *real_password = my_decrypt("aCud5Ttei23w8D");
puts(real_password); // "pAsSw0rd"

However, it's not a good idea to store hard-wired text strings in your executable if they contain sensitive data. Also, don't reinvent the wheel - before rolling your very own encryption method, try some established, high-quality, cryptographically secure libraries like OpenSSL.

  • but if i pass "pAsSw0rd" to normal function, i can find string "pAsSw0rd" in my executable. This example will read "pAsSw0rd" from file (or it is already loaded in memory) and store encrypted result in memory. – BalticMusicFan Aug 24 '13 at 07:55
  • @DjJeshk That was just an example. The point is, if you need `"pAsSw0rd"`, then you encrypt it, then store the **encrypted** string in the executable, then you decrypt it at run-time to find the original, non-encrypted string. –  Aug 24 '13 at 07:58
  • If I have much more strings to encrypt, i have to put already encrypted strings in the executable. Would not be easier to use some DontKnowHowToWriteThis macro? – BalticMusicFan Aug 24 '13 at 08:45
  • @DjJeshk Why do you think a macro would solve your problem? Macros are not magic. You won't be able to hammer in raw data and have encrypted strings in the binary all of a sudden. –  Aug 24 '13 at 08:48
  • A text from http://gcc.gnu.org/onlinedocs/cpp/Macros.html : _A macro is a fragment of code which has been given a name. Whenever the name is used, it is replaced by the contents of the macro._ My guess is that macros are _executed_ before any real compilation begins. – BalticMusicFan Aug 24 '13 at 08:55
  • @DjJeshk No, they aren't. They are substituted the text they are `#define`d. –  Aug 24 '13 at 08:56
  • And what about http://gcc.gnu.org/onlinedocs/cpp/Macro-Arguments.html#Macro-Arguments ? – BalticMusicFan Aug 24 '13 at 09:01
  • @DjJeshk Well, what about them? –  Aug 24 '13 at 09:02
  • I know i can process each char seperately char test[5] = {E('T'), E('e'), E('s'), E('t'), '\0'} but why not char test[5] = ENC("Test") ? – BalticMusicFan Aug 24 '13 at 09:09