How to hide strings in a exe or a dll?
I discovered that it is possible to extract the hard-coded strings from a binary.
For example the properties view of Process Explorer displays all the string with more than 3 characters.
Here is the code of a simple executable that I wrote to simply test it:
#ifndef _WIN32_WINNT
#define _WIN32_WINNT 0x0501
#endif
#include <stdio.h>
#include <tchar.h>
#include <Windows.h>
int _tmain(int argc, _TCHAR* argv[])
{
_TCHAR* hiddenString1 =_T("4537774B-CC80-4eda-B3E4-7A9EE77991F5");
_TCHAR* hiddenString2 =_T("hidden_password_or_whatever");
for (int i= 0; i<argc; i++) {
if (0 == _tcscmp(argv[i],hiddenString1)) {
_tprintf (_T("The guid argument is correct.\n")); }
else if (0 == _tcscmp(argv[i],hiddenString2)) {
_tprintf (_T("Do something here.\n")); }
}
_tprintf (_T("This is a visible string.\n"));
//Keep Running
Sleep(60000);
return 0;
}
The strings can clearly be extracted from the corresponding executable:
I think that it is a little too easy to find the strings.
My questions are:
- How to simply hide hiddenString1 or hiddenString2 in the executable?
- Is there a more secure way to use "cheat code" than with some obscure hidden input?
Welcome to the wider world of defensive programming.
There are a couple of options, but I believe all of them depend on some form of obfuscation; which, although not perfect, is at least something.
Instead of a straight string value you can store the text in some other binary form (hex?).
You can encrypt the strings that are stored in your app, then decrypt them at run time.
You can split them across various points in your code, and reconstitute later.
Or some combination thereof.
Bear in mind, that some attacks go further than looking at the actual binary. Sometimes they will investigate the memory address space of the program while it's running. MS came up with something called a SecureString in .Net 2.0. The purpose being to keep the strings encrypted while the app is running.
A fourth idea is to not store the string in the app itself, but rather rely on a validation code to be submitted to a server you control. On the server you can verify if it's a legit "cheat code" or not.
- Assign multiple values to array in C
- How to compile C code with C headers and CUDA code?
- C program to print the power of 2 Triangle pattern using nested loops
- Issue with interpreting chemical formulae containing multiple levels of parentheses
- Context for dispatch source handler
- How to optimize "don't care" argument with gcc?
- Formatting struct timespec
- Crash or 'segmentation fault' when data is copied/scanned/read to an uninitialized pointer
- Wide character and Locale
- Python extension: using different compiler flags for a C parts and C++ parts
- How to create ECC public key in OpenSSL's "EVP_PKEY" format from the TPM-specific "TPMT_PUBLIC" data structure?
- why does my code in mario more cs50 pset1 print so many hashes for the right pyramid
- How to consider letter by letter of a string and compare them with if functions?
- #ifdef vs #if - which is better/safer as a method for enabling/disabling compilation of particular sections of code?
- #if vs #ifndef vs #ifdef
- What's the purpose of using braces (i.e. {}) for a single-line if or loop?
- Preprocessors in C #if and #ifdef
- How to get "valid data length" of a file?
- Return struct in function in C
- Sizeof operator doesn't work properly after insertion an element
- No previous prototype?
- Passing an array as an argument to a function in C
- Can't find winsock.c or winsock implementation
- Why when flashing my stm32f411re Nucleo board does nothing happen even if I get no errors
- Best practice regarding static library linking and project directory structure in C
- raylib's DrawTextEx doesn't display unicode characters
- named semaphore wont work as assumed in synchronization between process
- How do I set the default launch.json and tasks.json for debugging my C/C++ applications in VS Code
- How to change entry point of C program with gcc?
- Understanding Function Definitions that Return a Function Pointer