Author: Dann Corbit
Date: 12:10:06 04/28/05
Go up one level in this thread
On April 28, 2005 at 13:56:54, Brian Kostick wrote: >On April 28, 2005 at 10:02:14, Ricardo Gibert wrote: > >>On April 27, 2005 at 11:57:56, Brian Kostick wrote: >> >>>I wrote a little password masking function for Win32 console. I'd like to hide >>>string literals in my executable. I know such things have been mentioned here >>>before for more clandestine purposes. My question is, is there an easiest way to >>>do this or should I use an encryption or lookup function? >>> >>>Thanks, >>>Brian >> >>Is it that you don't want anyone to read your strings or is it you don't want >>anyone to change your strings? A simple encryption algorithm will prevent anyone >>from easily reading the strings, but if all you want is to prevent anyone from >>modifying them, then doing a checksum on the strings to detect modification and >>aborting the program if they have been modified would be enough to defeat >>tinkering by any unsophisticated attempts to do so. > > >For now I just wanted to mangle the strings so they were not easily readable in >the executable. Since the compiler wouldn't mangle them and there seems no easy >way to do it internal to the project I mangled them externally with XOR 0xA5. > >Later the password won't even be in the executable. I think I will use an >approach suggested by Dan Honeycutt where the program encode/decode the output >using the password as part of the key. > >Thanks to everyone again, all messages read and appreciated. BK If you are putting a password into the executable, you should definitely use real encryption. Look at this: http://www.eskimo.com/~weidai/cryptlib.html Consider it this way: The honest people are not going to be snooping for the password anyway, so you can assume that it will be crooks. XORs and Caesar cyphers are not going to fool the crooks. There are automated programs you can download for nothing that will spit out the password in seconds.
This page took 0 seconds to execute
Last modified: Thu, 15 Apr 21 08:11:13 -0700
Current Computer Chess Club Forums at Talkchess. This site by Sean Mintz.