Constant values are visible in the executable file

[robert12]

I have a source code containing some sensitive information defined as constant values.
I noticed that this information is clearly visible when the executable file is openend in a text editor.

Is there a way to protect this data and hide it completly from anyone using the application - a special compilation option or other technique ?

The command I use to compile my program is very simple :
gcc sourceFile.c -o executableFile

The constants are defined inside the .c file like this :
char MyConstant[] = "Value

 

[TrojanWarBlade]

You could read the constants in at runtime from an encrypted file.




(very injured) Trojan.

 

[xwb]

Alternatively get a program to write the encrypted strings as declarations to a header file and decrypt the data on initialization.

The problem is that the cracker could still stop the program in the debugger and have a grope round. However, that is for the more experienced one. It will get round the ones who use the strings command.

 

[TrojanWarBlade]

I'd go with xwb on that.




(very injured) Trojan.

 

[Clairvoyant1332]

An quick way around this is to break up the declaration of the constant. Instead of doing this:

char MyConstant[] = "value";

Try this:

char MyConstant[6];
MyConstant[0]='v';
MyConstant[1]='a';
MyConstant[2]='l';
MyConstant[3]='u';
MyConstant[4]='e';
MyConstant[5]=0;

 

[TrojanWarBlade]

I have created a little perl script for you that will convert clairvoyant's example as demonstrated:

#!/usr/bin/perl -w
use strict;
while(<>) {
  if(/char\s+([^\s\[\]]+)\[?\]?\s*=\s*"([^"]{2,})";/) {
    my $name  = $1;
    my $value = $2;
    my $len   = length($value);
    $len++;
    print "char $name\[";
    print "$len];\n";
    my $count = 0;
    $value =~ s/(.)/"$name\[" . $count++ . "] = '$1';\n"/ge;
    print $value;
    print "$name\[$count\] = '\\0';\n";
  }
}

I realise that this is perl and not C++ but it was a quick way to give you a tool to create the C++ source you wanted.
I hope it helps.





(very injured) Trojan.

 

[CodingNovice]

erm clairvoyant those bits of code are identical. How will that help?

 

[TrojanWarBlade]

He can process the whole C++ source file to generate your method of data hiding.
Saves lots of searching and manual editing.

It was just a thought.





(very injured) Trojan.

 

[chipperMDW]

Lines like

MyConstant[0]='v';

are executable statements, not declarations, and thus can't be used outside of a function. Thus, running a preprocessor on the source will only work if all the declarations are local to functions.

erm clairvoyant those bits of code are identical. How will that help?

Because the individual assignments would show up in the executable as machine instructions, so the string would not detectable by simply looking for a sequence of ASCII characters in the executable.

 

[CodingNovice]

but if the chars really were constant the compiler surely would spot this and treat it the same as if it were a string literal.That would be a fair optimisation. Im betting the string will be readable in the executable image.

 

[chipperMDW]

$ cat str1.cc
#include <stdio.h>

int main ()
{
  const char greet[] = "Hello, world!";
  printf ("%s\n", greet);
  return 0;
}

$ cat str2.cc
#include <stdio.h>

int main ()
{
  char greet[14];
  greet[0] = 'H';
  greet[1] = 'e';
  greet[2] = 'l';
  greet[3] = 'l';
  greet[4] = 'o';
  greet[5] = ',';
  greet[6] = ' ';
  greet[7] = 'w';
  greet[8] = 'o';
  greet[9] = 'r';
  greet[10] = 'l';
  greet[11] = 'd';
  greet[12] = '!';
  greet[13] = '\0';

  printf ("%s\n", greet);
  return 0;
}

$ # -O3 is maximum optimization
$ make CFLAGS=-O3 str1 str2
g++ -O3    str1.cc   -o str1
g++ -O3    str2.cc   -o str2
$ ./str1
Hello, world!
$ ./str2
Hello, world!
$ strings str1 |grep world
Hello, world!
$ strings str2 |grep world
$

Same results when using the C compiler, but you probably don't want to read those, too.


But you're right. A smart enough compiler probably could optimize that out.

 

[mbaranski]

You could put them in the file as hex, too, that'd be quick.