How to obfuscate my code.

InferusAnima

I have Qt GUI project and when i built it, i found with hex editor that there is my MySql connection data.

How can i protect and obfuscate my code?

SGaist

Hi and welcome to devnet,

The best way is to not have that data in your binary at all. It's typically something your user should fill settings for.

InferusAnima

@SGaist It's database with logins and passes. I can't give access to it to users.

SGaist

Where is that database supposed to be located ?
What is it used for ?

InferusAnima

@SGaist On remote mysql server, i need to obfuscate servername, username, dbaname, and pass. For logins and passwords of users.

SGaist

It sounds like you should rather provide a web service to access the data behind the database rather than hard coding all these informations in your application.

InferusAnima

@SGaist It's harder then just obfucate code. So i can't do that?

fcarney

It doesn't matter if you obfuscate the code. The solution to de-obfuscate is in the code itself. So someone can still figure out how to get your database password and info. They can just look at the memory of the app to see this data. Also, if you ever change passwords the code breaks for the users who need to get the updated app.

wrosecrans

It's database with logins and passes. I can't give access to it to users.

@InferusAnima If you can't give it to users, then You Can't Give It To Users.

Giving them a program with the credentials baked in is fundamentally the wrong solution to that category of problem, no matter how much you try to obfuscate it. Reverse engineering it is going to be pretty much trivial.

SimonSchroeder

One rather simple solution is to encrypt this data. Still, this means that you also need to provide the key for decryption along with it. So, anyone who wants to get to that data still will figure it out. Nevertheless, it is not that obvious anymore when looking at the hex dump of your executable.

Note that this approach only obfuscates, but does not prevent anybody looking at it.