how to protect apps from reverse engineering hacks
-
How to strengthen the protection of applications made with C++ qt?
I read some articles on the internet
https://www.qt.io/blog/2018/01/11/protecting-qt-application-device-hacking-part-1 .
The way to make it difficult to hack is to make a C++ Code Obfuscator and making a static compiler will make it difficult to reverse engineer, but I don't know how to do that C++ Code Obfuscator in qt to make a static compiler I saw from this video https://www.youtube.com/watch?v=KCH92zvrHas&t=839s but I don't know how to do the C++ Code Obfuscator. and is there any additional security to make it difficult to reverse engineer, I know that in the world of programming there is nothing that cannot be dismantled but I want to make it difficult to reverse engineer. -
How to strengthen the protection of applications made with C++ qt?
I read some articles on the internet
https://www.qt.io/blog/2018/01/11/protecting-qt-application-device-hacking-part-1 .
The way to make it difficult to hack is to make a C++ Code Obfuscator and making a static compiler will make it difficult to reverse engineer, but I don't know how to do that C++ Code Obfuscator in qt to make a static compiler I saw from this video https://www.youtube.com/watch?v=KCH92zvrHas&t=839s but I don't know how to do the C++ Code Obfuscator. and is there any additional security to make it difficult to reverse engineer, I know that in the world of programming there is nothing that cannot be dismantled but I want to make it difficult to reverse engineer.@Blackzero said in how to protect apps from reverse engineering hacks:
static compiler
Do you mean static build?
-
@Blackzero said in how to protect apps from reverse engineering hacks:
static compiler
Do you mean static build?
-
There is no such thing like a 'static compiler'...
What's your goal with this? What do you think you gain? -
There is no such thing like a 'static compiler'...
What's your goal with this? What do you think you gain?@Christian-Ehrlicher This article says if making the application static will make reverse engineering difficult, it means that static unites all application dlls such as qtwidget and others into one or makes the application static You can read it from here to understand what I mean https://www.qt.io/blog/2018/01/11/protecting-qt-application-device-hacking-part-1. Now how to do the C++ Code Obfuscator on the code, is there another application to do this or do the settings on qmake then how to do it
-
@Christian-Ehrlicher This article says if making the application static will make reverse engineering difficult, it means that static unites all application dlls such as qtwidget and others into one or makes the application static You can read it from here to understand what I mean https://www.qt.io/blog/2018/01/11/protecting-qt-application-device-hacking-part-1. Now how to do the C++ Code Obfuscator on the code, is there another application to do this or do the settings on qmake then how to do it
@Blackzero said in how to protect apps from reverse engineering hacks:
making the application static w
Now you talk about statically compiling a library, not a 'static compiler'. You have to compile Qt by yourself statically. There are a lot of topics about this here - the search function is your friend. I don't know why you would do it. Noone wants to re-engineer your code from machine code...
Qt Online Installer direct download: https://download.qt.io/official_releases/online_installers/
Visit the Qt Academy at https://academy.qt.io/catalog -
@Blackzero said in how to protect apps from reverse engineering hacks:
making the application static w
Now you talk about statically compiling a library, not a 'static compiler'. You have to compile Qt by yourself statically. There are a lot of topics about this here - the search function is your friend. I don't know why you would do it. Noone wants to re-engineer your code from machine code...
@Christian-Ehrlicher said in how to protect apps from reverse engineering hacks:
I don't know why you would do it. Noone wants to re-engineer your code from machine code...
+1
-
@Christian-Ehrlicher said in how to protect apps from reverse engineering hacks:
I don't know why you would do it. Noone wants to re-engineer your code from machine code...
+1
-
@Blackzero said in how to protect apps from reverse engineering hacks:
How to strengthen the protection of applications made with C++ qt?
I read some articles on the internet
https://www.qt.io/blog/2018/01/11/-qt-application-device-hacking-part-quordle using a C++ code obfuscator is a good way to make your code harder to reverse engineer. -
You have to be careful. The article is meant specifically to try to sell you a commercial license. Do not use the advice in this article if you are using the open source version of Qt. The whole article is saying to strip the function names of Qt functions. However, the LGPL requires you to provide a way to the users of your software to relink with a different version of Qt. If you link to Qt statically, you need to provide e.g. your own object files with all symbol names so they can be relinked with a different Qt library version. Even obfuscation would not work as you would have to provide the obfuscator so others can obfuscate the Qt source code to be compatible with your own code. You need to buy a commercial license if you really want to follow this advice.
As the article states: all this only helps against "casual reverse engineering". Without the function names it is slightly harder to reverse engineer programs. However, the hardest part is figuring out how the function works. This can still be done without the function names. Someone who can do that does not really care about function names.
Another thing they mention is to protect your software against tempering. This is mostly in the context of closed devices which are supposed to just run your single program. Most likely this does not apply to your use case. (Tempering protection in the context of desktop or mobile apps is a lot more complicated.)
