How to obscurify c++ qt to prevent seen clear text in executable app
-
Hi,
I am try to protect our code from the eyes (changing the code means security breach more than commercial concerns)
I we look executable with less or cat linux program we can see all variables and the clear texts.
How we can make it cryptic for eyes ?
Best
-
Use hashing or crypto algo to achieve the same.you can check qcrypto hash algo or md5 etc. They are simple algos.
-
Hi,
I am try to protect our code from the eyes (changing the code means security breach more than commercial concerns)
I we look executable with less or cat linux program we can see all variables and the clear texts.
How we can make it cryptic for eyes ?
Best
@RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:
I we look executable with less or cat linux program we can see all variables and the clear texts.
Was it a debug build or release?
"changing the code means security breach more than commercial concerns" - people will always find a way to change your binaries. This is why it is more important to avoid programming mistakes like buffer overflows instead of obscuring binaries. -
@RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:
I we look executable with less or cat linux program we can see all variables and the clear texts.
Was it a debug build or release?
"changing the code means security breach more than commercial concerns" - people will always find a way to change your binaries. This is why it is more important to avoid programming mistakes like buffer overflows instead of obscuring binaries.@jsulm said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:
@RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:
I we look executable with less or cat linux program we can see all variables and the clear texts.
Was it a debug build or release?
that happens in debug and release builds.
But one doesn't see variables but rather clear text stuff, like StyleSheets
or static texts.
-
I don't see any good reason why this should be hidden in any way. Esp. since it is displayed/visible as soon as you run the program. It's a false assumption that simply scrambling the text will help anything, esp. wrt to security.
-
User has no access to the system as login user. Only they can extract the sd card / disk and than mount to get app , but they cant run execpt original HW. only they can look inside as hex.
its a little bit more security to scramble the text.
-
User has no access to the system as login user. Only they can extract the sd card / disk and than mount to get app , but they cant run execpt original HW. only they can look inside as hex.
its a little bit more security to scramble the text.
@RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:
its a little bit more security to scramble the text.
I'd highlight "little".
https://www.codeproject.com/Articles/502283/Strings-Obfuscation-System
-
User has no access to the system as login user. Only they can extract the sd card / disk and than mount to get app , but they cant run execpt original HW. only they can look inside as hex.
its a little bit more security to scramble the text.
If they can run the app, they have read access to the binary, if they have read access to the binary then they can reverse engineer it. That link @VRonin posted may look promising, but a kid with a debugger can patch up your binary, insert a couple of
int 3
instructions (or attach to system/IO calls) after the "deobfuscation" code, run it through the debugger and extract your strings. That is to say - I'd use your own code to get what I want. It would take a half-decent programmer a couple of hours or so to do that, so you just add unnecessary complexity for a very dubious "result". Security through obfuscation is just a white elephant.