Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. General and Desktop
  4. How to obscurify c++ qt to prevent seen clear text in executable app
Forum Updated to NodeBB v4.3 + New Features

How to obscurify c++ qt to prevent seen clear text in executable app

Scheduled Pinned Locked Moved Unsolved General and Desktop
8 Posts 7 Posters 1.5k Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R Offline
    R Offline
    RahibeMeryem
    wrote on last edited by aha_1980
    #1

    Hi,

    I am try to protect our code from the eyes (changing the code means security breach more than commercial concerns)

    I we look executable with less or cat linux program we can see all variables and the clear texts.

    How we can make it cryptic for eyes ?

    Best

    jsulmJ 1 Reply Last reply
    0
    • dheerendraD Offline
      dheerendraD Offline
      dheerendra
      Qt Champions 2022
      wrote on last edited by
      #2

      Use hashing or crypto algo to achieve the same.you can check qcrypto hash algo or md5 etc. They are simple algos.

      Dheerendra
      @Community Service
      Certified Qt Specialist
      http://www.pthinks.com

      1 Reply Last reply
      0
      • R RahibeMeryem

        Hi,

        I am try to protect our code from the eyes (changing the code means security breach more than commercial concerns)

        I we look executable with less or cat linux program we can see all variables and the clear texts.

        How we can make it cryptic for eyes ?

        Best

        jsulmJ Offline
        jsulmJ Offline
        jsulm
        Lifetime Qt Champion
        wrote on last edited by jsulm
        #3

        @RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:

        I we look executable with less or cat linux program we can see all variables and the clear texts.

        Was it a debug build or release?
        "changing the code means security breach more than commercial concerns" - people will always find a way to change your binaries. This is why it is more important to avoid programming mistakes like buffer overflows instead of obscuring binaries.

        https://forum.qt.io/topic/113070/qt-code-of-conduct

        J.HilkJ 1 Reply Last reply
        2
        • jsulmJ jsulm

          @RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:

          I we look executable with less or cat linux program we can see all variables and the clear texts.

          Was it a debug build or release?
          "changing the code means security breach more than commercial concerns" - people will always find a way to change your binaries. This is why it is more important to avoid programming mistakes like buffer overflows instead of obscuring binaries.

          J.HilkJ Online
          J.HilkJ Online
          J.Hilk
          Moderators
          wrote on last edited by
          #4

          @jsulm said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:

          @RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:

          I we look executable with less or cat linux program we can see all variables and the clear texts.

          Was it a debug build or release?

          that happens in debug and release builds.

          But one doesn't see variables but rather clear text stuff, like StyleSheets

          0_1545028331575_68e9066f-6beb-4972-afd0-8b282e0f5196-image.png

          or static texts.


          Be aware of the Qt Code of Conduct, when posting : https://forum.qt.io/topic/113070/qt-code-of-conduct


          Q: What's that?
          A: It's blue light.
          Q: What does it do?
          A: It turns blue.

          1 Reply Last reply
          0
          • Christian EhrlicherC Offline
            Christian EhrlicherC Offline
            Christian Ehrlicher
            Lifetime Qt Champion
            wrote on last edited by
            #5

            I don't see any good reason why this should be hidden in any way. Esp. since it is displayed/visible as soon as you run the program. It's a false assumption that simply scrambling the text will help anything, esp. wrt to security.

            Qt Online Installer direct download: https://download.qt.io/official_releases/online_installers/
            Visit the Qt Academy at https://academy.qt.io/catalog

            1 Reply Last reply
            5
            • R Offline
              R Offline
              RahibeMeryem
              wrote on last edited by
              #6

              User has no access to the system as login user. Only they can extract the sd card / disk and than mount to get app , but they cant run execpt original HW. only they can look inside as hex.

              its a little bit more security to scramble the text.

              VRoninV kshegunovK 2 Replies Last reply
              0
              • R RahibeMeryem

                User has no access to the system as login user. Only they can extract the sd card / disk and than mount to get app , but they cant run execpt original HW. only they can look inside as hex.

                its a little bit more security to scramble the text.

                VRoninV Offline
                VRoninV Offline
                VRonin
                wrote on last edited by
                #7

                @RahibeMeryem said in Hw to obscurify c++ qt to prevent seen clear text in executable app _:

                its a little bit more security to scramble the text.

                I'd highlight "little".

                https://www.codeproject.com/Articles/502283/Strings-Obfuscation-System

                "La mort n'est rien, mais vivre vaincu et sans gloire, c'est mourir tous les jours"
                ~Napoleon Bonaparte

                On a crusade to banish setIndexWidget() from the holy land of Qt

                1 Reply Last reply
                1
                • R RahibeMeryem

                  User has no access to the system as login user. Only they can extract the sd card / disk and than mount to get app , but they cant run execpt original HW. only they can look inside as hex.

                  its a little bit more security to scramble the text.

                  kshegunovK Offline
                  kshegunovK Offline
                  kshegunov
                  Moderators
                  wrote on last edited by
                  #8

                  If they can run the app, they have read access to the binary, if they have read access to the binary then they can reverse engineer it. That link @VRonin posted may look promising, but a kid with a debugger can patch up your binary, insert a couple of int 3 instructions (or attach to system/IO calls) after the "deobfuscation" code, run it through the debugger and extract your strings. That is to say - I'd use your own code to get what I want. It would take a half-decent programmer a couple of hours or so to do that, so you just add unnecessary complexity for a very dubious "result". Security through obfuscation is just a white elephant.

                  Read and abide by the Qt Code of Conduct

                  1 Reply Last reply
                  5

                  • Login

                  • Login or register to search.
                  • First post
                    Last post
                  0
                  • Categories
                  • Recent
                  • Tags
                  • Popular
                  • Users
                  • Groups
                  • Search
                  • Get Qt Extensions
                  • Unsolved