Subject: Re: [boost] [encrypted strings]
From: Sid Sacek (ssacek_at_[hidden])
Date: 2009-04-27 15:37:14
> If you cipher the strings of your binary image but decipher them at
> process' start-up, process explorer (in Windows) will be able to show
You make some good points. I think the strings need to stay obfuscated
until they're used and then discarded immediately afterwards.
> For the cipher, something simple and fast like RC4 is sufficient. RC4
> be written in few lines of C++
> without any dependencies and is better than a trivial byte to byte
> obfuscation that will not hide the patterns the attacker may be
> for (ie. path with '/' or '\').
I will look into that.
Thanks for the suggestions.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk