Boost logo

Boost :

Subject: Re: [boost] [encrypted strings]
From: Sid Sacek (ssacek_at_[hidden])
Date: 2009-04-27 15:37:14

> If you cipher the strings of your binary image but decipher them at
> process' start-up, process explorer (in Windows) will be able to show

You make some good points. I think the strings need to stay obfuscated
until they're used and then discarded immediately afterwards.

> For the cipher, something simple and fast like RC4 is sufficient. RC4
> be written in few lines of C++
> without any dependencies and is better than a trivial byte to byte
> obfuscation that will not hide the patterns the attacker may be
> for (ie. path with '/' or '\').

I will look into that.

Thanks for the suggestions.

Boost list run by bdawes at, gregod at, cpdaniel at, john at