|
|
Boost : |
Subject: Re: [boost] [encrypted strings]
From: Sohail Somani (sohail_at_[hidden])
Date: 2009-04-28 01:33:05
Raindog wrote:
> No offense Phil, but the method of string encrpytion you chose will last
> no more than the 15 minutes it takes a hacker to write a script to
> automatically decrypt every string encrypted with the algorithm you
> chose and any other method based on DecryptString(encrypted_string_here).
I don't think so because the string is encoded in the type. It is not a
runtime value.
So if he has encrypted_string<'whatever'> abc; The string "whatever" is
probably not actually part of the executable at all.
If anything, he has a structure that looks something like:
vector<'jungrire'> abc;
Again, the "encrypted" string is part of the type and probably does not
appear in the executable at all.
The cracker would have to figure out at runtime where
abc.decrypt/decipher() is being called and s/he would have to find it
for each type above which I'm sure could be scripted.
I don't know if there is someone who could be given an executable with
this type of protection unknown to him/her and crack it in 15 minutes.
-- Sohail Somani http://uint32t.blogspot.com
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk