[24344] in Cypherpunks
Re: Hiding strings in objects code
daemon@ATHENA.MIT.EDU (Jef Poskanzer)
Mon Dec 19 20:45:55 1994
To: Derek Atkins <warlord@MIT.EDU>,
Jonathon Fletcher <jonathon.fletcher@psych.stir.ac.uk>,
cypherpunks@toad.com
In-Reply-To: Your message of Mon, 19 Dec 94 19:55:06 EST.
Date: Mon, 19 Dec 94 17:32:52 PST
From: Jef Poskanzer <jef@ee.lbl.gov>
>I assume you mean so that running "strings" on the binary will not
>lead you to anything, right? You can use an XOR with some weird value
>to hide the strings. Just make sure the value you use will, for
>example, set the high bit on the string bytes...
>
>Its is a cheap, free way to hide strings. It is, by no means, secure.
When rtm used this technique in his worm I'm sure a lot of people,
such as myself, spent the five minutes necessary to hack up a program
that tries XORing the input with all 256 possible bytes. I had the
program pipe the output of each try through strings and wc, to check
whether any significant text was uncovered. Only 0x00 and the single
now-forgotten value he used got hits - no second XOR value.
Anyway the point is it's *really* by no means secure, and you can do
much better with a few minutes thought. Set up a basic framework
using a Makefile that takes a file of
MNEMONIC "text string"
and runs it through an encoding program to produce a .h file of
static char* text[] = {
...
#define MNEMONIC 17
"vb4hv7789sd",
Then in your actual program you just call decode(text[MNEMONIC]);
Given that simple framework you can experiment with lots of different
encoding and decoding functions.
---
Jef
