Secure Programming
Dll Security May 06 2005 07:17PM
VP (pelasaco gmail com) (3 replies)
RE: Dll Security May 09 2005 07:55AM
Slavisa Dojcinovic (slavisa dojcinovic bravostudio com) (1 replies)
Re: Dll Security May 10 2005 08:59PM
Slashroot (slashroot free fr)
Re: Dll Security May 08 2005 11:34PM
Valdis Kletnieks vt edu
Re: Dll Security May 07 2005 07:13PM
Keith Oxenrider (koxenrider sol-biotech com) (1 replies)
The real question you should be asking is 'what is the point?' Any decent
cracker will be able to look at your decrypted binary in RAM, even make a
copy of it for later use. The very best you can do is raise the bar, but
to have any real chance of making a difference you need to make your
program detect that it is being run in a debugger (not a trivial task and
probably one that is fundamentally impossible, as the hardware itself can
be emulated) and continue to run, but with some subtle differences that
make it unusable (if it just crashes, it tells the cracker just what she
needs to know to bypass the check). Obscuring the code generally makes
maintenance costs skyrocket; you should do an economic analysis to prove
that the extra effort will be repaid. Keep in mind that legitimate users
often need to run their code in debuggers as well, so be sure to factor in
the ill will created when their attempts to debug their code that uses your
DLL cause all sorts of nasty problems for them (not to mention the support
calls!).

Keith Oxenrider
CISSP

At 04:17 PM 5/6/2005 -0300, VP wrote:
>Hi, i have a dll and i want to encrypt it to hide (obfuscate ??) an
>important algorithm used here.
>
>Well today i'm using a following approach:
>
>I'm encrypting the dll with a program, then when i want to loadlibrary() it,
>i decrypt it to a plain-text file, then i loadlibrary the plain-text file.
>So i have my encrypted dll and i have a plain-text version either. To
>mitigate this vulnerability, i'm using EFS to protect my plain-text dll.
>
>I'm wondering if using the PE format i can do some kind of "on-the-fly
>encrypt and decrypt". Is it possible ? There is any example ? Is it a good
>solution ?
>
>Thanks in advance,
>
>Victor

[ reply ]
Re: Dll Security May 10 2005 01:54PM
VP (pelasaco gmail com) (1 replies)
RE: Dll Security May 10 2005 06:03PM
Chris Matthews (cmatthews xn com)


 

Privacy Statement
Copyright 2010, SecurityFocus