X hits on this document

397 views

0 shares

0 downloads

0 comments

48 / 120

18: 19: 20: }

}

cout << cipher.decryptFromHex(password bad) << endl;

_

VerifyPasswordObfuscated.exe

disassembly (abbreviated):

.RDATA SECTION

00445000

35323742383137

00445010

38303830383437

00445020

00373738323744

00445030

36383543353836

00445040

37323830383032

00445050

38313732373133

00445060

37463746374337

00445070

37303732383038

00445080 37363732373133

323746324437443645 527B81727F2D7D6E

433746373134373244

8080847C7F71472D

324538313732374600

.77827D2E81727F.

413244344537303730

685C586A2D4E7070

443734374636453742

7280802D747F6E7B

420000000036383532

8172713B....6852

463641324434453730

7F7F7C7F6A2D4E70

303244373137323742

707280802D71727B

420000000000000000

7672713B........

Once all constants have been stored in an alternate encoding, the next step one

could take to further protect the VerifyPassword.cpp program would be to obfuscate the

condition in the code that tests for the correct password. Applying transformations to

disguise key logic in a program is an activity related to the anti-reversing technique

Obfuscating the Program. For purposes of demonstration we'll implement some

obfuscations to the trial limitation check in the C++ version of the Password Vault

application, which was introduced in Section 4, but first we discuss an additional

application of the technique Obfuscating the Program that helps protect intellectual

property when proprietary software is shipped as source code.

7.3 Protecting Source Code Through Obfuscation

When delivering a software application to clients, there may exist a requirement

to ship the source code so that the application binary can be created on the client's

computer using shop-standard build and audit procedures. If the source code contains

40

Document info
Document views397
Page views398
Page last viewedSun Dec 11 06:35:51 UTC 2016
Pages120
Paragraphs2913
Words25794

Comments