Thursday, 1 October 2009

Obfuscating

Low-level security is often needed in a compiled app.
Things like hiding a secret string from the casual hacker with a hex-editor.

When the pro edition of RB of allowed me to use IDEScripts, I had a simple script that changed the currently selected code to a series of chr() functions.

Recently, I found a need for a similar facility but I don't have REAL Studio. So I decided to write the beginnings of a standalone app whose purpose is to allow me to generate useful bits of code to paste into the source I am currently developing.

Under these circumstances, I was able to do a slightly more thorough job of hiding the string and making it more difficult for future enhancements to the compiler to optimise my code away.

The general idea is that I give the helper app my password and from it, the code produces a new function with a meaningless name and no reference to the original string.

In the main app, this function uses a MemoryBlock to convert integers in random sequence to a Base64Encoded string representing the password. The function then returns the Base64Decoded version of the string.

I've uploaded the source as part of code.google.com/rbjottings where the whole set of snippets can be downloaded by SVN or you can look at the source for these routines at obfuscateTest Window1 because all the code is contained in that window.

The methods involved are

Function generator _
(inText As String, ByRef functionName As String) As String
Function randomIdentifier _
(minLength As Integer = 6, maxLength As Integer = 10) As String
which are called using code like
dim fName As String
taCode.Text = generator( tfPlainText.Text, fName )
if chkAddcaller.Value Then
taCode.Text = taCode.Text + EndOfLine + EndOfLine + _
"Sub Caller() " +EndOfLine + _
" Dim s as String = " + fName + "()" + EndOfLine + _
"End Sub"
end if
where taCode is a TextArea and tfPlainText is a TextField

Obviously this simple obfuscation is completely useless where real encryption is required.

However, where the aim is merely to hide slightly sensitive information from prying eyes, this will force them to work much harder to find the string.

No comments: