Log in

View Full Version : crypt strings

pjg
November 20th, 2001, 17:35
Can you give me a help?
I'm finishing a vb program that will be released as freeware or cardware. One thing that I hate is when lamers change the strings (like the name of the author) of the .exe. I want to avoid this, so I decided to encrypt the executable using programs like upx and PECompact. But for every encryptation program there is a decrypt application, many of them made by crackers like yourself, which shows the extremely knowledge you have (I know, knowledge is power . So my questions are:

1 - If I use lets say UPX, can I change in my program the section names called upx to something else without damaging my program (I just want to confuse lamers, not stop crackers)?

2 - I know how to make a simple XOR encryptation to a file, but how to encrypt an exe, keeping it as an executable?

Sorry for the long post and I hope you understand my reasons. Thank you very much
Solomon
November 20th, 2001, 22:01
You can pack your prog with UPX, then use any Hex Editor to change the section name to any string(can't be too long)

Try visiting w*w.exetools.com, there are many packers/protectors which can stop lamers

Better use p-code compiling options

good luck
pjg
November 21st, 2001, 05:15
Thank you very much Solomon. I've been at exetools and at protools and there's no solution (every crypter has a decrypter). I have to do my own

Thanks for the p-code tip (it's what I'm doing). Anyways, WKT did a great job
Idcrisis
November 22nd, 2001, 06:13
Even if you change the section headers to some non standard value using, say using ProcDump->PE Editor, any cracker can use FileInfo. FileIno still detects UPX after changing the section headers(even though UPX/GetTyp can't). Then all one has to do is change the headers back to UPX0 and UPX1 to be able to decrypt the executable with UPX itself.

The best thing to do is executable integrity checks, ideally your own, you can make do with CRC.
Aimless
November 22nd, 2001, 07:26
In your program, instead of:

PROGRAMMED BY : "Mr. Super"

key in:

PROGRAMMED BY: chr(54)+chr(58)+chr(34)+chr(20)....

and so on.

You get the idea

(Note the above ascii char/hex are not equal. They are just examples.)

...Have Phun
pjg
November 24th, 2001, 09:07
Thanks Idcrisis and aimless, I will take that into acount. I already tried a CRC check, but that doesn't work when you are just changing plain text (unless my CRC was not very good).