Date: Wed, 20 Feb 2008 10:47:16 -0500 From: Mike Meyer <mwm@mired.org> To: "Thiago Damas" <tdamas@gmail.com> Cc: freebsd-hackers@freebsd.org Subject: Re: encrypted executables Message-ID: <20080220104716.339552f3@mbook-fbsd> In-Reply-To: <f8e3d83f0802200451r463f188bn881268b9b2768846@mail.gmail.com> References: <86068e730802181718s1ad50d3axeae0dde119ddcf92@mail.gmail.com> <47BA3334.4040707@andric.com> <86068e730802181954t52e4e05ay65e04c5f6de9b78a@mail.gmail.com> <20080219040912.GA14809@kobe.laptop> <f8e3d83f0802200451r463f188bn881268b9b2768846@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 20 Feb 2008 09:51:23 -0300 "Thiago Damas" <tdamas@gmail.com> wrote:
> And if you make a wrapper, and execute like a shell script:
>
> #!/usr/local/bin/mysecyritywrapper
> <...encryted code goes where...>
>
>
> In this way. it'll be hard to use truss, ktrace, strace etc...
Depends on how you're using "hard". If you mean "lots of work", then
yes, it'll make it harder by adding work. If you mean "difficult",
then no, it won't make it harder, because the extra work you added is
all well understood, so it's just more work, not more difficult work.
Me, I'd use gcore to get an ELF core image. Turning that into a real
executable is a well-understood process. Any modern LISP system will
have tools to do it, and emacs has been doing it for decades to get a
binary with all the emacs elisp packages pre-loaded.
If that's to much work, you start by dissecting mysecuritywrapper,
which is pretty much exactly as hard as dissecting the executable sans
encryption. After that's done, you can replace it with your own code
to take advantage of those tools.
Either way, this just adds more work, not more difficulty.
<mike
> []s
>
>
>
> On Feb 19, 2008 1:09 AM, Giorgos Keramidas <keramida@ceid.upatras.gr> wrote:
> > On 2008-02-18 19:54, Jerry Toung <jrytoung@gmail.com> wrote:
> > >On Feb 18, 2008 5:39 PM, Dimitry Andric <dimitry@andric.com> wrote:
> > >>On 2008-02-19 02:18, Jerry Toung wrote:
> > >>> anybody knows of a tool to encrypt executables under FreeBSD? may be
> > >>> from the ports? I am not talking about simple file encryption.
> > >>
> > >> Can you elaborate on what you *are* talking about then? Some
> > >> security-by-obscurity scheme, perhaps? :)
> > >
> > > I need to encrypt elf binaries. I'd like to make it harder for the bad
> > > guy to reverse engineer my app.
> >
> > You know about truss/ktrace/strace already, right?
> >
> > It may be moot to encrypt the ELF binary, if the `bad guy' can access
> > the running image of the process *after* it has been decrypted to
> > execute.
> >
> >
> > _______________________________________________
> > freebsd-hackers@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
> >
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"
--
Mike Meyer <mwm@mired.org> http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080220104716.339552f3>