Home > database >  How to avoid an array of chars to be displayed in text plain on the binary file
How to avoid an array of chars to be displayed in text plain on the binary file

Time:07-14

So, I have been developing a code where some information should not be easily found if someone runs a strings command against the binary ie: strings a.out

If I try to use the following:

char array1[] = { 'd', 'd', 'd', 'd',  '\0' };

then it works perfectly fine and it wouldn't be displayed if I run the strings command against the binary file.

However, I have a bigger list of text, which is converted to hex and if I try to use this list in the code below, after I compile the code, if I run a strings command against the binary, the list will be easily displayed in plain text.

unsigned char array1[] = {
    0x64, 0x64, 0x64, 0x64, 0x20, 0x61, 0x61, 0x61, 0x61, 0x0a, 0x62, 0x62,
    0x62, 0x62, 0x20, 0x63, 0x63, 0x63, 0x63, 0x64, 0x0a
};

My goal here is not to encrypt anything, but just try to avoid the content from being easily displayed if someone runs the strings command against the binary.

does anyone have any idea?

CodePudding user response:

You could use a simplistic cipher in the source file and restore the string at runtime:

#define X(c)  (0x60 ^ (c))
char array1[] = {
    X('d'), X('d'), X('d'), X('d'), X(' '), X('a'), X('a'), X('a'),
    X('a'), X('\n'), X('b'), X('b'), X('b'), X('b'), X(' '), X('c'),
    X('c'), X('c'), X('c'), X('d'), X('\n')
};

void init_function(void) {
    for (size_t i = 0; i < sizeof(array1); i  ) {
        array1[i] = X(array1[i]);
    }
}

Even simpler if you don't mind the phrase appearing as clear text in the source file:

#include <stddef.h>

wchar_t array1_w[] = L"dddd aaaa\nbbbb ccccd\n";
char array1[sizeof(array1_w) / sizeof(*array1_w)];

void init_function(void) {
    for (size_t i = 0; i < sizeof(array1); i  ) {
        array1[i] = (char)array1_w[i];
    }
}

CodePudding user response:

My idea is using float to store the value to used in initialization and converting the values to unsigned char at run time.

float array1_f[] = {
  0x64, 0x64, 0x64, 0x64, 0x20, 0x61, 0x61, 0x61, 0x61, 0x0a, 0x62, 0x62,
  0x62, 0x62, 0x20, 0x63, 0x63, 0x63, 0x63, 0x64, 0x0a
};
unsigned char array1[sizeof(array1_f) / sizeof(*array1_f)];

for (size_t i = 0; i < sizeof(array1) / sizeof(*array1); i  ) {
  array1[i] = (unsigned char)array1_f[i];
}

Floating-point values have a different representation compared to integers (for example, the value 0x64 (100) is represented as 0x42c80000 in IEEE-754 32-bit float), so it should be enough to hide your data from strings.

  •  Tags:  
  • c
  • Related