Can anyone recommend what's a good way to encrypt an executable? I was trying to use AxCrypt but I don't like the usage, i.e. you specify a passcode and the person who launches the exe needs to specify the passcode. Is there someway to encrypt it once and users just run the exe without specifying any passwords?
+5
A:
It's basically pointless. If it's a .NET or Java program, obfuscators can improve performance and decrease the executable size and make it difficult to reverse engineer. Packers can decrease executable size. Signing can provide assurance to your users that you built the program. But encryption of the executable for the purpose of hiding it's executable code is rather pointless.
280Z28
2009-07-16 06:48:08
A:
I think you should use software that uses public and private keys. Here is more information on how it works.
Kirill V. Lyadvinsky
2009-07-16 06:49:07
A:
If you only want specific users to run the exe then, you can define policies under windows that would allow you to run it for only specific users.
but if you want to hide code then: since you have not mentioned which language you used to make the exe. If its c/c++ its already encrypted enough, it requires some work to get the code from it. If its java or csharp there are obfuscators that you can use. it would somewhat make it difficult to get the code from exe.
Umair Ahmed
2009-07-16 06:49:49
i've packaged the exe using AutoIt. The reason I'm trying to do this is because for this particular solution (I know it's a horrible practice), I need to specify the local admin credentials inside the package. Trying to see if I can add on another layer of encryption on top of the encryption that AutoIt uses when you compile to exe.
Farooq
2009-07-16 07:12:36
+2
A:
A program which knows how to decrypt itself will contain all the information a hacker needs to compromise the program. You are handing out the lock with the key. However, lets assume you want to put up a small barrier to entry to your program. Maybe you have cheat codes in your game and you don't want someone to be able to just run 'strings' over your program and view them.
What I suggest is packing your program with an a program like UPX. This can further obfuscate your program on disk. Your basic interrogation techniques will only see the tiny decompressor. However, a determined hacker will quickly recognize the compressor program and decompress it. In either case, once a program is running in memory, one can take a core dump of the process, or attach a debugger to it. There isn't much you can do to prevent this on most hardware.
brianegge
2009-07-16 08:27:26