Encrypting password in compiled C or C++ code

Question

Hello!,

I know how to compile C and C++ Source files using GCC and CC in the terminal, however i would like to know if its safe to include passwords in these files, once compiled.

For example.. i check user input for a certain password e.g 123, but it appears compiled C/C++ programs is possible to be decompiled.

Is there anyway to compile a C/C++ source file, while keeping the source completely hidden.. If not, could anyone provide a small example of encrypting the input, then checking against the password e.g: (SHA1, MD5)

Answer 1

It's not safe if you store them as plain text, you can just dump the file or use a utility like strings to find text in the executable.

You will have to encode them in some manner.

Answer 2

Try finding out Hashing Functions and Ciphering Methods for securing your passwords and their storage.

Answer 3

No you can't securely include password in your source file. Strings in executable file are in plain text, anyone with a text editor can easily look at your password.

A not so secure, but would trample some people, is to store the encrypted string instead. So, basically:

enc = "03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4"

bool check() {
    pass = getPassFromUser();
    encpass = myHashingFunction(pass);
    return pass == encpass;
}

this will deter some people, but isn't really much more secure, it is relatively trivial for assembly hacker to replace the 'enc' string in your executable with another sha256-encoded string with a known cleartext value.

Even if you use a separate authentication server, it is not difficult to setup a bogus authentication server and fool your program connect to this bogus authentication server.

Answer 4

Here is a code sample that might help you, using OpenSSL.

#include <openssl/evp.h>

bool SHA256Hash(const char* buf, size_t buflen, char* res, size_t reslen)
{
    if (reslen >= 32)
    {
        EVP_MD_CTX mdctx;

        EVP_MD_CTX_init(&mdctx);

        EVP_DigestInit_ex(&mdctx, EVP_sha256(), NULL);
        EVP_DigestUpdate(&mdctx, buf, buflen);
        EVP_DigestFinal_ex(&mdctx, res, &len);

        EVP_MD_CTX_cleanup(&mdctx);

        return (len == 32);
    }

    return false;
}

I took this sample from the systools library and had to adapt it. So i'm not sure it compiles without modifications. However, it should help you.

Please note that, to determine if storing a hash value of some password in your binary is safe, we must know what you want it for.

If you expect it to forbid some functionalities of your program unless some special password is given, then it is useless: an attacker is likely to remove the whole password-check code instead of trying to guess or reverse the stored password.

Answer 5

It is not recommended to keep any sensitive static data inside code. You can use configuration files for that. There you can store whatever you like.

But if you really want to do that first remember that the code can be easily changed by investigating with a debugger and modifying it. Only programs that user doesn't have access to can be considered safer (web sites for example).

The majority of login passwords (of different sites) are not stored in clear in the database but encrypted with algorithms MD5, SHA1, Blowfish etc.

I'd suggest you use one of these algorithms from OpenSSL library.

What I would do is using some public-key cryptographic algorithm. This will probably take a little longer to be cracked because in my opinion there is nothing 100% sure when talking about software protection.

Answer 6

Even if you use SHA1 to generate a hash it is not really all that safe if you do it in a normal way (write a function to check a password) any determined or knowledgable hacker given access to the executable will be able to get around it (replace your hash with a known hash or just replace the checkPassword() call with a call that returns true.

The question is who are you trying to protect against? Your little brother, a hacker, international spies, industrial espionage?

Using SHA1 with the hash just contained within in the code (or a config file) will only protect against you little brother? (read casual computer users that can't be bothered to try and hack your program instead of paying the share ware price). In this case using plain text password or a SHA1 hash makes little difference (maybe a couple of percent more people will not bother).

If you want to make your code safe against anything else then you will need to do a lot more. A book on security is a good starting point but the only real way to do this is to take a security class where protection techniques are taught. This is a very specialized field and rolling your own version is likely to be counter productive and give you no real protection (using a hash is only the first step).