tags:

views:

634

answers:

9
+4  Q: 

Wrap/encrypt another executable (for licensing)

I want to create a wrapper around another executable (ie - I have an executable that prints hello World, but I want the user to enter a password before the hello world executable is run). I don't want to edit the original executable's source. I also want to encrypt the original executable (hello world in this example) and do not want to write it to the drive (mem only).

To be written in C/C++/ObjC for Unix. Would love any tips and/or pointers to opensource project which does something like this :)

I have a handle on reading in and encrypting/decrypting the binary executable (easy obviously). What I'm not exactly clear on is how to get a function pointer to main in the second executable and to call it.

Thanks in advance for your pointers!

A: 

I don't know the complete answer to your question, but the nm command does give you the address of the main function in an executable.

PolyThinker  2009-01-08 03:32:27
+1  A: 

Short answer: there's no easy way to do it (on Linux, anyway). In order to exectue a file, Linux requires that it is actually a file. Fortunately, this isn't necessarily the end of the line. If you were to set up a filesystem (writing a FUSE module seems best, as it can be integrated to your code and doesn't require root priveleges), you can get Linux to treat it as a regular file, even though it won't be written to disk. That's about as close as you'll get though without some serious hackery.

Jumping straight into the process won't work, as the code won't be in the correct portion of memory.

coppro  2009-01-08 03:41:55
+2  A: 

Implement your original executable as a web service, and require authorisation before returning results. If you give people the actual executable code (encrypted or protected or whatever), it can always be circumvented.

Greg Hewgill  2009-01-08 03:45:13
A: 

if you don't care that it is super secure an easy solution is just using zip's password/encryption flag

zip -e binary

if you want to be alittle more secure use gpg

gpg --output binary.gpg --symmetric binary

hacintosh  2009-01-08 03:46:08
A: 

coppro: I will look into fuse - but regarding your statement about jumping into the code, couldn't I just get an offset from my code to the executable's main and run (somehow)?

greg: I agree there is always risk of circumvention (i'm willing to accept that). I agree the webservice would be more secure (as secure as the web server is :) . But I need to run on the platform. hacintosh: no good - writes the executable

I'm def. looking for a function lookup in an executable file and applying an offset. Poly: The nm helps - as that's the offset for main (thanks). Not exactly sure how it will work - could I use asm to make the main call - using the pointer to the beginning of the unecrypted binary data? (or not asm even easier)?

 2009-01-08 03:51:08
A: 

(Continuation) What i'm not sure is - when, ie, you call LoadLibrary(), what else is happening besides loading the library into memory? Can I just point to a point in memory which has loaded binary and say "go" or is there more involved (sorry - I skipped the OS fundamentals class in school)

 2009-01-08 03:56:22
You should be able to edit your question, instead of posting answers that aren't actually answers. You also could have edited your previous answer to post this one.
bk1e  2009-01-08 06:37:10
A: 

(continuation after more research) coppro: Ok - seems like what you mentioned may be best - because (after looking at your link) - I recalled it could be very annoying to try to do load all the dynamic libraries referenced by the executable instead of just having the OS do it itself......

 2009-01-08 04:03:33
The big issue is that the memory addresses in the code you decrypt will be all wrong - it expects to be the executable running, as opposed to be running within another one.
coppro  2009-01-08 04:06:36
aha - ok ... that was sort my question - wondering if executables use offsets or hardcoded memory locations (from the beginning of the executable's memory space of course)? I was guessing offsets so it would be ok.. but sounds like I am wrong...
 2009-01-08 04:10:21
+1  A: 

There is a way to do it, and there's working code for it in the UPX executable compressor source download.

Unfortunately I don't understand exactly what the code is doing, but it does do it, and it does work.

Stobor  2009-01-08 04:34:12
That's also a compressor rather than an ecryptor. The source could no doubt be changed to accomodate encryption, but he still suffers the fundamental problem of running the progrm externally. Perhaps he could modify UPX to wait for the key on standard input, for instance.
coppro  2009-01-08 18:09:14
Yeah, you're righ, I realised it wasn't an encryptor... I meant that they do the "execute in-memory process" step he was looking for...
Stobor  2009-01-09 04:58:43
A: 

I've never done it under *NIX, but for Windows there are a number of things that have to be done before you can just use an asm jump to the entrypoint. For example:

  • Loading the encrypted code sections into the proper places in memory;
  • Loading in any dynamic link libraries referenced by the program;
  • Setting the addresses of DLL functions to where they are actually loaded;
  • Making sure that the executable is loaded at its preferred address, or finding and correcting the changeable addresses to account for the difference.

That's just off the top of my head, there are several other things that had to be done too. If I had to write the code to do it from scratch again, it would probably take me two or three weeks of uninterrupted effort to get a working first draft, and that's with already knowing exactly what needs to be done and where to find the information to do it. If I had to research it from scratch too, it would probably be six or seven weeks minimum. And then there's the debugging time -- something like that is never completely done, I wrote the code for it more than ten years ago now and we're still finding the occasional bug in it.

It's definitely not a project for the faint of heart, or something you can do quickly from scratch. If you have the source code for a working program that does something similar (such as the aforementioned UPX), you can probably cut that time quite a bit, but without it you're looking at a lot of work.

Head Geek  2009-01-08 05:29:24

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS