|
-
Jan 25th, 2006, 01:26 PM
#1
Thread Starter
Fanatic Member
Code Privacy and Security
I was doing the C/C++ thing a long time ago but I have been focusing on VB only for many of years now.
For my current project, I am concerned about the privacy and security of my code.
My question is about the Visual Studio debugger, and reverse engineering of a compiled EXE (or DLL or OCX)
1- Comments throughout the code, are they visible? A main concern since comments contains sensitive information
2- Sub's and Function names and their calling, visible ?
3- Can the VB source code be reconstituted?
I would appreciate insight or recommendations on the above. Thanks in advance to all.
-
Jan 25th, 2006, 02:11 PM
#2
Re: Code Privacy and Security
Moved to General Developer
-
Jan 25th, 2006, 06:58 PM
#3
Re: Code Privacy and Security
-
Jan 25th, 2006, 09:03 PM
#4
Thread Starter
Fanatic Member
Re: Code Privacy and Security
Yep, VB6. I originally posted in the Classic VB forum, from where it was moved here.
-
Jan 25th, 2006, 10:26 PM
#5
Fanatic Member
Re: Code Privacy and Security
1- Comments throughout the code, are they visible? A main concern since comments contains sensitive information
No, the compiler ignores them
2- Sub's and Function names and their calling, visible ?
No, but if you are calling functions from outside libraries using API (such as calling GetTickCount from Kernel32) then yes, the function name is visible inside the binary.
3- Can the VB source code be reconstituted?
Reconstructed? Well, it is very difficult to take machine code and convert it to a high level language. It might be possable and im sure it has been done for lower level languages such as C.
-
Jan 25th, 2006, 11:28 PM
#6
Thread Starter
Fanatic Member
Re: Code Privacy and Security
nkad...
Thanks, that's very reassuring. Points 1 and 3 not a concern it seems.
Maybe some clarification on point 2.... Actually I mentionned DLL and OCX, but for this first release (ready for distribution), everything is still contained in a single EXE. Following that and what you just said, I assume :
a) my native VB functions such as : EncryptXYZ are hardly visible ?
b) all my API registry stuff is visible and possibly arguments passed along ?
Correct?
Other comments welcomed.
-
Jan 26th, 2006, 06:59 PM
#7
Fanatic Member
Re: Code Privacy and Security
 Originally Posted by Navion
nkad...
Thanks, that's very reassuring. Points 1 and 3 not a concern it seems.
Maybe some clarification on point 2.... Actually I mentionned DLL and OCX, but for this first release (ready for distribution), everything is still contained in a single EXE. Following that and what you just said, I assume :
a) my native VB functions such as : EncryptXYZ are hardly visible ?
b) all my API registry stuff is visible and possibly arguments passed along ?
Correct?
Other comments welcomed.
Correct, your native vbfunction names wont show up in the compiled executable. Now, someone can correct me if I'm wrong on this second part. Let's say your program calls EncryptXYZ, because EncryptXYZ is apart of an external library the function name is saved in the imports table of your executable along with other information that will be used to access the function in that library. The actuall names of the arguments are not saved.
Now, there are programs called Obfuscators that will hide the details of the import table, thereby hiding procedure names to libraries, etc.
Hope this helps
-
Jan 30th, 2006, 02:34 AM
#8
Thread Starter
Fanatic Member
Re: Code Privacy and Security
Yes this does help, a lot... Thanks
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
