[2008] encrypt string to prevent cracking somehow

[corey19981]

Hi

I am having problems.

I have a program that uploads to an ftp server, using a sub-ftp account.

this means that when they submit information, it adds to a list on my ftp server, of which I can go back and view.

the thing is, a few times now, someone has debugged my program and decrypted the ftp username and password strings, and logged in and viewed/deleted my data.


I want it so that I can store the ftp username/pass inside the program (the username and password are just two strings) so that the program has the necessary credentials to be able to upload, however I want it so that the user of the program doesn't see the credentials.

I basically need to encrypt the following (which are regular strings)


ftp address

ftp username

ftp password

how can I do this?

I know how u can do it so that it's kind of like where you enter in plaintext into a textbox, then the program compares against a hash, however I need it so that it automatically has all the info INSIDE the program, but is encrypted

I'm sure a very nice person will help me and if they do I will be most grateful!

Thankyou

[corey19981]

also it needs to be so you can't even see the source code.

like there are programs out there where you can debug .net programs and see their source code even.

it needs to be totally secure

[BrailleSchool]

when it comes to encrypting stuff, depends on what you want to do... store the stuff in a text file or in a database??

for protecting the source code of the application, you would probably want to look into dotfuscator which comes with VB.NET's IDE

just want to let you know though, you can make the application as secure and protected as you can but it will NEVER be 100% protected. if someone wants to crack it, they will sooner or later find the way

[SpInKsTaR]

Dunno if this helps but

Code:

Imports System.Security.Cryptography

Public Class Form1

    Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
        Dim text As String = "test"
        Dim rsa As RSACryptoServiceProvider = New RSACryptoServiceProvider()
        Dim encrypted() As Byte = rsa.Encrypt(System.Text.ASCIIEncoding.UTF8.GetBytes(text), False)
        ' Encrypt string
        Dim encText As String = System.Text.ASCIIEncoding.UTF8.GetString(encrypted)
        TextBox1.Text = (encText)
    End Sub

    Private Sub Button1_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles Button1.Click
        Dim text As String = TextBox1.Text
        Dim rsa As RSACryptoServiceProvider = New RSACryptoServiceProvider()
        Dim encrypted() As Byte = rsa.Encrypt(System.Text.ASCIIEncoding.UTF8.GetBytes(text), False)
        ' Decrypt string

        Dim decText As String = System.Text.ASCIIEncoding.UTF8.GetString(rsa.Decrypt(encrypted, False))

        MessageBox.Show(decText)
    End Sub
End Class

Have fun 8)

[ntg]

The sole solution I know that can protect against IL viewers is Protector.

[corey19981]

thanks for trying spinkstar but see, people will just look and actually see the source code, so they will SEE the dim text as string = "test"

I'll look at your solutions ntg & braille, they look promising!

[corey19981]

i get error invalid assembly name when I try to upload my executable to the obsfucator that you gave me ntg.

now to try brialles solution.

[ntg]

Forget about the obfuscator and check out the protector's features. There's no demo for it unfortunately.

[corey19981]

Forget about the obfuscator and check out the protector's features. There's no demo for it unfortunately.

so does that mean there is nothing I can use without paying money?

It really neesd to be free.

[ntg]

I hate to sound like someone else's ad, but if you need to really protect your code against ILasm and such tools you'll need to get some serious copy protection component. Alternatively, you can use a smart card dongle but those aren't free either.

[BrailleSchool]

I hate to sound like someone else's ad, but if you need to really protect your code against ILasm and such tools you'll need to get some serious copy protection component. Alternatively, you can use a smart card dongle but those aren't free either.

most people wouldnt want to use them either