Basic C encryption

Basic C encryption

[Fabio Miranda Hamburger]

Hi, I need a small, basic way to encrypt a binary file saving a custom
class from a windoze 32 proyect.

For example, add +1 to each character that is about to be saved in the
disk. How would that be?

---
Fabio Andres Miranda
Ingenieria de sistemas informaticos
Universidad Latina - Costa Rica

Re: Basic C encryption

[Jan-Benedict Glaw]

[-- Attachment #1: Type: text/plain, Size: 605 bytes --]

On Tue, 2003-07-08 08:13:13 -0600, Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr>
wrote in message <Pine.LNX.4.44.0307080811450.26970-100000@ns.isi.ulatina.ac.cr>:

> For example, add +1 to each character that is about to be saved in the
> disk. How would that be?

Dumb.

MfG, JBG

-- 
   Jan-Benedict Glaw       jbglaw@lug-owl.de    . +49-172-7608481
   "Eine Freie Meinung in  einem Freien Kopf    | Gegen Zensur | Gegen Krieg
    fuer einen Freien Staat voll Freier Bürger" | im Internet! |   im Irak!
      ret = do_actions((curr | FREE_SPEECH) & ~(IRAQ_WAR_2 | DRM | TCPA));

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: Basic C encryption

[Fabio Miranda Hamburger]

> On Tue, 2003-07-08 08:13:13 -0600, Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr>
> wrote in message <Pine.LNX.4.44.0307080811450.26970-100000@ns.isi.ulatina.ac.cr>:
>
> > For example, add +1 to each character that is about to be saved in the
> > disk. How would that be?
>
> Dumb.

Sure It's.
How to add the value to the ascii code of the char and no to the value
itself?

Re: Basic C encryption

[Jan-Benedict Glaw]

[-- Attachment #1: Type: text/plain, Size: 1036 bytes --]

On Tue, 2003-07-08 08:33:33 -0600, Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr>
wrote in message <Pine.LNX.4.44.0307080832340.27188-100000@ns.isi.ulatina.ac.cr>:
> > On Tue, 2003-07-08 08:13:13 -0600, Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr>
> > wrote in message <Pine.LNX.4.44.0307080811450.26970-100000@ns.isi.ulatina.ac.cr>:
> > > For example, add +1 to each character that is about to be saved in the
> > > disk. How would that be?
> >
> > Dumb.
> 
> How to add the value to the ascii code of the char and no to the value
> itself?

Isn't that more or less the same? You've got 8 bits in a row and want to
add 1. Ever noted that with ASCII characters, one follows the other?

MfG, JBG

-- 
   Jan-Benedict Glaw       jbglaw@lug-owl.de    . +49-172-7608481
   "Eine Freie Meinung in  einem Freien Kopf    | Gegen Zensur | Gegen Krieg
    fuer einen Freien Staat voll Freier Bürger" | im Internet! |   im Irak!
      ret = do_actions((curr | FREE_SPEECH) & ~(IRAQ_WAR_2 | DRM | TCPA));

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: Basic C encryption

[Glynn Clements]

Fabio Miranda Hamburger wrote:

> Hi, I need a small, basic way to encrypt a binary file saving a custom
> class from a windoze 32 proyect.
> 
> For example, add +1 to each character that is about to be saved in the
> disk. How would that be?

As Jan-Benedict said, that would be dumb. Substitution ciphers
(performing an identical mapping upon individual bytes) are trivial to
break.

I suggest getting the OpenSSL code and taking what you need from there
(e.g. RC4, as the actual encryption is only around a half-dozen lines
of code).

Of course, as with any such approach, a determined attacker can just
reverse-engineer your program to determine the encryption algorithm
and its key.

-- 
Glynn Clements <glynn.clements@virgin.net>

Re: Basic C encryption

[Fabio Miranda Hamburger]

> > Hi, I need a small, basic way to encrypt a binary file saving a custom
> > class from a windoze 32 proyect.
> >
> > For example, add +1 to each character that is about to be saved in the
> > disk. How would that be?
>
> As Jan-Benedict said, that would be dumb. Substitution ciphers
> (performing an identical mapping upon individual bytes) are trivial to
> break.
>
> I suggest getting the OpenSSL code and taking what you need from there
> (e.g. RC4, as the actual encryption is only around a half-dozen lines
> of code).
>
> Of course, as with any such approach, a determined attacker can just
> reverse-engineer your program to determine the encryption algorithm
> and its key.

C'mon guys. I just need a basic encrypt from project of a subject of my
bachelor.
It's not big deal. I am out of time also.
How can I add 1 to the ascii value of a char and write it to disc. Then,
When am I going to read it, I have to reduce to 1 the ascii value.

Re: Basic C encryption

[Jan-Benedict Glaw]

[-- Attachment #1: Type: text/plain, Size: 1540 bytes --]

On Tue, 2003-07-08 09:26:44 -0600, Fabio Miranda Hamburger <fabmirha@ns.isi.ulatina.ac.cr>
wrote in message <Pine.LNX.4.44.0307080924450.28267-100000@ns.isi.ulatina.ac.cr>:

> C'mon guys. I just need a basic encrypt from project of a subject of my
> bachelor.
> It's not big deal. I am out of time also.
> How can I add 1 to the ascii value of a char and write it to disc. Then,
> When am I going to read it, I have to reduce to 1 the ascii value.

So you want no compile your program, modify the binary and after
startup, you want the binary to "cure" itself?

Some systems won't even allow that (sometimes, you can either execute
_or_ modify code, but not both). Further more, you'd have to localize
your target function. Even that's a hard part (maybe you can play with
explicitely named sections), but you'll need in-depth knowledge of the
binary format your binary uses (most probably ELF or ELF64) or you need
to use the libbfd.

So - there's on "simple" way to achieve this.

Or this one - compile your function into a separate .o file and
dynamically link it with dlopen()/dlsym()/dlclose(). But then, the
reader is presented with a single object of interest:)

Again - easy to de"crypt".

MfG, JBG

-- 
   Jan-Benedict Glaw       jbglaw@lug-owl.de    . +49-172-7608481
   "Eine Freie Meinung in  einem Freien Kopf    | Gegen Zensur | Gegen Krieg
    fuer einen Freien Staat voll Freier Bürger" | im Internet! |   im Irak!
      ret = do_actions((curr | FREE_SPEECH) & ~(IRAQ_WAR_2 | DRM | TCPA));

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

RE: Basic C encryption

[Huber, George K CECOM RDEC STCD SRI]

Just add one.

For example, assume that there is a function (ReadByte()) that reads
a single byte from a file and returns it as a char.  Also assume that 
there is a function (WriteByte(char)) that writes a single character
to an output file.  With these two functions, you can write your
encryption routine as:

unsigned char  ch;

while(!EOF)
{
   ch = ReadByte();
   int    nVal = (int)ch + 1;
   if(nVal > 255) nVal = 0;
   WriteByte(char(nVal));
}

So, for example if we read the character 'Z' from the input file which
has the ACSII value of 90, after adding one we would have the value 
91, which is character [.

The reason for the test is that in reading a binary file it is possible 
to return 0xFF as a possible value, which on adding on would yield 0x100
which would not fit into a single-byte quanity.  The decryption routine
would be as simple,

unsigned char  ch;

while(!EOF)
{
    ch = ReadByte();
    int   nVal = (int)ch - 1;
    if(nVal < 0) nVal = 255;
    WriteByte(char(nVal));
}



As others have pointed out, a simple subsitituion cypher is very easy
to break.  With a few additional lines of code, you can get a stronger
encryption.  The following example assumes that the values in the 
input file are between 0 and 127 (i.e. the normal ASCII values).  It is
left as an exercise for the reader to figure out how to modify this 
for the case when the values are between 0 and 255.

char*    lpKey = "This is a key"
char     ch;
int      nIdx = 0;


while(!EOF)
{
    ch = ReadByte();
    if(nIdx >= strlen(lpKey)) nIdx = 0;
    ch = (int)ch + int(lpKey[nIdx++]);
    WriteByte(ch);
}

George Huber




-----Original Message-----
From: Fabio Miranda Hamburger [mailto:fabmirha@ns.isi.ulatina.ac.cr]
Sent: Tuesday, July 08, 2003 10:13 AM
To: linux-c-programming@vger.kernel.org
Subject: Basic C encryption


Hi, I need a small, basic way to encrypt a binary file saving a custom
class from a windoze 32 proyect.

For example, add +1 to each character that is about to be saved in the
disk. How would that be?

---
Fabio Andres Miranda
Ingenieria de sistemas informaticos
Universidad Latina - Costa Rica


-
To unsubscribe from this list: send the line "unsubscribe
linux-c-programming" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Basic C encryption

[Jan-Benedict Glaw]

[-- Attachment #1: Type: text/plain, Size: 1856 bytes --]

On Tue, 2003-07-08 13:48:14 -0400, Huber, George K CECOM RDEC STCD SRI <George.K.Huber@us.army.mil>
wrote in message <DDFD9B60F648D411AD670000F80822EA03FCAAB6@mail7.monmouth.army.mil>:
> Just add one.

[...]

Nice examples, but mostly worthless. It was asked to "encrypt" a
function (or a class/instance), not a file. Starting with the binary,
you'd first need to find your function/method. Note that objects per se
don't need to have _one_ block of bytes in the binary file. After
loading the binary you'd need to modify the text segment (forget on
objects and their instances). Many systems don't even allow you to
modify pages marked as executable (X^W -> Executeable xor writeable).

And even if you'd manage to make it up to here - the binary file might
be hard to "decrypt", but the CPU needs to execute the "real", decrypted
function. Send a SIGABRT (-> application will core dump) and load the
core into your favourite debugger - the hidden function now read as
decrypted:)

Well, SIGABRT is SIGIGNored? No problem - a little LD_PRELOAD library
containing the signal function will easily solve that:)

Who teaches such bad and evil hacking methods? Think real life! So many
vendors produce a whole *shit* of applications (w/o sources) and
oftenly, it's simply no way to make them to debug their shit. If you
need to run it (or need to make it run, even if there are grave bugs),
you need to work around them (including fixing the binary application,
substituting library functions and all the fun...).

MfG, JBG

-- 
   Jan-Benedict Glaw       jbglaw@lug-owl.de    . +49-172-7608481
   "Eine Freie Meinung in  einem Freien Kopf    | Gegen Zensur | Gegen Krieg
    fuer einen Freien Staat voll Freier Bürger" | im Internet! |   im Irak!
      ret = do_actions((curr | FREE_SPEECH) & ~(IRAQ_WAR_2 | DRM | TCPA));

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

RE: Basic C encryption

[Huber, George K CECOM RDEC STCD SRI]

-----Original Message-----
From: Jan-Benedict Glaw [mailto:jbglaw@lug-owl.de]
Sent: Tuesday, July 08, 2003 2:52 PM
To: linux-c-programming@vger.kernel.org
Subject: Re: Basic C encryption

Jan-Benedict Glaw wrote:

>On Tue, 2003-07-08 13:48:14 -0400, Huber, George K CECOM RDEC STCD SRI
<George.K.Huber@us.army.mil>
>wrote in message
<DDFD9B60F648D411AD670000F80822EA03FCAAB6@mail7.monmouth.army.mil>:
>> Just add one.

[...]

>Nice examples, but mostly worthless. It was asked to "encrypt" a
>function (or a class/instance), not a file. Starting with the binary,
>you'd first need to find your function/method. Note that objects per se

[...]

actually read the original post, quoted below:

"Hi, I need a small, basic way to encrypt a binary file saving a custom
class from a windoze 32 proyect.

For example, add +1 to each character that is about to be saved in the
disk. How would that be?"

The original poster wanted to encrypt a binary file.  The question that he
asks is how to add a one to each characte (byte) being saved to disk -
exactly what my examples show.

George Huber

Re: Basic C encryption

[Jan-Benedict Glaw]

[-- Attachment #1: Type: text/plain, Size: 1816 bytes --]

On Tue, 2003-07-08 16:03:30 -0400, Huber, George K CECOM RDEC STCD SRI <George.K.Huber@us.army.mil>
wrote in message <DDFD9B60F648D411AD670000F80822EA03FCAAB7@mail7.monmouth.army.mil>:
> Jan-Benedict Glaw wrote:
> >Nice examples, but mostly worthless. It was asked to "encrypt" a
> >function (or a class/instance), not a file. Starting with the binary,
> >you'd first need to find your function/method. Note that objects per se
> actually read the original post, quoted below:
> 
> "Hi, I need a small, basic way to encrypt a binary file saving a custom
> class from a windoze 32 proyect.

"custom class"?

> The original poster wanted to encrypt a binary file.  The question that he
> asks is how to add a one to each characte (byte) being saved to disk -
> exactly what my examples show.

If it was ment that way - you're right and I claim to be unable to
read:)

However, my reading was that he wanted to hide some
functions/methods/classes from a binary executable file, which is a
non-trivial task, esp. because unencrypting it is much more easier than
encrypting it.

For the purpose of simply encrypting some random data, I'd say to
install gnupg and use one of its simple password ciphers. Then, he even
gets high-quality encryption for the price of only writing some little
wrapper (or using gpgme, which IMHO isn't really easier than writing a
wrapper for that purpose...).

If I misread the original posting - I'm really sorry for submitting TOFU
then...

MfG, JBG

-- 
   Jan-Benedict Glaw       jbglaw@lug-owl.de    . +49-172-7608481
   "Eine Freie Meinung in  einem Freien Kopf    | Gegen Zensur | Gegen Krieg
    fuer einen Freien Staat voll Freier Bürger" | im Internet! |   im Irak!
      ret = do_actions((curr | FREE_SPEECH) & ~(IRAQ_WAR_2 | DRM | TCPA));

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]