Wintel Machine Code Anti-Reversing Exercise
Description of the Exercise:
Apply the anti-reversing techniques Eliminating Symbolic Information and Obfuscating the Program, both introduced in sections 6 and 7 of the report, to the C/C++ source code of the Password Vault application with the goal of making it more difficult to disable the trial limitation. Rebuild the executable binary for the Password Vault application from the modified sources using the GNU compiler collection for Windows. Show that the Wintel Machine Code Reversing and Patching Exercise can no longer be carried out as demonstrated.
Software for the Exercise:
- Password Vault C/C++ Source (See directory password_vault_cpp_unobfuscated)
Solution to the Exercise:
- Password Vault C/C++ Source (See directory password_vault_cpp_obfuscated)
- Modifications to PasswordVaultConsoleUtil.cpp
Figure 1. Encrypted strings are decrypted each time they are displayed
Figure 2. Record limit comperands are represented as exponents with a base of 2
Figure 3. Obfuscated control flow logic for testing the password record limit
Posted on May 7th, 2009 | By: teodoro
Comments are closed.
