• Welcome to Theos PowerBasic Museum 2017.

Nice Tool for mangling Text into a PowerBASIC function

Started by Steve Hutchesson, January 05, 2010, 08:07:46 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Steve Hutchesson

January 05, 2010, 08:07:46 AM Last Edit: January 06, 2010, 11:36:08 AM by Steve Hutchesson
I have needed a toy like this for a while, take any plain text, paste it into the tool, press the convert button and you get a randomised basic function that returnes the original string. Its purpose is to make modifying text in an executable far more difficult to modify as instead of just opening the EXE file in a hex editor, the would be hacker must first find the data in the .CODE section, untangle it and modify it. The other factor is every time you convert the same text you get a different result as it is randomised in a way that cannot be duplicated even by the original user.

It can be broken if someone takes long enough but its a genuine pain in the ass to try and edit characters in this format. This is what the output looks like.

NOTE: I just posted a slightly modified version that prevents reconverting the result. Makes the tool a bit less error prone.

The copyright notice at the top of the example is typically the type of data you would hide if your application is subject to people trying to hack or edit it in a hex editor. If you dis-assemble the example you will see none of that text in the DATA section, you can find the MOV statements but they are randomised and very difficult to edit to change the text.

Code Select

#IF 0  ' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Copyright (c) hutch@movsd.com 2010
Steve Hutchesson All Rights Reserved

#ENDIF ' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

FUNCTION copyright() as STRING

    #REGISTER NONE

    LOCAL pstr as DWORD

    a$ = nul$(72)
    pstr = StrPtr(a$)

    ! mov esi, pstr

    ! mov BYTE PTR [esi+58], 105
    ! mov BYTE PTR [esi+62], 115
    ! mov BYTE PTR [esi+16], 116
    ! mov BYTE PTR [esi+38], 101
    ! mov BYTE PTR [esi+5], 105
    ! mov BYTE PTR [esi+32], 49
    ! mov BYTE PTR [esi+27], 111
    ! mov BYTE PTR [esi+59], 103
    ! mov BYTE PTR [esi+45], 99
    ! mov BYTE PTR [esi+12], 41
    ! mov BYTE PTR [esi+30], 50
    ! mov BYTE PTR [esi+7], 104
    ! mov BYTE PTR [esi+18], 104
    ! mov BYTE PTR [esi+0], 67
    ! mov BYTE PTR [esi+15], 117
    ! mov BYTE PTR [esi+49], 115
    ! mov BYTE PTR [esi+19], 64
    ! mov BYTE PTR [esi+34], 13
    ! mov BYTE PTR [esi+52], 32
    ! mov BYTE PTR [esi+22], 118
    ! mov BYTE PTR [esi+13], 32
    ! mov BYTE PTR [esi+10], 40
    ! mov BYTE PTR [esi+14], 104
    ! mov BYTE PTR [esi+55], 108
    ! mov BYTE PTR [esi+28], 109
    ! mov BYTE PTR [esi+11], 99
    ! mov BYTE PTR [esi+47], 101
    ! mov BYTE PTR [esi+21], 111
    ! mov BYTE PTR [esi+2], 112
    ! mov BYTE PTR [esi+24], 100
    ! mov BYTE PTR [esi+63], 32
    ! mov BYTE PTR [esi+8], 116
    ! mov BYTE PTR [esi+42], 72
    ! mov BYTE PTR [esi+57], 82
    ! mov BYTE PTR [esi+3], 121
    ! mov BYTE PTR [esi+69], 118
    ! mov BYTE PTR [esi+61], 116
    ! mov BYTE PTR [esi+26], 99
    ! mov BYTE PTR [esi+65], 101
    ! mov BYTE PTR [esi+71], 100
    ! mov BYTE PTR [esi+40], 101
    ! mov BYTE PTR [esi+44], 116
    ! mov BYTE PTR [esi+33], 48
    ! mov BYTE PTR [esi+4], 114
    ! mov BYTE PTR [esi+51], 110
    ! mov BYTE PTR [esi+25], 46
    ! mov BYTE PTR [esi+56], 32
    ! mov BYTE PTR [esi+60], 104
    ! mov BYTE PTR [esi+6], 103
    ! mov BYTE PTR [esi+50], 111
    ! mov BYTE PTR [esi+43], 117
    ! mov BYTE PTR [esi+54], 108
    ! mov BYTE PTR [esi+36], 83
    ! mov BYTE PTR [esi+46], 104
    ! mov BYTE PTR [esi+68], 114
    ! mov BYTE PTR [esi+41], 32
    ! mov BYTE PTR [esi+70], 101
    ! mov BYTE PTR [esi+37], 116
    ! mov BYTE PTR [esi+17], 99
    ! mov BYTE PTR [esi+9], 32
    ! mov BYTE PTR [esi+39], 118
    ! mov BYTE PTR [esi+66], 115
    ! mov BYTE PTR [esi+35], 10
    ! mov BYTE PTR [esi+53], 65
    ! mov BYTE PTR [esi+23], 115
    ! mov BYTE PTR [esi+67], 101
    ! mov BYTE PTR [esi+31], 48
    ! mov BYTE PTR [esi+20], 109
    ! mov BYTE PTR [esi+1], 111
    ! mov BYTE PTR [esi+48], 115
    ! mov BYTE PTR [esi+29], 32
    ! mov BYTE PTR [esi+64], 82

    FUNCTION = a$

END FUNCTION

' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Steve Hutchesson

#2
January 09, 2010, 02:51:57 AM
Hi John,

I am glad someone liked it, lets hope it can add some misery to the life of a few script kiddies.  ;D

Frank Brübach

#3
January 09, 2010, 03:18:04 PM Last Edit: January 09, 2010, 03:21:41 PM by Frank Brübach
hi steve, john, thanks for your copyright example (mangling text), I like it to :)

do me please one favour and send complete code for compiling ? your example hasn't work for me, sorry. would be nice! I am learning new things around asm and it's super fast, I didn't want to use it but for calculations and call various functions it's often better to use assembler code. it's a pity cause it's still an alien country for me, I am making one step after another. I have compiled your example with PBWIN 9.03, works very fine. I like the new PBWIN issue, seems to be very stabil and fast! :D

Code Select
#IF 0  ' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Copyright (c) hutch@movsd.com 2010
Steve Hutchesson ALL Rights Reserved

#ENDIF ' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

#COMPILE EXE
#DIM ALL

FUNCTION PBMAIN () AS LONG

   MSGBOX "this country belongs to mr/mrs. : " + copyright

END FUNCTION

FUNCTION copyright() AS STRING

   #REGISTER NONE

   LOCAL pstr AS DWORD
   LOCAL a AS STRING
   
   a = NUL$(72)
   pstr = STRPTR(a)

   ! mov esi, pstr

   ! mov BYTE PTR [esi+58], 105
   ! mov BYTE PTR [esi+62], 115
   ! mov BYTE PTR [esi+16], 116
   ! mov BYTE PTR [esi+38], 101
   ! mov BYTE PTR [esi+5], 105
   ! mov BYTE PTR [esi+32], 49
   ! mov BYTE PTR [esi+27], 111
   ! mov BYTE PTR [esi+59], 103
   ! mov BYTE PTR [esi+45], 99
   ! mov BYTE PTR [esi+12], 41
   ! mov BYTE PTR [esi+30], 50
   ! mov BYTE PTR [esi+7], 104
   ! mov BYTE PTR [esi+18], 104
   ! mov BYTE PTR [esi+0], 67
   ! mov BYTE PTR [esi+15], 117
   ! mov BYTE PTR [esi+49], 115
   ! mov BYTE PTR [esi+19], 64
   ! mov BYTE PTR [esi+34], 13
   ! mov BYTE PTR [esi+52], 32
   ! mov BYTE PTR [esi+22], 118
   ! mov BYTE PTR [esi+13], 32
   ! mov BYTE PTR [esi+10], 40
   ! mov BYTE PTR [esi+14], 104
   ! mov BYTE PTR [esi+55], 108
   ! mov BYTE PTR [esi+28], 109
   ! mov BYTE PTR [esi+11], 99
   ! mov BYTE PTR [esi+47], 101
   ! mov BYTE PTR [esi+21], 111
   ! mov BYTE PTR [esi+2], 112
   ! mov BYTE PTR [esi+24], 100
   ! mov BYTE PTR [esi+63], 32
   ! mov BYTE PTR [esi+8], 116
   ! mov BYTE PTR [esi+42], 72
   ! mov BYTE PTR [esi+57], 82
   ! mov BYTE PTR [esi+3], 121
   ! mov BYTE PTR [esi+69], 118
   ! mov BYTE PTR [esi+61], 116
   ! mov BYTE PTR [esi+26], 99
   ! mov BYTE PTR [esi+65], 101
   ! mov BYTE PTR [esi+71], 100
   ! mov BYTE PTR [esi+40], 101
   ! mov BYTE PTR [esi+44], 116
   ! mov BYTE PTR [esi+33], 48
   ! mov BYTE PTR [esi+4], 114
   ! mov BYTE PTR [esi+51], 110
   ! mov BYTE PTR [esi+25], 46
   ! mov BYTE PTR [esi+56], 32
   ! mov BYTE PTR [esi+60], 104
   ! mov BYTE PTR [esi+6], 103
   ! mov BYTE PTR [esi+50], 111
   ! mov BYTE PTR [esi+43], 117
   ! mov BYTE PTR [esi+54], 108
   ! mov BYTE PTR [esi+36], 83
   ! mov BYTE PTR [esi+46], 104
   ! mov BYTE PTR [esi+68], 114
   ! mov BYTE PTR [esi+41], 32
   ! mov BYTE PTR [esi+70], 101
   ! mov BYTE PTR [esi+37], 116
   ! mov BYTE PTR [esi+17], 99
   ! mov BYTE PTR [esi+9], 32
   ! mov BYTE PTR [esi+39], 118
   ! mov BYTE PTR [esi+66], 115
   ! mov BYTE PTR [esi+35], 10
   ! mov BYTE PTR [esi+53], 65
   ! mov BYTE PTR [esi+23], 115
   ! mov BYTE PTR [esi+67], 101
   ! mov BYTE PTR [esi+31], 48
   ! mov BYTE PTR [esi+20], 109
   ! mov BYTE PTR [esi+1], 111
   ! mov BYTE PTR [esi+48], 115
   ! mov BYTE PTR [esi+29], 32
   ! mov BYTE PTR [esi+64], 82

   FUNCTION = a

END FUNCTION



thanks for this code example !

Steve Hutchesson

#4
January 09, 2010, 11:35:01 PM Last Edit: January 09, 2010, 11:39:08 PM by Steve Hutchesson
Frank,

There is no need to modify enything in the function, just give it the name you require so you can call it from your normal code. Here is a working test piece. Your own code has DIM ALL in it which may interfere with the locals in the ASM procedure, if that is the case then you would declare them first.

Code Select

' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

FUNCTION PBmain as LONG

    msgbox AboutBoxString

End FUNCTION

#IF 0  ' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Copyright (c) Frank Brübach 2010
All Rights Reserved

#ENDIF ' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

FUNCTION AboutBoxString() as STRING

    #REGISTER NONE

    LOCAL pstr as DWORD

    a$ = nul$(53)
    pstr = StrPtr(a$)

    ! mov esi, pstr

    ! mov BYTE PTR [esi+28], 50
    ! mov BYTE PTR [esi+39], 105
    ! mov BYTE PTR [esi+1], 111
    ! mov BYTE PTR [esi+36], 108
    ! mov BYTE PTR [esi+10], 40
    ! mov BYTE PTR [esi+23], 98
    ! mov BYTE PTR [esi+5], 105
    ! mov BYTE PTR [esi+9], 32
    ! mov BYTE PTR [esi+12], 41
    ! mov BYTE PTR [esi+22], 252
    ! mov BYTE PTR [esi+37], 32
    ! mov BYTE PTR [esi+7], 104
    ! mov BYTE PTR [esi+4], 114
    ! mov BYTE PTR [esi+43], 115
    ! mov BYTE PTR [esi+8], 116
    ! mov BYTE PTR [esi+14], 70
    ! mov BYTE PTR [esi+45], 82
    ! mov BYTE PTR [esi+26], 104
    ! mov BYTE PTR [esi+44], 32
    ! mov BYTE PTR [esi+35], 108
    ! mov BYTE PTR [esi+11], 99
    ! mov BYTE PTR [esi+48], 101
    ! mov BYTE PTR [esi+18], 107
    ! mov BYTE PTR [esi+19], 32
    ! mov BYTE PTR [esi+34], 65
    ! mov BYTE PTR [esi+6], 103
    ! mov BYTE PTR [esi+38], 82
    ! mov BYTE PTR [esi+32], 13
    ! mov BYTE PTR [esi+41], 104
    ! mov BYTE PTR [esi+21], 114
    ! mov BYTE PTR [esi+51], 101
    ! mov BYTE PTR [esi+33], 10
    ! mov BYTE PTR [esi+30], 49
    ! mov BYTE PTR [esi+3], 121
    ! mov BYTE PTR [esi+0], 67
    ! mov BYTE PTR [esi+50], 118
    ! mov BYTE PTR [esi+17], 110
    ! mov BYTE PTR [esi+52], 100
    ! mov BYTE PTR [esi+47], 115
    ! mov BYTE PTR [esi+16], 97
    ! mov BYTE PTR [esi+31], 48
    ! mov BYTE PTR [esi+15], 114
    ! mov BYTE PTR [esi+20], 66
    ! mov BYTE PTR [esi+25], 99
    ! mov BYTE PTR [esi+24], 97
    ! mov BYTE PTR [esi+46], 101
    ! mov BYTE PTR [esi+13], 32
    ! mov BYTE PTR [esi+49], 114
    ! mov BYTE PTR [esi+42], 116
    ! mov BYTE PTR [esi+27], 32
    ! mov BYTE PTR [esi+40], 103
    ! mov BYTE PTR [esi+2], 112
    ! mov BYTE PTR [esi+29], 48

    FUNCTION = a$

END FUNCTION

' ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
Print
Go Up Pages1
User actions