Sorry for this dumb question, assembler & cracking is not my thing. But I do have a passing interest in protecting apps. So I was wondering....
If a binary is built using RTTI, could this be helpful to a cracker?
Sorry for this dumb question, assembler & cracking is not my thing. But I do have a passing interest in protecting apps. So I was wondering....
If a binary is built using RTTI, could this be helpful to a cracker?
Perhaps, but I think a cracker would only be able to find the class name. Stroustrup describes an implementation of RTTI where the virtual table has a pointer to the rtti data. There, the type_info struct is stored which will have a pointer to the class name. So I would suppose a hacker could find the virtual table and then find the class name.
I haven't even read a sentence on anything you guys are talking about, but I have general computer knowledge and can pick up from context clues. Couldn't you use a memory scanner and scan for the table with something such as a key word, or value you know is in it. Like write code to increment the hex memory value and then scan the pointer and do something like check if the pointer's actual memory value (the value stored in memeory) is equal to the key word or value you know. Then you would know where the table is located. Once you know that you could write code to scan between certain locations and you could narrow the table down from there. Then you could have the entire table and would have all the values you would need. Possibly, like I said I have no clue what you guys are talking about really, I am babling on about some hypothetical situation that doesn't even exist, but I am just trying to help :P.
>Perhaps, but I think a cracker would only be able to find the class name.
That's helpful. Thanks.
>I haven't even read a sentence on anything you guys are talking about... I am babling on about some hypothetical situation that doesn't even exist, but I am just trying to help
Thanks for the reply. If I read you correctly (forgive me I haven't), I was trying to say I want to protect my shareware apps, not ruin someone elses hardwork.
Can I take it that, with some effort, a cracker could access namespace & classnames? However, the classnames won't be littered around like literal string comments.
Oh, sorry, i thought you were trying to crack something, not protect it. :P
I'm pretty certain that it can be done, even if the object layout uses some sort of name mangling scheme. The cracker would then only be able to match up the class if the there's a virtual method(classes that don't use virtuals do not have rtti).Can I take it that, with some effort, a cracker could access namespace & classnames? However, the classnames won't be littered around like literal string comments.
If you're using a GCC-based compiler, you can use the strip command to pull out all unnecessary strings.
Naturally I didn't feel inspired enough to read all the links for you, since I already slaved away for long hours under a blistering sun pressing the search button after typing four whole words! - Quzah
You. Fetch me my copy of the Wall Street Journal. You two, fight to the death - Stewie