Self Integrity Check

This is a discussion on Self Integrity Check within the Windows Programming forums, part of the Platform Specific Boards category; hey..i was wondering if anyone knew of a tutorial / had code of how to implement a self integrity check ...

  1. #1
    Shibby willc0de4food's Avatar
    Join Date
    Mar 2005
    Location
    MI
    Posts
    378

    Self Integrity Check

    hey..i was wondering if anyone knew of a tutorial / had code of how to implement a self integrity check into a program. or how do i do it? i think if i knew how, i could do it...possibly. i searched google and that came up with a forum but that didnt really help.

    thanks
    Registered Linux User #380033. Be counted: http://counter.li.org

  2. #2
    train spotter
    Join Date
    Aug 2001
    Location
    near a computer
    Posts
    3,856
    You could look at CRCs (depending on your needs).

    You open the file as bytes, read each and calculate a big number.

    This number should not change for the same file.

    Two files could add to the same number but the possibility is usually small enough to be OK.
    "Man alone suffers so excruciatingly in the world that he was compelled to invent laughter."
    Friedrich Nietzsche

    "I spent a lot of my money on booze, birds and fast cars......the rest I squandered."
    George Best

    "If you are going through hell....keep going."
    Winston Churchill

  3. #3
    and the hat of wrongness Salem's Avatar
    Join Date
    Aug 2001
    Location
    The edge of the known universe
    Posts
    32,451
    > how to implement a self integrity check into a program
    With what aim? Detecting if your program has been hacked?

    Surely any hack which damaged your program would also fix the check to still say "success".
    If you dance barefoot on the broken glass of undefined behaviour, you've got to expect the occasional cut.
    If at first you don't succeed, try writing your phone number on the exam paper.
    I support http://www.ukip.org/ as the first necessary step to a free Europe.

  4. #4
    Shibby willc0de4food's Avatar
    Join Date
    Mar 2005
    Location
    MI
    Posts
    378
    how?
    Registered Linux User #380033. Be counted: http://counter.li.org

  5. #5
    Super Moderator
    Join Date
    Sep 2001
    Posts
    4,913
    I think I should sue you for the injuries sustained when I banged my head on my desk after reading that response.

  6. #6
    Shibby willc0de4food's Avatar
    Join Date
    Mar 2005
    Location
    MI
    Posts
    378
    so you dont know how they'd fix it to be successful? or its so obvious that its childs play..?

    :P
    Registered Linux User #380033. Be counted: http://counter.li.org

  7. #7
    Registered User
    Join Date
    Mar 2005
    Posts
    76
    If its just for safety, a simple crc check is enough. If it is to prevent hacking, you should give it some thought about how to do it. Some simple tips:

    - If the check fails, never ever give a message box immediately.
    - Doing some string obvuscation isnt a bad idea.
    - It might help to put in some fake strings like "The integerty check failed"

    But for some real advise you should atleast mention why you want to check the integrity.
    Last edited by johny145; 09-18-2005 at 04:19 PM.

  8. #8
    Registered User
    Join Date
    Sep 2004
    Location
    California
    Posts
    3,246
    or its so obvious that its childs play..?
    To anyone with any dissassembly experience it is. Here are some hints on how to make your code more secure though.

    Never do something along the lines of:
    Code:
    if(!integretyCheck())
       checkFailed();
    When you do that, all a hacker has to do is find the jump that leads to the checkFailed() routine, and change it to a no-op. Instead, try and get creative with dead-end jumps and such.

    If your platform is Windows, then use the API call IsDebuggerPresent() to make sure your binary is not being run through a debugger.

    As johny145 stated, never output a message box that tells the user that the integrety check failed. Just exit the program silently.

    There isn't any way to make your binary 100% secure against good hackers, but you can make it difficult to the point where they choose to spend their time cracking something easier.

  9. #9
    Super Moderator VirtualAce's Avatar
    Join Date
    Aug 2001
    Posts
    9,590
    To anyone with any dissassembly experience it is. Here are some hints on how to make your code more secure though.
    Ok. That was random. Why do you need disassembly experience for this?

  10. #10
    Shibby willc0de4food's Avatar
    Join Date
    Mar 2005
    Location
    MI
    Posts
    378
    he's not saying you need it, he's saying for anyone that has it. lol
    Registered Linux User #380033. Be counted: http://counter.li.org

  11. #11
    C++ Enthusiast jmd15's Avatar
    Join Date
    Mar 2005
    Location
    MI
    Posts
    532
    Just wondering, but what are you making that will require this?
    Trinity: "Neo... nobody has ever done this before."
    Neo: "That's why it's going to work."
    c9915ec6c1f3b876ddf38514adbb94f0

  12. #12
    Disrupting the universe Mad_guy's Avatar
    Join Date
    Jun 2005
    Posts
    258
    Another trick you might want to try is simply using SEH a lot, since it tends to aggrivate debuggers quite a bit.

    Also, do not always trust IsDebuggerPresent, you can easily destroy it's entire functionality by altering a part of the PEB in a program.

    Do note that you can never exactly make your program 100% secure in every way. Thanks to programs like SoftICE and IDA Pro, anybody can really peer around your program providing they know how. Many reverse engineerers (I can Reverse engineer fairly well I suppose, although many disassemblies tend to confuse me at first glance) simply look at your programs' logic and can reconstruct psuedo-code based off that, which they then use that to try and find a vulnerability in your program and exploit that via something like a format string or buffer overflow, or simply develop a patch for it.



    Of course, you could always try to implement some type of morphing engine into your program much like how many viruses these days do in order to have your program dynamically change every time.
    Last edited by Mad_guy; 09-21-2005 at 09:59 PM.
    operating systems: mac os 10.6, debian 5.0, windows 7
    editor: back to emacs because it's more awesomer!!
    version control: git

    website: http://0xff.ath.cx/~as/

  13. #13
    Shibby willc0de4food's Avatar
    Join Date
    Mar 2005
    Location
    MI
    Posts
    378
    >> Just wondering, but what are you making that will require this?

    Secure Text Editor. however its not very secure as of yet It may seem like overkill to you, but i think it would be good to have. part of the reason why I do things is to that I can teach myself how. Hence the reason I made a hangman program dealing with bitmaps (my programs can be found at http://www.angelfire.com/droid/willc0de4food , and i usually store the source for the programs in a folder called "source" whereas programs are in "programs"). This text editor is also the reason I was trying to get encryption working with wincrypt.h but that was never successful. But I didn't delete the code I tried, I simply commented it out if you or anyone is curious, the source code can be downloaded from: http://www.angelfire.com/droid/willc...d/sectext.html
    mm..idk if i was going to say anything else. so yea...bye..
    Registered Linux User #380033. Be counted: http://counter.li.org

  14. #14
    Registered User
    Join Date
    Sep 2003
    Posts
    23
    Yesterday I uploaded latest version of my app to my web server and then downloaded it to my notebook. It crashed before splash screen with stack overflow or some message like that.

    I went back to my desktop, run the original and it worked well. I moved my app to my laptop with usb stick and it worked well. Then I took it from web server again and it crashed.

    Well, both EXE files had same size reported in Properties but later I managed to erase the crashing version from both my web server and my disk. If I was smarter I should have compared them somehow, byte for byte with some utility or maybe I should have wrote one myself, but related to this topic, I am not sure if some self-check at startup would have caught this kind of a problem or would it just crash in low-level startup code?

    Too bad, both IE and file manager at my web server failed to tell me the file got corruped at upload.
    Last edited by Delf; 09-22-2005 at 11:35 AM.

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. BN_CLICKED, change button style
    By bennyandthejets in forum Windows Programming
    Replies: 13
    Last Post: 07-05-2010, 11:42 PM
  2. How can i check a directory for certain files?
    By patrioticpar883 in forum C++ Programming
    Replies: 13
    Last Post: 02-01-2008, 04:27 PM
  3. how to check input is decimal or not?
    By kalamram in forum C Programming
    Replies: 3
    Last Post: 08-31-2007, 07:07 PM
  4. Please check this loop
    By Daesom in forum C++ Programming
    Replies: 13
    Last Post: 11-02-2006, 12:52 AM
  5. how to check for end of line in a text file
    By anooj123 in forum C++ Programming
    Replies: 6
    Last Post: 10-24-2002, 11:21 PM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21