So let me get this straight. You want to create a process which can not be reverse engineered even if someone has physical access to the machine and has access to the process. Well this my friend is impossible. I myself can reverse engineer encrypted executables and its not that hard. Even though they are encrypted they have to decrypt the content before it runs it. So its very possible to take that unencrypted content and dump it as a unencrypted executable. But do you really think someone will go to these great lengths to find out what your key is? If you really do think that then you can make it harder for them to find it. I would recommend creating a simple executable that will do your back up and for your key you should chop it up into several variables of differing sizes and then when prompted you should concatenate them together to create your key but don't store it as a full key in a variable because someone could notice that when reverse engineering your executable that you have this long string of random characters. Then on top of that you can use a free packer like upx or get more sophisticated and find one way packers like ASpack.
Let me know if that helps out at all or if you have questions. Ali Websense Security Research Engineer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Winterlight Sent: Thursday, April 21, 2005 11:33 AM To: [email protected] Subject: [H] Programers I know there are a number of programers on this list. I have a data partition, that I backup using a batch file, and Winzip 9 command line. It is a simple batch file, that collects my email programs, all my data files, zips them all up up and encrypts them using 256 AES. I end up with around a 2GB encrypted zip file. I have it scheduled to run every night and then every couple of weeks upload it to my personal FTP server, at my company, at a out of state location. The problem is that anybody who looks at the batch file sees the 60 character AES key. Anybody who has physical access to the computer has access to the key. How to I compile and encrypt this so it can not be de-compiled and hacked? I know that I could encrypt the data partition, and then only need to back up the single encrypted image file. In fact, I am using a mounted Blowfish encrypted data drive, one for my data, and one for my email. I am zipping up the contents of those drives while they are mounted. So I need only copy the image files to another drive in order to back them up. You are wondering why I don't just copy the blowfish image files as a backup. Because In order to access them, after the computer burned up in fire, or was stolen, or whatever, I would have to install the encryption program in another computer, and mount the drives, and then cross my fingers that there are no glitches or anomalies. A zip file is a universal compression format, and Winzip has been around forever, and works on any version of windows. All I have to do is protect the key with the rest of my keys, and passwords, and restore the zip file on any windows box. I like to keep my backups simple, as well as secure. I have had too many failures, over the years with 3rd party backup programs. Unless you are testing them all the time you can never be sure that they will work the day you need them. A few years ago I bought a little program that is suppose to compile and encrypt batch files, ...it is no longer around. I used to protect my scripts on customers computers, but I discovered a funny thing. When I ran scripts in exe form on a 98 box, that were written to run Norton Utilities System Works utilities... virus scan, disk doctor, speed disk..... I would find a collection of numbered text files in the root directory with my plain as day script file. The guy I bought the encrypted compiler never replied to my question about how this could happen. so any thoughts on how I can protect the key in this batch file? thanks .--~~,__ :-....,-------`~ '._.' ` -,,, ,_ '~' _,-' ,'`-__; '--. (_/'~~ ''''(;
