反向工程内容的二进制文件? [英] Reverse Engineer contents of a Binary File?
问题描述
我为我的应用程序的注册用户创建了一个二进制文件。
用户已经知道什么信息存储在文件中,因为他在注册时向我提供了该信息。
每次启动应用程序时,都会读取注册文件,并与从硬件获取的信息进行比较。
所以我关心的是超级用户是否能够理解信息存储在文件中的逻辑。
I am creating a binary file for registered users of my application. The user already knows what information is stored in the file because he is providing me with that information while registering. Every time my application is launched the registration file is read and compared with the information obtained from hardware. So I am concerned whether "power users" would be able to understand the logic in which the information is stored in the file.
它可能逆向工程的二进制文件的内容?
如果是,那么什么是更好的方法来检查注册的应用程序?
Long story short, is it possible to reverse engineer the contents of a binary file? If yes, then what would be a better approach to check for registered applications?
推荐答案
任何有逆向工程经验的人。 回到我的一天(90年代)二进制是一般的默认选择。
Binary will be no hindrance to anyone with experience in reverse engineering. "Back in my day" (the 90's) binary was the default choice in general.
黑客将能够打败你的注册过程,而不是伪造注册文件,但通过更改检查它的指令。 (指令也是二进制的,附带的。)加密是没有用的,因为一切都在一个机器上,黑客可以在程序内部使用调试器读取RAM中的明文。不是他们可能会关心,因为他们会改为设置标志以显示错误并退出的业务逻辑。
Hackers are going to be able to defeat your registration process, not by faking the registration file but by altering the instructions that check for it. (Instructions are also binary, incidentally.) Encryption is no use because everything is on one machine and the hacker can read the cleartext in RAM with a debugger inside the program. Not that they probably care, because they'll instead be going after the "business logic" that sets a flag to display an error and quit.
将注册绑定到特定计算机
Tying registration to specific machines will also frustrate legitimate users when they upgrade or switch computers.
这个在线时代的一个好方法是让机器回家,但这有点突兀。
A good approach in this online age is to have machines phone home, but it's a bit obtrusive.
刚刚离开我的头,你可以根据注册哈希码和实时时钟以不规则的时间间隔访问服务器(一定要正确处理时区)。因为它不是在应用程序启动,黑客将很难找到它。如果两个不同的IP地址大约同时用相同的哈希码电话回家,指示他们全部删除注册文件并提示用户重新注册。
Just off the top of my head, you could access a server at irregular intervals based on a registration hash code and a real-time clock (be sure to handle time zones properly). Since it's not done at app launch, hackers will have a hard time finding it. If two different IP addresses phone home with the same hash code at about the same time, instruct them all to delete the registration files and prompt the user to re-register.
这篇关于反向工程内容的二进制文件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
