Closed JacksonDon closed 3 years ago
duplicate #29
simply adding more code that uses stack space would fix it. (or you could re-encrypt/clear it manually)
duplicate #29
simply adding more code that uses stack space would fix it. (or you could re-encrypt/clear it manually)
I tried to clear it and iam still able to see the strings in memory.
Look... Here is the compiler output from clang, GCC, MSVC with both debug and release builds. https://godbolt.org/z/zqqf3e
The encrypted string parts and keys are loaded onto stack and decrypted there - there is nothing stored in .data, .rdata or any other section besides the code itself in .text.
What you are seeing could simply be std::puts
copying the string over into another buffer.
As noted previously neither my library, nor other string encryption libraries are anything more than a static analysis deterrent. The second you attach a debugger and run into one of these you will figure out what the string is.
ill have little problem, im usin' the xor.
Example
std::puts(xorstr_("an extra long hello_world"));
But when i do memory dump, im able to see these strings (unxored) Same if I use process hacker, I can see the strings in memory.
Some help?