Finding hidden strings like a pro
Every single program uses string to store file paths, labels, prompt text. But not everyone knows that plain text strings can be easily obtained with a debugger. Some programs even store passwords or any other important information in plain text strings. In this blog post I will go over the most popular ways of hiding/encrypting strings in programs. Passwords should newer be stored as plain text (but we will do it anyways for demonstration purposes)! Better thing to do is to store a hash of the password and compare hashes. First, let's demonstrate with an example what I mean by storing plain text strings: Now, let's look at this program with the debugger. By searching for all referenced strings in the program we can easily discover what the password is, no need for advanced techniques: Now, let's look at something more interesting. In this case we have an alphabet (char array), where we have defined our char set. When it comes to checking the string - we co...