I am working in a protection schema for a software created with Delphi 7, and wondering if I need to worry about names used in functions/procedures, variables, etc. Can a "hacker" get access to these names inside a compiled exe VCL application created with Delphi without any third-party protection (ie. obfuscation)?
Can a hacker get access to the name of variables, methods, units, etc. inside a compiled exe Delphi VCL application?
639 views Asked by Guybrush At
2
There are 2 answers
0
AmigoJack
On
As with virtually every EXE you can see which functions are imported (i.e. CreateWindowA(), SendMessageA() and such) from which libraries (i.e. SHELL32.DLL and such). Just drag your EXE into a text editor and search for .dll - around that you can see readible text.
Linking thru function names can be avoided by linking thru function indices; one approach malware does (to not let scanners recognize "bad" function names) is to enumerate all exported function names of a library, hash each name and then compare that hash with previously hashed text.
Related Questions in DELPHI
- How can I read the header of request to webserver
- Receiving Notifications for Individual Task Completion OmniThreadLibrary Parallel.ForEach
- Delphi - How to get result of function from QuickReport without viewing a report?
- Out of memory while adding documents to a Firebird BLOB field with Delphi
- How to MakeScreenshot fullpage on Delphi
- How to program a COM object with an IEnumerator, IEnumerable interface inside
- How to Dynamically Add Controls to Delphi Form
- How to write a string in Stringrid with DelimitedText in FMX Delphi 11
- TGrid/TStringGrid multi cell selection / multi editing in delphi firemonkey (12)
- How to localize "Today" in the Delphi TMonthCalendar?
- How can I call a SOAP webserver method in Vue.js?
- Efficiently Handling Large Number of API Calls with Delphi 10.4 and OmniThreadLibrary
- Delphi can not compile the unit create by its "XML Data Binding Wizard"
- Save Form Properties in File and then restore those Properties after reopening
- Is it possible to open a blob without saving it to file
Related Questions in REVERSE-ENGINEERING
- How to find a sequence of bytes on the target program from my injected dll?
- Reversing and vtable swapping in dxgi.dll
- How to know Vector3 Position in Unity Mono Game
- Extracting an archive created via Java RandomAccessFile with PHP
- How can I verbosely track the whole process of calling a function?
- How can I patch a function call to a Windows DLL (e.g. kernel32 LoadLibrary)? Is this even possible?
- Grab SSL pinning certificate using Frida on iOS
- Kaitai Struct: error accessing elements in _parent
- How to restore damaged (mp3?) file
- CGSRegionRef: How is an arbitrary region represented as union of rects?
- can a convolutional neural network be reverse engineered?
- Decode suspected timestamps
- Extract Note Text Format (Bold/Italic/Strikethrough) from iOS OTG Backup
- Reverse engineer LCD Protocol used in MPC2000XL
- Opening a serial port using a prebuilt .so library
Related Questions in DECOMPILING
- Decompiling PyInstaller linux binary
- Type information system recovery
- Trouble reversing a .pyc file back to its source code
- Can anyone help me avoid being detected when using mock locations on an app, I have decompiled and pasted a code from it,s smali file
- IDA Free and _time64 decompilation?
- Uplifting asm to IL in a generic way
- Avoid exposing DB credentials when decompiling .exe
- Apktool Error Caused by: org.jf.util.ExceptionWithContext: Error while writing instruction at code offset 0x2
- i have installed pydumpck but get "'pydumpck' is not recognized as an internal or external command, operable program or batch file."
- Disassembling bytecode into opcodes across different EVM versions
- Garbled characters encountered when decompiling Lua
- Decompilation creating basic blocks
- Is there a way to see decompiled C# system libraries in VS Code?
- Decompiling ARM64 and understanding branch targets bounderies
- Decompile android APK with Apktool for analysis?
Related Questions in SOFTWARE-PROTECTION
- Any secure USB dongle/token with internal AES and RSA, with simple API?
- What are protect dll functions with key solutions?
- How to encrypt a dll?
- Calculate call instruction offset during dynamic decryption
- Can a hacker get access to the name of variables, methods, units, etc. inside a compiled exe Delphi VCL application?
- Protect TTF Font files by making them unopenable, but still work on as webfonts
- How to convert a pen drive to a dongle?
- Basic tampering protection
- How to deactive my dll files using c#
- How to protect a C++ dynamic library from being used without permission?
- Agile.net .NET Obfuscator - types marked as [Serializable] are not obfuscated
- Software Protection Provider Service Re-enabled Automatic Updates
- Encrypt JAVA SpringFramework WebApplication
- Software Security Protection with Hardware Dongle
- Software protection suggestions
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Popular Tags
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Delphi compiles its source code into raw binary - in constract e.g. to Java or C#/.Net which compiles into some intermediate language, which could be easily un-compiled, and often require obfuscation. Decompilation tools for Delphi are very rough and ineffective - even the most sophisticated ones.
By default, there is no debug information added to the Delphi executable. And Delphi 7 has a limited set of RTTI - it has been enhanced a lot in Delphi 2010. Human readable RTTI information is only about enumerates text,
publishedproperties of classes,interfaceinheriting fromIInvokable. So very little information.So there is almost no way to retrieve the variable names and function names, from a typical Delphi 7 executable. Unless you join the
.mapfile to the executable (only function names and global variables, not local variables).Note that this is about the source code - as you asked. For a GUI/VCL application, .dfm content (i.e. the TForm layout) are serialized into the executable, and could be recovered.