Hide an exadecimal number within an executable file

[Nicola Taibi]

Hi,
In a visual basic .net 2003 application I use an hexadecimal number to
encrypt a file as a symmetric key.
Is it possible to detect, within the executable, the number above to
consequently decrypt the same file?
How secure is to hide an hexadecimal number to be used as password or key
inside an executable file?
String are easy to find.

Any help is appreciated,
Nicola Taibi
(e-mail address removed)
www.geocities.com/whisky1767

 

[Herfried K. Wagner [MVP]]

In a visual basic .net 2003 application I use an hexadecimal number to
encrypt a file as a symmetric key.
Is it possible to detect, within the executable, the number above to
consequently decrypt the same file?

Yes, using ILDASM or Reflector, for example. You may let the user enter the
key or store it on a smartcard.

 

[rowe_newsgroups]

Couldn't you program the encryption routine in vb6 (or another language
that couldn't be easily disassembled) and call that from the .Net
program? Also would the Dotfuscator tool help here?

I haven't tried either approach so I'm not sure if they will work or
not - hopefully one of the gurus will shed some light...

Thanks,

Seth Rowe