Reverse engineering LUA code

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • commhorizons
    Indigo Rose Customer
    • Jul 2004
    • 125
    #1

    Reverse engineering LUA code

    I have a password embedded in the OnStartup section of my project (SUF9). The password is used later on in the project with the built-in Blowfish encryption. The project is built into Setup.exe.

    I know I should not consider this a secure environment, but I was wondering how easy or difficult it actually is for someone to decompile my Setup.exe and get the password? Are the EXEs compressed or encrypted as well?

    Thanks.
    Tags: build, crypto, executable, setup factory, suf9
  • Ulrich
    Indigo Rose Staff Member
    • Apr 2005
    • 5130
    #2
    Unless you use compiled script, as Lua is an interpreted language, that script needs to become available in readable format in RAM at some moment. In such moments, one could inspect the memory and find your script. If your password is already encrypted and isn't available in source code in plain text, it won't be readable when the RAM is inspected, however this may be not enough for somebody commited to breaking into your code - with access to your code, he could reverse the encryption.

    The safest approach would be not having a password in the code in the first place. Why do you need a password, without getting too much detail, can you explain what you do?

    Ulrich

    Comment

    Previous template Next
    Working...
    X