Could someone tell me what is the Fastest and most Invisible way to access strings in code. ( invisible meaning, making it hard to be easily hacked )...but speed is more important to me for now...
The Raw Data String

The Macro String

In the Same Line of the code
mov eax, "String"

I saw Hutch post about Tables also. I figure its is use to call your own letters direcly from the code to build a string. Could someone comment on this...

Building Your own pointer for String Access....Don't know what i am saying here but i skim through a post only catching the word pointer.
Posted on 2002-02-25 23:29:43 by cmax
It depends. :)

...what are you doing?
Are you talking about literal strings in general?
Then in the code is fastest:
mov DWORD PTR [mem1], "sihT"

mov DWORD PTR [mem1 + 4], " si "
mov DWORD PTR [mem1 + 8], "tsaf"
Posted on 2002-02-25 23:48:13 by bitRAKE

There is no really easy way to hide string data. You can construct it dynamically in code but its a bit slow and messy, otherwise, you can pass it through an encryption algo when you first write it and decrypt it at runtime on demand. You can write text data in both the .DATA and .CODE sections but remember that when its in the .CODE section, its read only.

That should stop simple hacks using a HEX editor but a SICE jockey will get the string as it is decrypted if they bother.

Good luck
Posted on 2002-02-25 23:58:20 by hutch--
if literal strings meaning

MyString db "Hello bitRAKE",0


If Yes and if this is where the speed is thats the way i am going to start doing it...This the kind of stuff i don't really know about but i am ready to get into it now...I got spoil with masm32 easy living style. It never told me i got to get off my ass and get down to the gut of things with it....But here i go...

Thank a Lot bitRAKE
Posted on 2002-02-26 00:06:26 by cmax
A simple xor scheme run over your string in the .data section (could
probably be done with a macro?) will keep wannabes from messing
with your executable... as for the people who know stuff and care,
there's nothing you can really do. So keep it simple :). You'll probably
want to decrypt strings temporarily to temporary buffers just when
needed, this usually isn't too hard to implement and is better than
decrypting everything at loadtime. Also, if you need to compare strings,
encrypt the plaintext string and do the compare, instead of decrypting
the ciphertext.

It all depends on what you want to do I guess, hope there was
some usable idea in the above block of gibberish. I ought to get
some sleep ;).
Posted on 2002-02-26 00:10:36 by f0dder