yardanico / nim-strenc Goto Github PK

82.0 4.0 13.0 5 KB

A tiny library to automatically encrypt string literals in Nim code

License: MIT License

Nim 100.00%

nim-strenc's Introduction

This repo is abandoned and archived, no further support is expected

I really made this library as a quick test of Nim's term-rewriting macros. Nim's term-rewriting macros are powerful, but they have their limitations, and there are also some compiler bugs that simply cannot be worked-around in this library (most open issues at the time of writing hit that). Moreover, I've noticed that people who write offensive infosec tools started using strenc. I'm pretty sure that some people who used this library for straight up malware. If you wish to try to continue its development further - feel free to fork, but that'll probably require fixing the relevant TRM parts of the Nim compiler.

nim-strenc

This is a Nim library for automatic encryption (currently via XOR with a different key for each string generated at compile-time) of string literals. You can install it from Nimble via

nimble install strenc

and then just use it like so:

import strenc
# After importing the module you don't have to do anything else to activate encryption
echo "hello world"
echo "how are you?"

In the compiled C code strings will look like this:

STRING_LITERAL(TM__huvhZYSc4ExMXNTyiw83eQ_2, "!+# \"r$\?#:3", 11);
STRING_LITERAL(TM__huvhZYSc4ExMXNTyiw83eQ_3, "qul<|lz0h}f+", 12);

If you wish to disable all hints for places where the encryption was applied, add hint("Pattern", false) to your .nims config file, or, if you use .cfg, --hint[Pattern]:off

Please do not forget to strip your binaries if you want this library to be useful! Otherwise it'll be much easier to find the code which does string decryption.

How does it work?

This library uses one of the lesser known Nim features - term-rewriting macros. They allow to implicitly rewrite code at compile-time by using different kinds of patterns. You can read more in the manual here.

Why?

Because it's fun and this library can actually help you to protect string data in the application from not-so-experienced "haxxors".

Do not forget that a person with enough programming and/or reverse-engineering knowledge will still be able to get the original content of all encrypted strings!

nim-strenc's People

Contributors

Stargazers

Watchers

Forkers

viencokhi arkanoid87 yougar0 aidden-laoch foxoman ongyuann chutuananh2k daddycocoaman eaagteam pawpatrolryder zenmu7 justhx0r akoibonhunter

nim-strenc's Issues

Error: unhandled exception: value out of range: 280120 notin -32768 .. 32767 [RangeDefect]

I'm running into an issue where I get the above error when trying to use strenc on a file that includes a staticRead. It appears to be trying to encrypt the file contents, which provides the RangeDefect error.

Tested on Nim version 1.4.8

All of the strings leading up to the staticRead appear to encrypt fine.

d:\coding\nim-1.4.8\bin\nim.exe c buffertest.nim
Hint: used config file 'd:\coding\nim-1.4.8\config\nim.cfg' [Conf]
Hint: used config file 'd:\coding\nim-1.4.8\config\config.nims' [Conf]
......................

Error: unhandled exception: value out of range: 280120 notin -32768 .. 32767 [RangeDefect]

Code tested:

import os, strenc
var
tempDir: string = getEnv("TEMP")
tempFile: string = getEnv("TEMP") & "\\tempbuffer.txt"
tempCfg: string = getEnv("TEMP") & "\\tempconfig.json"
tempExe: string = getEnv("TEMP") & "\\tempbinary.exe"
const testFile = staticRead(r".\testfile.dll")

testfile.dll was a random junk file ~240kb in size.

I don't intend to encrypt/obfuscate the file being stored with staticRead - perhaps instead of this being a bug report, it could be a feature request for an indicator that can be used to tell strenc to bypass certain variables?

Does not seem to be working for every string

Hello, i'm testing your library and i'm having some issues. It does not seem to be working for every strings. If i check the resulting C files :

Without it :

STRING_LITERAL(TM__V45tF8B8NBcxFcjfe7lhBw_5, "ntdll.dll", 9);
STRING_LITERAL(TM__V45tF8B8NBcxFcjfe7lhBw_6, ".data", 5);
STRING_LITERAL(TM__V45tF8B8NBcxFcjfe7lhBw_37, "Decrypting...", 13);

With it :

STRING_LITERAL(TM__V45tF8B8NBcxFcjfe7lhBw_4, "ntdll.dll", 9);
STRING_LITERAL(TM__V45tF8B8NBcxFcjfe7lhBw_5, ".data", 5);
STRING_LITERAL(TM__V45tF8B8NBcxFcjfe7lhBw_33, "Npweoadz|z210", 13);

As you can see, only the last one got encrypted.

Would you have an idea ? They're all in the following form :
echo TEXT

system.nim(2331, 11) Error: Invalid node kind nnkArglist for macros.`$`

Was trying to compile my code with you're module using nimble. However, instead of compiling, this error occured. Firgured that I'd report the error.

system.nim(2331, 11) Error: Invalid node kind nnkArglist for macros.$

Encrypting system strings

Not sure if this is a problem at all but I noticed that my compiler hints were telling me that many system imports were being obfuscated as well as my personal strings.

command: nim c -r src/main.nim

Output:

/usr/local/Cellar/nim/1.4.2/nim/lib/system/assertions.nim(55, 24) Hint: encrypt("len(a) == L") --> 'gkkaekgaEE(estring("����毥����"), 221774508)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system/assertions.nim(35, 30) Hint: encrypt("܆��ܟ����ܰ�����ܝ�����������ޜ��ќ�����ޜ�������������") --> 'gkkaekgaEE(estring("{ %%w558=1q\x1C%-.\"6j(.%f{exc|`^X_\x1CX\\T\x18K@IOYP\x11VTDPBPJTT\x06GCF"),
           2066494660)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system/assertions.nim(14, 12) Hint: encrypt("܆��ܟ����ܰ�����ܝ�����������ޜ��ќ�����ޜ�������������(204, 11)") --> 'gkkaekgaEE(estring("����ᣣ���犣����쮨����������ٚ��Ҟ�����Ƈ���������𱵰AZ[^IDVWH"),
           714543244)' [Pattern]
ˑ��ˈ����˧�����ˊ���������
K       K
J
        (204, 11) Hint: encrypt("{ %%w558=1q\x1C%-.\"6j(.%f{exc|`^X_\x1CX\\T\x18K@IOYP\x11VTDPBPJTT\x06GCF") --> 'gkkaekgaEE(estring("ˑ��ˈ����˧�����ˊ���������\n\c\tK\b\c\x06K\x17\x1D\x17\x10\x01\tK\c\x10\x01\x16\x05\x10\v\x16\x17J\n\c\t"),
           399445092)' [Pattern]
ˑ��ˈ����˧�����ˊ���������
K       K
J
        (204, 11) Hint: encrypt("܆��ܟ����ܰ�����ܝ�����������ޜ��ќ�����ޜ�������������(204, 11) `len(a) == L` the length of the seq changed while iterating over it") --> 'gkkaekgaEE(estring("���������Ņ�����Ҏ��1roqlwhtz|{8|xp<\x7Ft}{md%bp`tftnpp\x12SWR���������������������������������ɇ�Ƒ����ޞ������ւ����Ц��������檲��ᩫ"),
           1592820076)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system.nim(2843, 11) Hint: encrypt("\"") --> 'gkkaekgaEE(estring("`"), 1620819204)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system.nim(2851, 11) Hint: encrypt("\"") --> 'gkkaekgaEE(estring("�"), 422219084)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system/dollars.nim(170, 25) Hint: encrypt("@[") --> 'gkkaekgaEE(estring("\x1F\x05"), 1778151076)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system/dollars.nim(170, 31) Hint: encrypt(", ") --> 'gkkaekgaEE(estring("2?"), 2086808620)' [Pattern]
/usr/local/Cellar/nim/1.4.2/nim/lib/system/dollars.nim(170, 37) Hint: encrypt("]") --> 'gkkaekgaEE(estring("a"), 2055964996)' [Pattern]

I would like to note that the binary compiled successfully just not sure if this was intended.

Nim version 1.4.2
Macosx Catalina

Tested on a string, string set, and const definitions.

Imported strenc at top of file with no other imports.

Error: recursive dependency: 'encrypt'

After updating to Nim 1.6.0, strenc stopped importing and now gives an error for a recursive dependency.

nim c -r importtest.nim
Hint: used config file 'C:\Users\xxxx\.choosenim\toolchains\nim-1.6.0\config\nim.cfg' [Conf]
Hint: used config file 'C:\Users\xxxx\.choosenim\toolchains\nim-1.6.0\config\config.nims' [Conf]
.............................................................
Error: recursive dependency: 'encrypt'

I've tried uninstalling and reinstalling the package and Nim itself, neither seems to fix it.

ETA: I just checked and strenc works fine with Nim 1.4.8 on my system.

Error: Invalid node kind nnkArgList for macros.`$`

Hey @Yardanico , I am using your nim-strenc for a project I am working on and ran in to a bit of an issue. I'll try an be as detailed as I can but the error is outlined here:

The code that I am running is just some simple C code within Nim using the {.emit.} pragma. This snippet of code works fine on it's own and does what it needs in a smaller test.nim file. But when I try and compile it into the larger project where I am importing strenc it fails to compile.

...
{.emit: """
#include <windows.h>

int setWallpaper() 
{
    const wchar_t *path = L"C:\\TEMP\\wallpaper.jpg";
    SystemParametersInfoW(SPI_SETDESKWALLPAPER, 0, (void*)path, SPIF_UPDATEINIFILE);
    return 0;
}
""".}

proc setWallpaper(): int {.importc: "setWallpaper", nodecl.} =
  var result = setWallpaper()
...

I believe it is failing to compile due to the following code within strenc.nim:

# Use a term-rewriting macro to change all string literals
macro encrypt*{s}(s: string{lit}): untyped =
  var encodedStr = gkkaekgaEE(estring($s), encodedCounter)

  template genStuff(str, counter: untyped): untyped = 
    {.noRewrite.}:
      gkkaekgaEE(estring(`str`), `counter`)
  
  result = getAst(genStuff(encodedStr, encodedCounter))
  encodedCounter = (encodedCounter *% 16777619) and 0x7FFFFFFF

It seems like it is trying to also encrypt the following string within the C code. Is it possible to not have it encrypt anything within a pragma or something? Or whatever makes the most sense to do in this case?

const wchar_t *path = L"C:\\TEMP\\wallpaper.jpg";

Does not work with httpClient

Hi,
thank you for this amazing project. Im just facing one problem with "httpclient".

import strenc
import httpClient

var client = newHttpClient(timeout = 42)
echo client.getContent("http://google.com")

gives

cannot open 'C:\Users\xxx\nimcache\test_d\@m����;{a
�
�~�� 8!@h .nim.c'

Do you have an idea why?

Type mismatch: got <string> but expected static[string]

A simple example that doesn't compile with an error:

import times
import strenc
let r_time = now().utc.format("yyyy-MM-dd'T'HH:mm:ss'.'ffffff'+00:00'")
echo r_time

Build log:

strenc_test.nim(3, 31) Hint: encrypt("yyyy-MM-dd\'T\'HH:mm:ss\'.\'ffffff\'+00:00\'") --> 'gkkaekgaEE(estring(")(+*y\x18\ez,-m\x1Fk\x05\x06u-,x07bh`^_\\]Z[\x19\x14\x00\x01\b\x03\x04\x12"),
           694030120)' [Pattern]
strenc_test.nim(3, 31) Hint: encrypt("yyyy-MM-dd\'T\'HH:mm:ss\'.\'ffffff\'+00:00\'") --> 'gkkaekgaEE(estring("\f\c\x0E\x0F\\=>_��ݩ�ķ���������������������"),
           1192352760)' [Pattern]
strenc_test.nim(3, 31) Error: type mismatch: got <string> but expected 'static[string]("yyyy-MM-dd\'T\'HH:mm:ss\'.\'ffffff\'+00:00\'")'

Nim compiler version: 1.4.2

Passing a string to proc makes it not encrypted

const str = "hello"

proc say(str: string) =
  echo str

say(str)

const str = "hello" is not encrypted

but if I change proc say(str: string) to proc say(str: static string) it works

It may be intended but it is hard to use because I have to wrap some(can be a lot) proc to use static param

Edit:

actually just doing var varStr = str makes str not encrypted.