Delphi: Prevent method names from appearing in executables

14
votes

I am writing a class to handle security in my executable (checking serials, trial date check etc). After I compile the executable (even in Release build, with all debug and RTTI generation turned off), when I open it in NotePad and search the method name in the raw data, I can see all the names of the methods that assemble my class. There are no published members in any class in the code base.

This is bad for protection. Is there any way to tell Delphi not to store method names in the executable ? Why is it storing them at all if there is no RTTI needed and no COM explosion? Is there any compiler option controlling this?

It may be that ANY method of ANY class in the target executable is stored inside the executable in text form. Apparently this is caused by the extended RTTI being turned on by default for all classes in Delphi 2010.

4
delphimethodsdelphi-2010rtti
@FractalizeR - don't take this the wrong way but if you are basing (part of) your security on obfuscation, you are taking the wrong approach. I know little to nothing about security but enough to know you shouldn't try to device your own 'unbreakable' scheme. I'd suggest you'd search for a commercial or open source solution to handle the security aspect of your application. - Lieven Keersmaekers
If you want to see what symbols (eg procedure and functions names) remain in your exe, a good test would be to load the exe in Ida (The Interactive Disassembler): hex-rays.com/idapro evaluation and freeware versions are available. - Remko
@Lieven I am planning to use Themida protector over my exe, but even in this case one needs to eliminate all excessive information from exe to strengthen protection. - Vladislav Rastrusny

4 Answers

15
votes

If you are asking about the extended RTTI in Delphi 2010, it can be switched off by

{$RTTI EXPLICIT METHODS([]) PROPERTIES([]) FIELDS([])}

see also docwiki.

6
votes

Also strip relocations, take up the following in the project's dpr file:

{$IFDEF RELEASE}
  // Leave out Relocation Table in Release version
  {$SetPEFlags IMAGE_FILE_RELOCS_STRIPPED}
{$ENDIF RELEASE}
6
votes

... and don't forget to turn off "td 32 debug info" (in older versions) or debug info in the linker tab in later ones.

-1
votes

What you probably will see is your form definition as a resource (eg the binary represetation of the DFM files of your project).

If you don't want to show these (for the serial info screen etc) you shouldcreate these forms "in code". Eg create a TForm, place a TButton and TEdit onto it, attach the event handlers in code.

To do this in a handly way: start with a form and create the DFM. When vieing the form, choose View as text from the context menu and you will know what things you should copy into code. And make sure NOT to place any varaiablerefernces under de published (always put public/protected/private as the first line within your class definition.