4 comments on “rcrypt 1.5 release and website

    • You can see this release by using the web frontend linked in the post. Just create an account and crypt binaries using the interface provided.

      I don’t plan on releasing rcrypt source.

  1. hey rage so use rcrypt 1.5 and it doesn’t encrypt some of english string cuz i can search them via HxD is that normal ( sorry don’t know other way to contact you so i use this)

    • Assuming there was no error and the resulting file is indeed packed there are a few scenarios that could be the cause.

      1) rcrypt doesn’t encrypt the resource section in PEs. The reason is because this section has some visual components that may be important to you to not have encrypted. That being said if you are storing strings in that section for whatever reason they will show up as they are not encrypted. If you are doing this I suggest you store your strings and other data in one of the data sections as they will be encrypted.

      I have noticed that some tools will store language translations for multi language support in the resource section. This makes sense, I guess, because this data isn’t terribly important and has no reason to be hidden. Again, if you have sensative data put it in a data section.

      2) rcrypt has always used a block cipher for encryption and i don’t bother using padding so there is a possibility that a piece of code/data will be plaintext at the very end of code/data sections. This is very unlikely to be your problem but i thought i’d mention it anyway. If your string is at the very end of your data section and this section is not a multiple of the block cipher size then the last block will be plaintext. The block size i use is 16 bytes, which means that up to 15 bytes at the very end of your sections can be plaintext.

      However because code and data are subject to file alignment on disk and thus most likely will be padded out anyway this probably isn’t your problem. If it is, just add 15 bytes of nonsense afterwards and you’ll be fine.

      Thanks for the feedback!

      Feel free to reach out via comments or drop me an email at rage at 0xrage dot com.

Leave a Reply

Your email address will not be published. Required fields are marked *