Version 1 of Molebox encrypted Windows exe

Updated 2008-04-14 17:59:02 by LauriOjansivu

Molebox is commercial application [L1 ] that compresses and encrypts exe and other included files.

Disclaimer: I do not work for Molebox, I do not get money from this, and I live in another country. Use demo version to decide if it meets your needs. tbcload also works on other os, Molebox is Windows only. I'm just one customer of Molebox. I have not contacted Molebox about writing this wikipage here, and I've figured all of this on my own (except when mentioned what info I got from #tcl irc channel). If some info here is wrong, please correct it or add comment. Thanks!

What this protects

You can't unwrap Starpack exe to get source code.

What this doesn't protect

If someone is knowledgeable programmer and figures this out:

  • Well, this looks native (uses ttk/tile widgets in tcl/tk 8.5), wonder what's it made with.
  • Hmm, exe contents with XVI32 hex editor [L2 ] doesn't say anything about tcl, because we have changed version text with resource hacker and made custom icon
  • Let's attach memory debugger read whats passed to Tcl_Eval. Not all code is buffered in memory when being evalled - only procs. (This info I got from #tcl irc channel, haven't tried it). So not to place critical code in procs.
  • If there's encryption and care used with passwords or critical code is in .dll inside starpack and loaded into memory only for a little time and wiped after it, that would make it harder.
  • If Tk send is sometime implemented and enabled in Windows Tcl/tk [L3 ] you could attach to it with Tkinspect and see tcl source, but I didn't get it working on Windows with my encrypted exe. On Linux (I use Ubuntu 8.04 beta) Tkinspect worked and showed source code, but you could disable send with command "rename send {}" [L4 ] (I got info about send from #tcl irc channel)

Then it's also possible to additionally protect source with tcbload that's available on windows and also other platforms. Molebox is Windows only.

Requirements

Download these:

  • Tclkit - I used 8.5 GUI Windows version [L5 ]
  • sdx.kit [L6 ]
  • Resource Hacker [L7 ]
  • UPX Win32 Console version [L8 ]
  • XVI32 hex editor [L9 ]

Buy Molebox:

  • You can try for 15 days with demo version [L10 ]
  • Or buy it, I already had Molebox Pro individual license that I bought some years ago for another purpose.

I used Molebox Pro version 2.2981.

Making custom icon

There is already someone else's page Custom Icons For Win32 Starpacks - The Real Story but here's how I did it.

I got .png image and made different sized icons with Gimp and made .ico with png2ico [L11 ].

Then I placed it in app.vfs/tclkit.ico (I called my application as app).

Making custom tclkit info

Copy tclkit-win32.upx.exe to other name like mytclkit.exe that's for your own modified tclkit version.

In Windows Explorer file manager if you right click mytclkit.exe and select properties, you see tcl info that we'll modify here.

Put mytclkit.exe and upx.exe in same directory like C:\myappdir .

In command prompt:

 cd C:\myappdir
 upx.exe -d mytclkit.exe          (unpacks upx packed tclkit using the same name)

Then start Resource Hacker and open mytclkit.exe

In tree menu select followin, numbers may be different:

  • Version Info/1/1035 - change texts and version numbers. If you want to change language (in Finnish it's VALUE "Translation", 0x040B 0x04B0) open notepad.exe with resource hacker and look for language number there
  • 24/1/1033 has xml textfile that shows plaintext in encrypted exe and says something about tcl, so change content there too

Save mytclkit.exe and exit Resource Hacker.

Then in command prompt:

 upx mytclkit.exe       (makes it again upx packed executeable).

Now when you look file properties you see changed info.

Making starpack

So you should have your application specific tcl files in directory C:\myappdir\app.vfs\

In command prompt:

 cd C:\myappdir
 tclkit-win32.upx.exe sdx.kit wrap app.exe -runtime mytclkit.exe

Now you have single app.exe, but it's not encrypted yet.

Making Molebox encrypted exe

Start Molebox.

As executeable, click Browse and select app.exe.

Then you need to add it second time by clicking Add file and selecting app.exe.

(Yes, this all is needed, packing first with upx and twice with Molebox and everything to make it work.)

If you need other files that are not inside starpack you can add them too.

Then click Pack To Box.

Now you got app.exe.exe that is encrypted with Molebox. You can test it this way:

  • Move it to another directory and rename to app.exe and doubleclick it to see if it works.
  • Open it with XVI32 hex editor [L12 ] and search for Tcl, shouldn't find any.
  • In command prompt and another directory type: "tclkit-win32.upx.exe sdx.kit unwrap app.exe" - can't unwrap.
  • In command prompt and another directory type: "upx -d app.exe" - should say it's not packed with upx, can't unpack.

You could also see Protecting a TCL program against piracy

[ Category Package

(Source Protection) ]