BUILDING EXE SECURITY

This forum can be browsed by the general public. Posting is limited to current SAPIEN license holders with active maintenance and does not offer a response time guarantee.
Forum rules
DO NOT POST LICENSE NUMBERS, ACTIVATION KEYS OR ANY OTHER LICENSING INFORMATION IN THIS FORUM.
Only the original author and our tech personnel can reply to a topic that is created in this forum. If you find a topic that relates to an issue you are having, please create a new topic and reference the other in your post.

Any code longer than three lines should be added as code using the 'Select Code' dropdown menu or attached as a file.
This topic is 5 years and 11 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.
User avatar
ramses147
Posts: 110
Last visit: Tue Dec 05, 2023 7:11 am
Been upvoted: 1 time

BUILDING EXE SECURITY

Post by ramses147 »

Hi, I would like to have some additional information about the encryption used to convert (build) the powershell script in exe format.
I would like to understand how to best protect my projects so that I can distribute them to my clients without the worry that they will be decompiled.
Buil 5.5.150
Powershell Studio x64
User avatar
Alexander Riedel
Posts: 8479
Last visit: Thu Mar 28, 2024 9:29 am
Answers: 19
Been upvoted: 37 times

Re: BUILDING EXE SECURITY

Post by Alexander Riedel »

The encryption is meant to keep the casual observer away. It uses AES. Due to the nature of PowerShell however the code has to exist on a target machine in clear text at the time of execution.
You can prevent logging by setting execution restrictions, but you cannot prevent anyone from looking at a system's memory with a debugger.
We can extract code from packaged executables, but we will only do so for the licensed user with the request coming from the email address registered.
Alexander Riedel
SAPIEN Technologies, Inc.
User avatar
ramses147
Posts: 110
Last visit: Tue Dec 05, 2023 7:11 am
Been upvoted: 1 time

Re: BUILDING EXE SECURITY

Post by ramses147 »

Thanks for the quick reply I wanted to ask this:
1- what kind of cryptography is there? 128 or 256 bit?
2- Can you comment on these 3 limitations? What do they prevent?
3- What does it mean that you can decompile the exe files on request?
If I make a program, I compile it in exe format, and another user who bought Powershell Studio requires you to decompile you do it? how do you understand that that file was created by me rather than any other user?
Attachments
List limitations options
List limitations options
LIMITATIONS.png (4.13 KiB) Viewed 1916 times
User avatar
Alexander Riedel
Posts: 8479
Last visit: Thu Mar 28, 2024 9:29 am
Answers: 19
Been upvoted: 37 times

Re: BUILDING EXE SECURITY

Post by Alexander Riedel »

256 bit
These three options do what they say :D The assumption is that you know about the security mechanisms of PowerShell, such as Script Block logging or transcripts. If you don't, you should definitely familiarize yourself with them.
Start here: https://blogs.msdn.microsoft.com/powers ... blue-team/
As for your last topic, yes, we can retrieve code from packaged executables. Just as with .NET, your code is not safe in the sense that you cannot assume no one will ever be able to decompile or unpack it.
We take great care to verify all available information in such a case, but we are not infallible. Best way would be to put a big copyright disclaimer at the top of your code. If we unpack that and see it, we can verify that the person receiving the code is you and nobody else.
Alexander Riedel
SAPIEN Technologies, Inc.
This topic is 5 years and 11 months old and has exceeded the time allowed for comments. Please begin a new topic or use the search feature to find a similar but newer topic.