parasoul
15th February 2011 19:13 UTC

Preventing decompilation of your installer
I noticed commented in 'fileform.h' it reads:

// if you want people to not be able to decompile your installers as easily,
// reorder the lines following EW_INVALID_OPCODE randomly.

So I changed :

EW_INVALID_OPCODE,
  EW_RET,               
  EW_NOP,               // Nop/Jump, do nothing: 1, [?new address+1:advance one]
  EW_ABORT,             // Abort: 1 [status]
  EW_QUIT,              // Quit: 0
  EW_CALL,              // Call: 1 [new address+1]
  EW_UPDATETEXT,        // Update status text: 2 [update str, ui_st_updateflag=?ui_st_updateflag:this]
  EW_SLEEP,             // Sleep: 1 [sleep time in milliseconds]
  EW_BRINGTOFRONT,      // BringToFront: 0
  EW_CHDETAILSVIEW,     // SetDetailsView: 2[listaction,buttonaction]
  EW_SETFILEATTRIBUTES, // SetFileAttributes: 2 [filename, attributes]
  EW_CREATEDIR,         // Create directory: 2, [path, ?update$INSTDIR]
  EW_IFFILEEXISTS,      // IfFileExists: 3, [file name, jump amount if exists, jump amount if not exists]
  EW_SETFLAG,           // Sets a flag: 2 [id, data]
  EW_IFFLAG,            // If a flag: 4 [on, off, id, new value mask]
  EW_GETFLAG,           // Gets a flag: 2 [output, id]

to:

EW_INVALID_OPCODE,    // zero is invalid. useful for catching errors. (otherwise an all zeroes instruction
  EW_QUIT,              // Quit: 0
  EW_IFFILEEXISTS,      // IfFileExists: 3, [file name, jump amount if exists, jump amount if not exists]
  EW_CALL,              // Call: 1 [new address+1]
  EW_UPDATETEXT,        // Update status text: 2 [update str, ui_st_updateflag=?ui_st_updateflag:this]
  EW_SLEEP,             // Sleep: 1 [sleep time in milliseconds]
  EW_NOP,               // Nop/Jump, do nothing: 1, [?new address+1:advance one]
  EW_GETFLAG,           // Gets a flag: 2 [output, id]
  EW_BRINGTOFRONT,      // BringToFront: 0
  EW_IFFLAG,            // If a flag: 4 [on, off, id, new value mask] 
  EW_RET,               // return from function call
  EW_SETFILEATTRIBUTES, // SetFileAttributes: 2 [filename, attributes]
  EW_SETFLAG,           // Sets a flag: 2 [id, data]
  EW_CREATEDIR,         // Create directory: 2, [path, ?update$INSTDIR]
  EW_ABORT,             // Abort: 1 [status]
  EW_CHDETAILSVIEW,     // SetDetailsView: 2[listaction,buttonaction]

I recompiled with these changes, made an arbitrary installer and still was able to decompile/decompress with 7zip.

I PM'd kichik and he said if you change the value of EW_FILE then it shouldn't be able to decompile it. but I'm not even sure where the value is defined.

Does anyone have any input on how to make the necessary changes to the source to prevent decompilation of your installer?

Thanks!

Afrow UK
15th February 2011 20:51 UTC

He means EW_EXTRACTFILE.

Stu

parasoul
15th February 2011 22:14 UTC

Ah, I see.

Do you know where a value is assigned to EW_EXTRACTFILE?

EW_EXTRACTFILE only shows up 3 times in the entire source:

fileform.h:

#ifdef NSIS_SUPPORT_FILE
EW_EXTRACTFILE, // File to extract: 6 [overwriteflag, output filename, compressed filedata, filedatetimelow, filedatetimehigh, allow ignore]
// overwriteflag: 0x1 = no. 0x0=force, 0x2=try, 0x3=if date is newer
#endif

scripts.cpp (twice):

ent.which=EW_EXTRACTFILE;

I don't ever see values being assigned to EW_EXTRACTFILE, but then again I'm no c++ expert.

Any help would be great, thanks.

Afrow UK
16th February 2011 11:44 UTC

The order that it appears in the enumeration defines the value. Therefore moving it around will give it a different value.

Stu