Static strings in a binary can make the life easier for reverse engineers, be those reverse engineers looking at malware samples, or researchers looking at your binary to understand how it works, for better or worse depending on their intentions. String obfuscation is a common approach used to increase the complexity of reverse engineering efforts and while it is a “security through obscurity” approach, anything that increases the barrier to entry is not a bad start, like for example, not disclosing server versions running on a public facing server. This isn’t a valid way to handle secrets per se, but it does increase the efforts of reverse engineering as strings are often used as landmarks to cross-reference and more easily track down the code that is related to that string.

While string obfuscation isn’t a new concept, the Rust programming language makes it very easy to implement via a crate called litcrypt. This crate is short for literal encryption and makes use of XOR to obfuscate data. While this can be done in most languages such as C, C++, or assembly, Rust makes it really simple with litcrypt where the entire thing is simply a crate and macro. Today, we will create a simple project in Rust with some strings and build it without litcrypt and examine the resulting binary. Then we will implement litcrypt into the project, after which we will examine the resulting binary.