C++

Forum

 
Detecting that a program was created using Qt?

Just Me (50)
See this program: http://sourceforge.net/p/isitqt which is for both Linux and Windows, it can identify if a program is Qt based, and also which version of Qt...
Last edited on
Codermik (835)
Helpful if I was going to reverse engineer it ;-)

Duthomhas (13170)
It's not like it is much of a secret.
Computergeek01 (5613)
Wouldn't you just dump a list of the .dll\.so files that it links to? Why would you need this?
Codermik (835)

You wouldn't really, opening up an exe in OllyDbg I can usually determine what it was compiled with by its OEP, unless its packed but that just delays the inevitable :)
Computergeek01 (5613)
I use Ollydbg for some of my debugging and I do like it. But if you're really interested in reverse engineering then check out IDA Pro. They release one of their older versions for free.
Codermik (835)
I also use IDA Pro, but mosly OllyDbg as I've created scripts and a few plugins for it in the past that come in handy.

I've reversed as long as I've programmed, used to be in a well known Amiga group (not going to mention names for obvious reasons) but kinda grew up and realised how it hurts the industry.

I still reverse, mostly for self enjoyment and to train the brain - I love the challenge of seeing how secure a serial algorithm is.

I'm a good lad now ;-)



Just Me (50)
@Duoas And you can get the version?
@Softrix Well, I think someone who can reverse engineer could do that, but this just does your work ;) I thinks it's for people just starting reverse engineering (like me)
Duthomhas (13170)
Of course. How do you think programs like that work?
Just Me (50)
@Duoas What do you mean? If you misunderstood, I meant which version of Qt was used...
modoran (2077)
@OP, did you create this program ? Because the project was posted to sourceforge the same time you posted here. There is no way that you "find this on google search".

I get a segmentation fault when I try with VLC executable (windows only).
Just Me (50)
I have followed the project closely, and if you now check, the Windows support was removed, for it was very buggy, and often didn't work, and a segmentation fault means you didn't give the program permissions to access your Program Files folder, which I think would need permission; SmartScreen sees the program as mailcious... I'm on a Linux, and it works great on my PC, I even tried it on my own executables, created using Qt... It got just the version: Qt 5.2.1... And yes, I'm the developer. Maybe you would like the source code, which is only 113 lines of code, with blank lines and indentation! It just reads in the executable, and Qt leaves random strings that the program reads and thorugh which he gets the version... Here's the code anyway, if you can provide a working version for Windows, I would be grateful :D
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
 
#include <fstream>
#include <string>
#include <iostream>
#include <cstring>

using namespace std;

string get(string file_name) 
{
    ifstream OpenFile(file_name.c_str());
    char ch;
    string file_content;
    while(!OpenFile.eof())
    {
        OpenFile.get(ch);
        file_content += ch;
    }
    OpenFile.close();
    return file_content; 
}

bool contains(string string_to_find, string parent_string)
{
	if (parent_string.find(string_to_find) != string::npos)
	{
		return true;
	}
	else
	{
		return false;
	}
}

string qt(string file_cur_dir)
{
	string version = "";
	string file = get(file_cur_dir);
	if (contains("Qt/", file))
	{
		int pos_1 = file.find("Qt/") + 3;
		char ch;
		while (ch != '/')
		{
			if (file[pos_1] == '/')
			{
				break;
			}
			ch = file[pos_1];
			version += ch;
			pos_1++;
		}
		return version;
	}
	else if (contains("Qt-", file))
	{
		int j = file.find("Qt-") + 3;
		char ch_2;
		while (file[j]!='-' || file[j]!='/' || file[j]!='\\')
		{
			ch_2 = file[j];
			version += ch_2;
			j++;
		}
		return version;
	}
	else if (contains("qt-", file))
	{
		int p = file.find("qt-") + 3;
		char ch_3;
		while (file[p]!='-' || file[p]!='/' || file[p]!='\\')
		{
				ch_3 = file[p];
				version += ch_3;
				p++;
		}
		return version;
	}
	return "0";
}

bool isQt(string file_directory)
{
    string file_cont = get(file_directory);
    if (contains("QString", file_cont) || contains("QWidget", file_cont ))
        return true;
    return false;
}

int main()
{
	string file_dir;
	cout << "IsItQt version 0.2 stable build" << endl;
	while (0 == 0)
	{
	    cout << "Executable file directory e.g: Linux: /home/username/filename>> ";
	    cin >> file_dir;
	    if (isQt(file_dir) && qt(file_dir) != "0")
	    {
		    cout << "Qt " << qt(file_dir);
	    }
	    else if (isQt(file_dir))
	    {
		    cout << "Qt, but version is unknown!";
	    }
	    else
	    {
		    cout << "Either the executable is not Qt or is packed " 
                             << "and protected for obsufucation, either your file is corrupted!";
	    }
	    cout << endl;
    }
	return 0;
}
Duthomhas (13170)
I'm glad to see you found the answer to your questions.
Just Me (50)
@Duoas Actually, it was news, if you can see the tag... I just thought maybe someone would need something like this, so I put it here, with a clear title, so no one just opens it, but someone who uses Qt. Finally, I didn't give away my identity so it doesn't give the impression of boasting or spam or something...
ne555 (10692)
$ strings foo | grep QString\|QWidget\|qt



Don't loop on eof, but on the reading operation (you may process one character too much)
1
2
3
4
5
6
7
8
9
 
/*
    while(!OpenFile.eof())
    {
        OpenFile.get(ch);
        file_content += ch;
    }
*/
    while( OpenFile.get(ch) )
        file_content += ch;


about your style
1
2
3
4
5
6
7
8
9
10
11
 
if( condition )
   return true;
else
   return false;

//instead of simply
return condition;


//while (0 == 0)
while(true) //but then you need to send a TERM signal to end the program



Also, I would prefer to send the name of the file as an argument to the program, so it is easier to have tab-completion, wildcards, scripting
Last edited on
Just Me (50)
@ne555 Valuable info... But what's he difference between 
1
2
3
4
5
 
 while(!OpenFile.eof())
    {
        OpenFile.get(ch);
        file_content += ch;
    }

and
1
2
 
while( OpenFile.get(ch) )
        file_content += ch;


Isn't it the same performance? I know this is nothing for any < 10 years old processor...
Also, as a 12-year old self-learner, I don't know where to put my skills to practice, a project here and there is the only way for me... Do you know of something like a C++ projects challenge? Something like a game jam? Online? Here is the explanation f a game jam if you don't know of it:
http://en.wikipedia.org/wiki/Game_jam
ne555 (10692)
It is not a performance issue, but about erroneous code.
In line 3, you read a character. That operation may fail because you reach the end of file, however you process it as it were successful (you add the character to the string).
So in the end, you read one extra character.

Given that you'll have an string with an extra null terminator character, it may not affect the logic of the rest of the program. But it may be noticeable when you work, by instance, with numbers.


> Do you know of something like a C++ projects challenge?
I like http://www.programming-challenges.com/
you could follow the book and learn about algorithms and data structures.
Then you may practice more problems in UVA judge, SPOJ, google code jam...
Topic archived. No new replies allowed.