Reputation: 36048
Verify that file is not altered/replaced
I need to pass secure information to an executable in my application. In other words I have the line:
Process.Start("someExecutable.exe","MyUsername, myPassword");
I want to prevent people from seeing those parameters. (The username and password are specified by the user at run time so I do not have to worry about those parameters).
Now a problem that I have now is: If someone replaces someExecutable.exe with their own program they will be able to see the credentials!
For future reference I refere to someExecutable.exe (program I am sending the credientials as arguments as ) A and I will refere to the executable created by this program as B
I will like to prevent that problem here are some solutions I have think of:
Compute the hash of A and check it before executing it.
static bool? VerifyThatExeIsReliable(string pathOfExe) { if (System.IO.File.Exists(pathOfExe) == false) return null; var bytes = System.IO.File.ReadAllBytes(pathOfExe); using (SHA1Managed a = new SHA1Managed()) { var hash = a.ComputeHash(bytes); StringBuilder formatted = new StringBuilder(2 * hash.Length); foreach (byte b in hash) formatted.AppendFormat("{0:X2}", b); var code = formatted.ToString(); if (code == "4835658749AF89A65C5F4835658749AF89A65C5F") return true; } return false; }the problem with this approach is that the hash
4835658749AF89A65C5F4835658749AF89A65C5Fwill be stored in the executable A and if someone opens this program with a hex editor he is going to be able to find the hash and modify it. In other words they will calculate the sha1 hash of the program they write and place that hash instead of4835658749AF89A65C5F4835658749AF89A65C5FUse a the file Watcher class to detect when the file has been modified. If my program is not running I will not be able to detect this
make sure that the user is not able to see the command line arguments passed to that executable: See command line arguments being passed to a program
Upvotes: 0
Views: 453
Answers (1)
Reputation: 1205
To solve the problems with option #1, Use asymmetric encryption on the hash, that way your program (and the user) will only be able to decrypt the hash, not encrypt a different one. Of course if they can edit compiled C# code then you can't stop them from altering it to not decrypt the hash, but that requires a lot more time and expertise.
To solve problem #2, store a hash of executable A in your program, and verify that executable A matches the hash before starting it.
As for #3, as far as I am aware there is no way to resolve the problem. However, if you are able to modify the target program you could send the username and password via an encrypted network socket, for example.
Note also that it is possible to reverse engineer .NET applications, and that you should possibly consider running some kind of obfuscation tool on your executable if security is important to you. Ultimately its not about making the program 100% tamper-proof, because that is impossible. Its about making it not worth the bother to anyone who would have a reason to do so.
Upvotes: 1
Related Questions
- What is the simplest way to check if a content of a file was changed in C#? Sha, crc32, md5 or something else?
- C# - Calculate md5 from self to check that file is not modified
- Hash a file as its being recived
- Best method to check that a file hasn't been modified or altered
- How to check transferred file is not changed
- build/check hash value for file
- file copy that won't change file hash
- file check with auto update
- How can I know if a file has been changed in .NET C#?
- Integrity and Authenticity