How to hide important values of string variables in exe

Question

How to hide important values of string variables in exe

I want to hide important values of string variables such as passwords, username, ip and url, etc. in .Net application (C #, VB.NET) In the process explorer we can view the line in the image or in memory, I want to hide the image line

enter image description here

+4

c #

Elshan May 19, '13 at 21:00

source share

3 answers

Encode it at compile time, decode at runtime? Someone can still find it, since it can decompile your .exe and see the decryption algorithm, but some protection> no protection.

+1

Nikola Dimitroff May 19, '13 at 21:06

source share

There is an existing implementation under: http://msdn.microsoft.com/en-us/library/system.security.securestring.aspx

+1

Kamil Bałdyga May 19, '13 at 21:12

source share

Matthew watson · Accepted Answer · 2013-05-19T21:09:51+0000

You can stop static analysis, for example, by encrypting strings and decrypting them at run time in SecureString .

The SecureString class is specifically designed to prevent things such as passwords from being discovered in memory.

However, note that you can still attach the debugger to your process and see the lines, so you will also need to confuse the use of something like Dotfuscator to make it even harder to see sensitive lines.

Here is an article about some issues with SecureString .

Despite my shortcomings, I believe that this is still the best.

How to hide important values ​​of string variables in exe

More articles:

How to hide important values of string variables in exe