I want to hide system commands issued from system ()

Question

I want to hide system commands issued from system ()

Writing a program in C ++, and I want to issue a system command from the system () function, but I do not want the user to see this command (because the command includes pwd) in the executable window. I need to copy a file from the user directory to the server, preventing the user from accessing the server or displaying pwd. It turned out that with .exe this makes the easiest way.

Example:

("FILETRANSFER_SW.exe -pw helloWORLD11! @C: /temp.txt F: / tempfolder /")

But the executable window shows this command, so the goal is to hide the password.

I tried to issue the system ("@echo OFF") at the beginning of the program, but this does not suppress the following commands, they are still displayed in the executable window.

Any suggestions?

Thanks...

+3

c ++ system

Abigail adams Feb 25 '09 at 14:55

source share

4 answers

Joachim sauer · Answer 1 · 2009-02-25T15:01:52+0000

The command line of running processes is considered public information on most operating systems.

Therefore, it is very difficult to skip passwords on the command line.

There are two common workarounds for this problem, each of which requires support for the executable being called:

instead of passing the username / password on the command line, pass the name of the file containing the username / password
Reinstall the command line of the running process from the called executable.

The first solution is easy and ubiquitous, the second has a race condition and is more difficult to implement, because there is no cross-platform way to do this (on some operating systems, helping to change argv).

Ferruccio · Answer 2 · 2009-02-25T15:08:13+0000

, Windows. , API CreateProcess() system().

API CreateProcess() , STARTUP_INFORMATION, (wShowWindow = SW_HIDE).

, , , . , . , .

Yarik · Answer 3 · 2009-02-25T15:11:46+0000

API CreateProcess() , , , , . Process Explorer

Ismael · Answer 4 · 2009-02-25T23:59:52+0000

Another solution is to send a password between your programs encrypted with something like 3DES or AES.

You can use pipe to communicate between both programs and not use the command line at all.

But any of these schemes is not very safe, they can be easily circumvented. If you need additional protection, you should use some kind of protocol to respond to a request with the server.

I want to hide system commands issued from system ()

More articles: