I am trying to argue that the obfuscation that I applied to my assembly is enough, my main problem is protecting strings containing passwords or private keys. I successfully decompiled my build Salamander Decompiler saw that my string was encrypted, but at runtime the string must be decrypted for use. <ush>
I was told that you can debug the application and see the assembler code, any idea how to do this?
Solution
This worked for me, although there is probably a better way to do this with WinDbg.
1- Run the program
2- Open a command prompt and enter:
adplus -crash -pn [executablename] -o [ output directory ]
* adplus is placed in the same folder as WinDBG
3- Close the program or wait until it closes
4- Open FULLDUMP * .dmp placed in the specified output directory
5- Open NotePad ++ anb select TextFX-> Characters-> Zap all non-printable characters in #
6- Search for a string in this format # t # r # i # n # g '
or replace all' # 'with' 'and search for string' (this may take some time)
* By the way, I could not find SecureString , which was also in memory in clear text
source
share