|
Hi there,
I have an application which requires to read the credentials and login to the DB.
Since my application runs on schedule, someone has to fed in the credentials.
Storing the credentials in flat file with any encryption (including DPAPI) is not helping as the entropy will be stored in the same file and it can be easily retrieved.
Thought of having the Salt for the entropy in-memory which will be key-ed in by the user through an application that will be written on a secured shared memory and the same will only be able to access by my own process (with validating the Digital signature thump print).
The provision of creating the shared segment is done by a DLL and the Client process which sets the password and my process which reads the password is digitally signed and I can validate the same in the DLLMain - PROCESS_ATTACH. If the digital signature is invalid, I'm unloading the DLL by terminating the same.
All worked well with LoadLibrary API and when we tried testing with LoadLibraryEx with the option: DONT_RESOLVE_DLL_REFERENCES, it was not hitting the DLLMain and was able to call all the exported functions.
My query is that is there a way to securely share a data between two trusted application alone?
The application is developed using C++.
thanks in advance,
Rajesh Iyer
|
|
|
|
|
You can use a memory-mapped file with an obscure name. This won't prevent a hacker from being able to see the file but it will be far from obvious. You can obscure the data you place in the MMF by negating it or something simple like that.
Another way is to use an interprocess communication mechanism. Some examples are pipes, sockets, the WM_COPYDATA message, and there are others. It is possible for a socket message to be intercepted but the other two are much more difficult to spoof.
|
|
|
|
|
Hi
I re-wrote my IPC methodology in the following manner
Since I am creating the child process GUI I have the option of inheritable handles. One of those is a event which I signal
From the console app to the MFC application
The event lives in a worker thread which basically has 2 api's WaitForSingleMessage and once signaled a PostMessage. The m_hWnd is the CMainFrame main window I create in the main thread CWinApp
Thing is like the SendMessage which I was doing from process to process I now have intermittent errors with this too
I tried AfxGetMainWnd()->PostMessage seeing if maybe there was something wrong with the HWND
First off is there any problem using a m_hWnd created in the main thread in worker thread to send a message
I have read about thread maps of handles I am not sure if it relates to my scenario
Thanks
|
|
|
|
|
ForNow wrote: I tried AfxGetMainWnd()->PostMessage seeing if maybe there was something wrong with the HWND First off is there any problem using a m_hWnd created in the main thread in worker thread to send a message
It is not correct according to AfxGetMainWnd: "If AfxGetMainWnd is called from the application's primary thread, it returns the application's main window according to the above rules. If the function is called from a secondary thread in the application, the function returns the main window associated with the thread that made the call."
And "yes", you can pass "a m_hWnd created in the main thread in worker thread to send a message" from a worker thread.
|
|
|
|
|
Thanks for your help my code as seems to be posting messages i added the ChaneWindowMessageFilterEx per jochen don't know if It's needed if posting in the same process and it seems that my messages to delivered
|
|
|
|
|
Hi,
I am working in vc++ mfc and i have been stuck some where I want to overwrite a selected Image in a particular path. Please help out me
|
|
|
|
|
raajpatel wrote: I want to overwrite a selected Image in a particular path That is rather unclear. Please edit your question and be more specific.
Are you referring to an image file stored on the disk with known path and file name?
What is the image source that you want to store (another file, a bitmap in memory)?
What image format should be used (BMP, JPG, TIFF, PNG)?
|
|
|
|
|
Hi,
I want to replace same image and over same path with resized on a disk and format is "gif" file
|
|
|
|
|
You can use the CImage Class[^]. Use the Save() function with ImageFormatGIF to save the image as GIF.
How to create the CImage depends on the source. It can be loaded from file or passed an existing in memory bitmap.
|
|
|
|
|
'An image on a particular path' sounds like a file, to me. To overwrite the file, open it for writing and do write the new image data to it.
|
|
|
|
|
Hi All,
I'm trying to create Instant Messaging software for Windows.
What are the options for the core chat technology?
Is Microsoft Bot Framework a good choice for one-one chat?
Its planed for man-bot so not sure about that...
In addition I don't want to implement it from the ground, WINSOCK etc
I prefer use an already tested platform or library for that
Is DCOM or MSMQ a good choise ?
please advice
mithrhill
modified 6-Feb-17 3:58am.
|
|
|
|
|
Hello,
I am a BCA student.I want to know about project on hostel mannagement system in c program with their source code.
Any one please send me the source code to my email:- chandanbhoi11@gmail.com
|
|
|
|
|
CodeProject is not a code writing service. See also the sticky post (actually) above yours:
Quote: 2. Be specific! Don't ask "can someone send me the code to create an application that does 'X'. Pinpoint exactly what it is you need help with.
11. If you have a school or university assignment, assume that your teacher or lecturer is also reading these forums.
We will help if you got stuck at specific portions of your code. But if you need code written for you, you probably have to hire someone and pay for it.
|
|
|
|
|
Also, we do not do the assignments for students and it will be against our rules and will not help you in any way. The assignments are assigned to you to help you focus on programming.
If you are having trouble, consult your teacher and ask him to guide you in the process so that you can do it. If you still face issues, try group study and talk about the problem in the group and ask help from peer students.
However, if you face any problem during the programming; such as errors occur, do come here and we will help a bit.
One more thing: Sharing the email online will only help spammers, who are always building their email databases, to send lottery win emails. You get the point, please do not share the emails on online forums. They are not safe.
The sh*t I complain about
It's like there ain't a cloud in the sky and it's raining out - Eminem
~! Firewall !~
|
|
|
|
|
We do not do your HomeWork.
HomeWork is not set to test your skills at begging other people to do your work, it is set to make you think and to help your teacher to check your understanding of the courses you have taken and also the problems you have at applying them.
Any failure of you will help your teacher spot your weaknesses and set remedial actions.
So, give it a try, reread your lessons and start working. If you are stuck on a specific problem, show your code and explain this exact problem, we might help.
As programmer, your job is to create algorithms that solve specific problems and you can't rely on someone else to eternally do it for you, so there is a time where you will have to learn how to. And the sooner, the better.
When you just ask for the solution, it is like trying to learn to drive a car by having someone else training.
Creating an algorithm is basically finding the maths and make necessary adaptation to fit your actual problem.
Patrice
“Everything should be made as simple as possible, but no simpler.” Albert Einstein
|
|
|
|
|
I was told PostMessage would work for IPC the child process never gets control
|
|
|
|
|
How do you use it?
What message ID do you use?
|
|
|
|
|
The child probably wont see the message because the parent isn't passing it up. Very few messages are passed from a parent to a child unless you specify it beyond the obvious stuff like keyboard and mouse. Depending on the ID it isn't clear to me a message will be passed to a child window I need to know more about the window types and flags involved.
In vino veritas
modified 3-Feb-17 5:59am.
|
|
|
|
|
Hi
I have been having intermittent problems notifying a child window process with SendMessage
So I decided to go with the Microsoft Sanctioned way WM_COPYDATA
In my console Parent process I do GetConsoleWindow (which I observe returns what seems
a valid HWND),
I declare a COPYDATASTRUCT member on the stack (locally)
and do SendMessage I have gotten the child window HWND with FindWindow
in my MFC child window I have a messagemap entry
and nothing it never gets there I am running under both the console app and the MFC app
under Visual studio debugger so I can see what's going on
ON_MESSAGE(WM_COPYDATA,Debug_it)
|
|
|
|
|
See the first comment at WM_COPYDATA message (Windows)[^]:
Quote: Starting with Windows Vista, the application that is to receive the WM_COPYDATA message must call the ChangeWindowMessageFilterEx function. Otherwise the the message will not be received. It will be blocked by UIPI.
|
|
|
|
|
Thanks for your help I just tried
ChangeWindowMessageFilterEx I got a FALSE GetLastError returned ERROR_ACCESS_DENIED
This is because my process is at SECURITY_MANDATORY_LOW_RID
AnyWay I can Change this. Thing is I understand the concern for security however I (my process ) created the child process so I should be able and send messages
|
|
|
|
|
It's not a problem of sending messages but of receiving. So the only solution would be increasing the UIPI level of your MFC application or using another IPC method.
|
|
|
|
|
Thanks I didn't read it entirely
For a Mainframe in the OnCreate and for a modless dialog I'll put it in the OnInitDialog
|
|
|
|
|
Still works intermittently I am going to try DDE since my code is based on messages
|
|
|
|
|
Many, many years ago I wrote a very simple app to demonstrate the use of WM_COPYDATA with MFC and I see that it is still online : Inter-Process Communication Using WM_COPYDATA[^]
I rebuilt it just now in VS2015 (with very little effort) and it still works on W10. You might want to have a look at it as an example.
|
|
|
|