lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri Jul  1 10:21:41 2005
From: abhisek.datta at gmail.com (Abhisek Datta)
Subject: plz suggest security for DLL functions

> Please guide us in making those functions secret or encrypted so that
> others cannt use our functions.

Using Windows DLL APIs, normally only those functions exported by a
DLL can be called by a process that maps the DLL in its address space.
The simplest solution is not to export the functions which u do not
want to be used by other programs using conventional LoadLibrary and
GetProcAddress.. in that case u need some clever hack for ur own
application that maps the entire DLL in its address space implements
offset based calculation to find the address of ur unexported
functions in the DLL and return to it, though i havent implemented
these concept but i think it is quite possible and can do it if
required.

as far as encryption is concerned, u can encrypt ur DLL as per ur wish
and decrypt it from ur userland application before memory mapping.

In any case, the phrase "others cant use the function" is not realy
feasible as far as i am concerned.

btw. Gaurav, I suggest better do ur homework using google or something
similar before asking these questions cause it sounds clueless..

Regards,
- Abhisek

On 7/1/05, Gaurav Kumar <gkverma@...il.com> wrote:
> friends,
> 
> We are developing a software that makes use of a COM DLL. The whole
> logic lies in the dll. The User Interface is in VC++. DLL exposes
> functions, application calls it and displays result. Now, we found
> that anybody can copy the DLL, register it and make use of those
> functions.
> 
> Please guide us in making those functions secret or encrypted so that
> others cannt use our functions.
> 
> thanks and regards,
> gaurav
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ