lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <e4ce4c440507010256303a4ea4@mail.gmail.com> Date: Fri Jul 1 10:56:13 2005 From: gkverma at gmail.com (Gaurav Kumar) Subject: plz suggest security for DLL functions if it would have been so simpler, i wouldnt have asked it here, the application design doesnt allow us to use the conventioal loadlibray method. we need to export functions also and at the same time protect from misuse. regards, gaurav On 7/1/05, Abhisek Datta <abhisek.datta@...il.com> wrote: > > Please guide us in making those functions secret or encrypted so that > > others cannt use our functions. > > Using Windows DLL APIs, normally only those functions exported by a > DLL can be called by a process that maps the DLL in its address space. > The simplest solution is not to export the functions which u do not > want to be used by other programs using conventional LoadLibrary and > GetProcAddress.. in that case u need some clever hack for ur own > application that maps the entire DLL in its address space implements > offset based calculation to find the address of ur unexported > functions in the DLL and return to it, though i havent implemented > these concept but i think it is quite possible and can do it if > required. > > as far as encryption is concerned, u can encrypt ur DLL as per ur wish > and decrypt it from ur userland application before memory mapping. > > In any case, the phrase "others cant use the function" is not realy > feasible as far as i am concerned. > > btw. Gaurav, I suggest better do ur homework using google or something > similar before asking these questions cause it sounds clueless.. > > Regards, > - Abhisek > > On 7/1/05, Gaurav Kumar <gkverma@...il.com> wrote: > > friends, > > > > We are developing a software that makes use of a COM DLL. The whole > > logic lies in the dll. The User Interface is in VC++. DLL exposes > > functions, application calls it and displays result. Now, we found > > that anybody can copy the DLL, register it and make use of those > > functions. > > > > Please guide us in making those functions secret or encrypted so that > > others cannt use our functions. > > > > thanks and regards, > > gaurav > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > >
Powered by blists - more mailing lists