Wrox Programmer Forums
|
VB.NET 2002/2003 Basics For coders who are new to Visual Basic, working in .NET versions 2002 or 2003 (1.0 and 1.1).
Welcome to the p2p.wrox.com Forums.

You are currently viewing the VB.NET 2002/2003 Basics section of the Wrox Programmer to Programmer discussions. This is a community of software programmers and website developers including Wrox book authors and readers. New member registration was closed in 2019. New posts were shut off and the site was archived into this static format as of October 1, 2020. If you require technical support for a Wrox book please contact http://hub.wiley.com
 
Old March 3rd, 2004, 10:59 PM
Authorized User
 
Join Date: Oct 2003
Posts: 41
Thanks: 0
Thanked 0 Times in 0 Posts
Default Security within an EXE file

When a program like VB.NET compiles a project into an EXE file, how secure is the program? Obviously a lot of the information within the project is used only to compile, and isn't actually contained within the EXE. But how much, if any, an EXE file be 'de-compiled' or reverse engineered?

For example if I have a password within a textbox, can my EXE file be decompiled to reveal the password?

Thanks in advance

Nick

 
Old March 4th, 2004, 11:05 AM
Friend of Wrox
 
Join Date: Jun 2003
Posts: 1,101
Thanks: 0
Thanked 2 Times in 2 Posts
Default

It's not secure. VB.NET compiles to IL. IL is human readable- I have not done it, but I expect you might even be able to read the plaintext password right out of the .exe.

If not, a simple hex editor would do the trick.

And they can be decompiled without a problem back to any other .net language- however you could even edit they byte code directly.



Hal Levy
Web Developer, PDI Inc.

NOT a Wiley/Wrox Employee
 
Old March 4th, 2004, 05:22 PM
planoie's Avatar
Friend of Wrox
 
Join Date: Aug 2003
Posts: 5,407
Thanks: 0
Thanked 16 Times in 16 Posts
Default

If you need to store a password internally in an EXE... I suggest using some form of encryption to pre-encrypt the password. Use the result of the encryption within the EXE. When a password is entered you'll need to encrypt that and then compare the result with the pre-encrypted password. The end result will be the same, but you don't have to store the plain text version of the password.

Peter
------------------------------------------------------
Work smarter, not harder.
 
Old March 4th, 2004, 09:37 PM
Authorized User
 
Join Date: Oct 2003
Posts: 41
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thank you. I had a feeling that that was the case...






Similar Threads
Thread Thread Starter Forum Replies Last Post
.Net Security and caspol.exe vic02 C# 2005 1 June 29th, 2009 06:09 PM
.exe file pwj Java Basics 2 June 16th, 2007 05:21 AM
Make an EXE file vivek_inos Access VBA 3 March 15th, 2006 10:55 AM
Exe file problems tinoco Beginning VB 6 4 February 9th, 2006 03:46 AM





Powered by vBulletin®
Copyright ©2000 - 2020, Jelsoft Enterprises Ltd.
Copyright (c) 2020 John Wiley & Sons, Inc.