Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re: DB -> C++ -> XS/Swig -> DBI -> Perl

by bulk88 (Priest)
on Jan 30, 2014 at 00:34 UTC ( #1072608=note: print w/ replies, xml ) Need Help??


in reply to DB -> C++ -> XS/Swig -> DBI -> Perl

Distributing object code is not security. Use a disassembler, or debugger with asm level breakpoints. Put a breakpoint on the start of the asm code of the db connection function call. Look at register esp/rsp, and the C prototype of the db connect function. Look at the C stack as 4/8byte int arrays. On entry to the C function, esp/rsp will be -4/-8 from return address or on the return address, Work your way numerically upwards from the pointer in reg esp. One of those will a string pointer with the db username and password.


Comment on Re: DB -> C++ -> XS/Swig -> DBI -> Perl
Re^2: DB -> C++ -> XS/Swig -> DBI -> Perl
by afoken (Parson) on Feb 01, 2014 at 15:27 UTC

    Possibly another way to get username and password: If database and "secret" C++ code run or can run on different machines, connect both machines with a hub (or a managed switch with a "monitor" port), connect a third machine running wireshark, trace packages send from the client to the database. My guess is that the database does not encrypt communication, at least not by default. Probably, wireshark knows the database protocol. In the best case, username and password are send in plain text over the wire.

    Alexander

    --
    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1072608]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (10)
As of 2014-07-29 20:27 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (227 votes), past polls