Beefy Boxes and Bandwidth Generously Provided by pair Networks
We don't bite newbies here... much

Re: DB -> C++ -> XS/Swig -> DBI -> Perl

by bulk88 (Priest)
on Jan 30, 2014 at 00:34 UTC ( #1072608=note: print w/replies, xml ) Need Help??

in reply to DB -> C++ -> XS/Swig -> DBI -> Perl

Distributing object code is not security. Use a disassembler, or debugger with asm level breakpoints. Put a breakpoint on the start of the asm code of the db connection function call. Look at register esp/rsp, and the C prototype of the db connect function. Look at the C stack as 4/8byte int arrays. On entry to the C function, esp/rsp will be -4/-8 from return address or on the return address, Work your way numerically upwards from the pointer in reg esp. One of those will a string pointer with the db username and password.
  • Comment on Re: DB -> C++ -> XS/Swig -> DBI -> Perl

Replies are listed 'Best First'.
Re^2: DB -> C++ -> XS/Swig -> DBI -> Perl
by afoken (Abbot) on Feb 01, 2014 at 15:27 UTC

    Possibly another way to get username and password: If database and "secret" C++ code run or can run on different machines, connect both machines with a hub (or a managed switch with a "monitor" port), connect a third machine running wireshark, trace packages send from the client to the database. My guess is that the database does not encrypt communication, at least not by default. Probably, wireshark knows the database protocol. In the best case, username and password are send in plain text over the wire.


    Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
Re^2: DB -> C++ -> XS/Swig -> DBI -> Perl
by qhen (Acolyte) on Sep 03, 2014 at 14:13 UTC
    That does not answer the question. We all know what you describe can be done.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1072608]
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (3)
As of 2018-01-21 21:45 GMT
Find Nodes?
    Voting Booth?
    How did you see in the new year?

    Results (230 votes). Check out past polls.