1
I made a little program to check my database, and wanted to see if the strings were protected (from the password user and the database) and in the case are not. I decompiled the program using IDA PRO and discovered that the strings and information is not protected.
Code in question
con = driver->connect("localhost", "root", "aaasd");
Image of the decompiled code.
You can protect those strings? The Connector has some function for string protection (because I didn’t find)?
And what you community people would recommend to me to protect my program (I’ve already looked at some . NET blinders)?
I remember in C# it protected these strings.
The program is for distribution and let’s say that its consumer base is not pleasant, and most likely they will try to decompile the program...
the business is that the program anyone can download without restriction... I do not think it is a problem to be able to access the code but the password of the database. c# in the Mysql library it hid this string in case of decompilation, it does not have a similar method in c++?
– xyaz
It’s not C# that provides security, it’s the operating system, it just makes it easier. So that’s what I said, there’s a way, but you have to delegate it to the operating system to do this. But still it doesn’t mean that it’s 100% safe since everything is in the person’s computer, it can even go over the operating system.
– Maniero
It’s true there’s a way, but it crosses the line for me, you know? type in my head if it is to decompile the program (which is already little known the technique) is worth it (thinking of the head of crazy) but if it is to go over the operating system to decompile not.
– xyaz
you have some reference of this function that is called in Mysql, and if I can use it?
– xyaz
It’s possible to encrypt, but it doesn’t solve the problem. What exists and do not know how effective is the complete encryption of the connector itself, but is only available in paid version.
– Maniero