Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I seem to have an issue with somebody injecting code into the memory of my application after runtime. Currently I have security implemented which checks the file on disk for any modification, so this person is booting the program up, and injecting code into the process memory. My question is what can i do to pull the application out of memory rather than off of disk..
My question is, is there a way to get the process that is in memory, rather then on disk?
You program is a guest on the users machine. There is nothing preventing the user from attaching a debugger like OllyDBG and reading/writing arbitrary memory. All applications are subject to this. If this creates another security problem for you, such as if you are trying to hide a secret key or password in memory then that is the vulnerability. Attaching a debugger is just apart of the environment.
There is anti-debugging, which is really just a method of (in)Security Though Obscurity. There are anti-anti-debugging techniques to counter this “security” measure. Its really a game of cat and mouse where the anti-debugging techniques always loose.