|
Full Disclosure
mailing list archives
Re: plz suggest security for DLL functions
From: Gaurav Kumar <gkverma () gmail com>
Date: Sat, 2 Jul 2005 11:13:41 +0530
thanks a lot friends. i really got some innovative ideas from all of you.
regards,
gaurav
On 7/2/05, John LaCour <johnlacour () gmail com> wrote:
Another suggestion - also not bullet proof - but largely effective:
1) Write a kernel mode driver that hooks the Win32 APIs to load DLLs
and filter any calls by programs other than your own.
2) Ensure your driver protects itself. There's a long list of things
to do including:
- protect the registry key / hive
- protect the driver file
- protect access to physical memory
- etc. etc.
3) Ensure that attacks to undo API hooks are prevented.
See http://www.security.org.sg/code/sdtrestore.html as an example of
these attacks (which can be used for evil or good in the case of
undoing rootkit hooks).
As others have mentioned, the above made be significantly more
expensive than the good EULA and lawyers route.
-John
On 6/30/05, Gaurav Kumar <gkverma () gmail com> wrote:
friends,
We are developing a software that makes use of a COM DLL. The whole
logic lies in the dll. The User Interface is in VC++. DLL exposes
functions, application calls it and displays result. Now, we found
that anybody can copy the DLL, register it and make use of those
functions.
Please guide us in making those functions secret or encrypted so that
others cannt use our functions.
thanks and regards,
gaurav
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: plz suggest security for DLL functions, (continued)
|
Intro
