I have been wondering quite a bit on String functions such as replace().
My objective is simple. I have a logger, that logs strings into a text file, that contains passwords which needs to be masked before writing it to the log file.
For example:
str = "-field_value=userId=1,-field_value=password=pass123,-field_value=location=London,-field_value=day=Tuesday,-field_value=emailPassword=pass123,-field_value=fbPassword=pass1234";
Which approach would be the best in this case? The string may or may not end with any password "field_value".
I need to mask all the occurring "Passwords" with their exact length, in this string to get the following output:
str = "-field_value=userId=1,-field_value=password=*******,-field_value=location=London,-field_value=day=Tuesday,-field_value=emailPassword=*******,-field_value=fbPassword=********";
Which would be a more suitable option to use? Normal string handling (using substrings/replaceAll/indexOf) or StringBuilder functions?
Also, how effective is using Regular Expressions in this case? I've never used Regex extensively, so I have little idea on using it for this scenario.
I assume this is C#, but this answer is valid for many other languages.
You must not have passwords in clear text. Just now you do. So that is a huge security concern and it doesn't matter if you put "*" instead of the password. It is there in memory and little skill is needed to extract passwords from memory (given attacker has access to the machine).
A standard approach is that you only store password hash and salt. Now the problem would be how do you convert a password into the hash and how do you securely dispose original password. For this purpose you should use SecureString which encrypts the password string in memory and securely removes it from memory when it is no longer needed.
To give a direct answer to your question: you do not use any approach to replace a password character with a star. Any approach in this case is insecure.
I used String.replaceAll(regex, replace) method, to search for password or emailPassword etc and did the masking. Not sure, if that's the most ideal method to do the masking in this case.
Related
I'm trying to create a system which receives a password to give you access to a certain file. now I'm having trouble at the start. is there any variable that I can use to combine both numbers and letters? for example something that will store the password "25j3d3".
Thank you for your time.
You don't need to store the individual character types in separate variables (letters, numbers, punctuation) etc. separately. An std::string can hold all character types (it is even binary safe):
std::string password = "abc.,+123\xFF";
On a tangent, for storing and processing passwords, obfuscating your code may be a desired effect.
I have a dll (ansi c) that has some string litarals defined.
__declspec(dllexport) char* GetSomeString()
{
return "This is a test string from TestLib.dll";
}
When compiled this string is still visible in "notepad" for example. I'm fairly new to C, so I was wondering, is there a way to safely store string literals?
Should I do it with a resx file (for example), that has some encrypted values, or what would be the best way?
Thanks
EDIT 1:
The scenario is basically the following in pseudo code:
if(hostname)
return hostname
else
return "Literal String"';
It's this "literal string" that I would like to see "secured" in some way..
Don't put your secrets on anyone else's computer if you want them to stay secret.
See my related answer, The #1 Law of Software Licensing
And Eric Lippert's similar answer
First of all, since your executable1 needs to decode that literal in memory, any attacker determined enough will be able to do the same; often it's just as easy as freezing the process after startup (or after it needed to use the string we want), creating a memory dump and use utilities like string over it. There are methods to mitigate the issue (e.g. zeroing the memory used by a sensitive string immediately after using it), but since your code is on a machine where the potential attacker has all the privileges, you can only put roadblocks: in the end your executable is completely in the attacker's hands.
That being said, if your concern is just "not leaving important strings en plein air" you may just run an executable packer/encrypter over your whole dll. This is as easy as adding a post-build step in your solution, the packer will compress/encrypt the whole executable image and build an executable that when launched will decrypt and run it in memory.
This method has the great advantage of not requiring any change to your code: you just run upx over the compiled dll and you get your compressed dll, no XORs or weird literals spread across your code are needed.
Of course, this is quite weak security (basically it will just protect from snooping around in the executable with notepad or a hex editor), but again, storing critical "secrets" in an executable that is going to be distributed is a bad idea in first place.
In the whole answer I "executable" is to be intended in the wide meaning - i.e. also dlls are included.
You probably want to store hardcoded passwords in the library, right? You can XOR the string with some value, and store it, then read it and XOR again. It's the simplest way, but it doesn't protect your string from any kind of disassembling/reverse engineering.
Looking for the easiest way to hide char* from reverse engineer. Doesn't have to be strong encryption, but something simple. It has to happen in header, and here is my code:
#pragma once
const char * pw = "test";
#define PASS pw;
where PASS is used in the source.
I already tried reverse string and hex to text and vice versa but didn't succeed. Someone please post some easy solution for this.
Edit: This is just an example. The user will not input anything, I only have to hide a char pointer from debugger. What is the best way to do that?
The standard way would be to store only the hash of your string (computed offline and outside the code) in the code and to hash any user input with which you want to compare it during runtime and then compare the hashes instead of the plain passwords
You could store the XOR value of the password, and then XOR the user input to compare. Refer to this answer for the code.
Then the problem becomes someone can run a debugger or dis-assembler to reveal what your program is doing when it checks the password.
Hashing uses a way of reading the inner data of a file and mathematically creates number and letters from it. How is a mathematical equation in C++ do this?
I'm trying to make an application using C++ and Visual Studio that reads a data file and gets a SHA-256 hash sum from it. Then applies an equation to change that into different numbers and letter, but with fewer characters. This processed number and letter would be used as a password for a 7zip or a rar file. (not sure which is better made for encryption)
This is for a migitation of internet crawlers accessing content and people who shouldn't be accessing it. I do not expect it to be able to completely lock a person out.
Also, it has to be transcodable. So it has to be able to go from the Hash to the pass, and from the pass to the hash, preferably.
If anybody can help me on this, I would be so greatly appreciative and I will give you a place in the credits page, with a link to your profile or whatever if you want :3.
If you have any other questions or info, please don't hesitate to send me message.
Picture of GUI:
It seems what you need is fairly simple. (Although finding an elegant mathematical solution to this problem may be fun it's really not necessary)
SHA-256 is a 32 byte long array. The letters and numbers you see are just the hexadecimal representation of the array. Since a Hex digit requires 4 bits of data each combination of two letters or numbers (or letters and numbers) represents 1 byte. This is why you need a 64 long character string to represent a 32 byte array.
To my knowledge WinRar has a password limit of 177 characters and 7z has no limitation. Theoretically you could use your original 64 character SHA-256 representation as a password. The generated password is very strong since it has 16^64 == 2^256 combinations.
However as it happens - a shorter password but a lot stronger can be generated using Base64 encoding (Wikipedia is a good place to start). With Base64 your 32 bytes array can be represented as a 43 character long password comprised of uppercase and lowercase letters as well as 9 digits and the + and / characters. So you get 64^43 > 2^256.
You can easily convert the Base64 string back to the hash.
As a side note:
You should notice that since AES256 uses a 256 bit key it's actually quite useless to generate a stronger password since in that case the attacker can just attack the key and neglect the password so using the SHA-256 is really enough. But I like the fact that we can generate a 43 character long password stronger than the 64 character long one.
And yet another side note:
Depending on the type of characters the compressor you will use accepts as a password character you could design your own Base128 encoding and lower the number of characters to 37.
Also I would suggest using 7z as it is both fast, very capable and last but not least open source.
You are NOT looking for a hash at all. If you want reversibility from encoded to original, you want encryption. There are duh dress of ways to encrypt something, but a very simple way is to use something like Everpassword's AES or Crypto.org's RC4, with some other password as the key. (If you really don't care, you can even use a blank key, and it'll still encode to something that looks random.) The main difference is that AES generally requires padding (ignoring CTR mode) so it produces a longer result, but RC4 has a size of exactly whatever the input is. In the above links, Bo are expanded out by base64 conversion.
I don't really understand why you want to be able to get the original password, though. I can't see a single use case for being able to give someone the password, and then to let them disscover the original phrase that generated it to satisfy their curiosity, when you only ever need the encrypted one for doing anything useful. You might as well use a few characters from a hash, because no one will care how you came up with it.
Also, hashes and ciphers don't give numbers and letters. They give 1s and 0s - numbers and letters are just a convenient way of visualizing them when we want to compare or type them, since we don't handle raw binary very easily. There are many possible representations, though.
I know how to compile C and C++ Source files using GCC and CC in the terminal, however i would like to know if its safe to include passwords in these files, once compiled.
For example.. i check user input for a certain password e.g 123, but it appears compiled C/C++ programs is possible to be decompiled.
Is there anyway to compile a C/C++ source file, while keeping the source completely hidden..
If not, could anyone provide a small example of encrypting the input, then checking against the password e.g: (SHA1, MD5)
No you can't securely include password in your source file. Strings in executable file are in plain text, anyone with a text editor can easily look at your password.
A not so secure, but would trample some people, is to store the encrypted string instead. So, basically:
enc = "03ac674216f3e15c761ee1a5e255f067953623c8b388b4459e13f978d7c846f4"
bool check() {
pass = getPassFromUser();
encpass = myHashingFunction(pass);
return pass == encpass;
}
this will deter some people, but isn't really much more secure, it is relatively trivial for assembly hacker to replace the 'enc' string in your executable with another sha256-encoded string with a known cleartext value.
Even if you use a separate authentication server, it is not difficult to setup a bogus authentication server and fool your program connect to this bogus authentication server.
Even if you use SHA1 to generate a hash it is not really all that safe if you do it in a normal way (write a function to check a password) any determined or knowledgable hacker given access to the executable will be able to get around it (replace your hash with a known hash or just replace the checkPassword() call with a call that returns true.
The question is who are you trying to protect against? Your little brother, a hacker, international spies, industrial espionage?
Using SHA1 with the hash just contained within in the code (or a config file) will only protect against you little brother? (read casual computer users that can't be bothered to try and hack your program instead of paying the share ware price). In this case using plain text password or a SHA1 hash makes little difference (maybe a couple of percent more people will not bother).
If you want to make your code safe against anything else then you will need to do a lot more. A book on security is a good starting point but the only real way to do this is to take a security class where protection techniques are taught. This is a very specialized field and rolling your own version is likely to be counter productive and give you no real protection (using a hash is only the first step).
It is not recommended to keep any sensitive static data inside code. You can use configuration files for that. There you can store whatever you like.
But if you really want to do that first remember that the code can be easily changed by investigating with a debugger and modifying it. Only programs that user doesn't have access to can be considered safer (web sites for example).
The majority of login passwords (of different sites) are not stored in clear in the database but encrypted with algorithms MD5, SHA1, Blowfish etc.
I'd suggest you use one of these algorithms from OpenSSL library.
What I would do is using some public-key cryptographic algorithm. This will probably take a little longer to be cracked because in my opinion there is nothing 100% sure when talking about software protection.
It's not safe if you store them as plain text, you can just dump the file or use a utility like strings to find text in the executable.
You will have to encode them in some manner.
Here is a code sample that might help you, using OpenSSL.
#include <openssl/evp.h>
bool SHA256Hash(const char* buf, size_t buflen, char* res, size_t reslen)
{
if (reslen >= 32)
{
EVP_MD_CTX mdctx;
EVP_MD_CTX_init(&mdctx);
EVP_DigestInit_ex(&mdctx, EVP_sha256(), NULL);
EVP_DigestUpdate(&mdctx, buf, buflen);
EVP_DigestFinal_ex(&mdctx, res, &len);
EVP_MD_CTX_cleanup(&mdctx);
return (len == 32);
}
return false;
}
I took this sample from the systools library and had to adapt it. So i'm not sure it compiles without modifications. However, it should help you.
Please note that, to determine if storing a hash value of some password in your binary is safe, we must know what you want it for.
If you expect it to forbid some functionalities of your program unless some special password is given, then it is useless: an attacker is likely to remove the whole password-check code instead of trying to guess or reverse the stored password.
Try finding out Hashing Functions and Ciphering Methods for securing your passwords and their storage.