Command Line of a call to CreateProcess catchable?
-
Hi, I have a program that has a commandline option to pass a user and a password. If I start this program from within another windows program using CreateProcess, can dodgy types get hold of this commandline?
-
Hi, I have a program that has a commandline option to pass a user and a password. If I start this program from within another windows program using CreateProcess, can dodgy types get hold of this commandline?
If it's a string literal, yes.
"Money talks. When my money starts to talk, I get a bill to shut it up." - Frank
"Judge not by the eye but by the heart." - Native American Proverb
-
Hi, I have a program that has a commandline option to pass a user and a password. If I start this program from within another windows program using CreateProcess, can dodgy types get hold of this commandline?
Someone could fairly easily view all the string literals in your .exe file. Alternatively they could replace the EXE that you are launching via CreateProcess and they could display the command line from their EXE.
-
Hi, I have a program that has a commandline option to pass a user and a password. If I start this program from within another windows program using CreateProcess, can dodgy types get hold of this commandline?
The Process Explorer[^] utility can show the command line that any process (to which you have access) was launched with. I think it does this by using the
ReadProcessMemoryAPI. By default, processes have ACLs (security settings) set so that only the creator of the process can use this API, but this behaviour can be overridden with use of the Debug privilege, which Administrators have by default - and as we all know, most people log in to Windows as a member of the Administrators group.Stability. What an interesting concept. -- Chris Maunder