Is this even possible?
I realize that asking them to enter data when the program runs and saving it in the executable file itself is out. (Or is it?)
Right now I'm considering trying to build the program server-side with php and have it incorporate a separate text file which would contain the information. This seems marginally feasible, though I would have quite a bit of learning to accomplish it.
I was hoping for some other ideas of how I might accomplish this.
I am not interested in separate configuration or text files or putting data in windows registry. I am only looking for solutions where it can be quite-solidly a part of the executable.
Does anybody have any experience with this?
Thank you.
Its perfectly possible, that's how self-extracting zip files work.
Basically, you can add as much stuff to the end of the executable file as you want. Your program can then open its own file up on disk and read it back.
How about using Settings within your app? It depends on what you mean by "storing the user registration" as to how you would best achieve this, though. If you could give some more information about what you actually want to store, that would be useful.
An example would be to save a username, or an authentication token, and use that each time you need to check a "registration". As I say, though, the details of what to store would depend entirely on what you want to do it that data...
You could use it to embed in the unmanaged resources.
Related
Is there any way to make a file totally uneditable and undeleteable ? I am creating simple Anti-Virus program and I want to protect my malware signatures which are saved in files.
The short answer is 'you can't.' The long answer follows. =)
You may implement it via file permissions, but those can be changed if a process have enough privileges.
TMK, the only way to implement this kind of restriction is to keep a process running, with the file open in exclusive mode. That won't prevent an application like Unlocker from killing your main process or deleting the block handles, though.
No, you can't. If a software runs with enough privileges, it will be able to erase them along with your antivirus. This also happens with commercial antivirus software.
What you can do, in order to at least prevent modifications, is store the definitions as compressed, signed and, encrypted. In this way, unless the malware can obtain the criptographic key, it won't be able to meaningfully modify the virus database, but only to delete it. In both cases, your software can detect the intervention and try to react (but if a malware is privileged enough to delete system files, maybe it' already too late)
you cant really do so, but you can try outsmarting malware...
Save a checksum of the file so you know if it was tampered.
Use Async Encryption on the file (somwhat similar to 1.)
make the signatures downloadable through Internet access, and make your software download those...
check the last accessed times of the files.
there are many more tricks like the four above, but they are all NOT boolet proof...
One Crazy idea that i dont really know how to implement... but came to mind is that:
you can create a SATA/IDE Driver and make the a specific file unaccesible...
but again thats my kind of creativity crazy talk :)
The best you can do with C# is to just set the permissions of the file so that only your service has full access, and anyone else doesn't. That don't protects against someone/something that managed to get administrator access, as they always can change permissions.
What many antiviruses do for self-protecting their files and services is to install kernel-mode drivers that block both the critical files and processes, so not even administrators can stop them. Of course C# is unable to create them.
I was always pretty impressed by those programs that you could install by executing one installer file, which would then extract all the other required files to run the actual program.
And even now im still wondering how you would code a program that extracts files that are literally still inside the program ( so not in some kind of zip) , i've seen tons of installers for games who have this. I need this cause I want to extract a file on the right moment without giving the person who uses the program the ability to delete the file before its extracted, this may seem vague, but I hope i've informed you enough.
I'm just going to say that building an installer is difficult.
I'd recommend using NSIS: http://nsis.sourceforge.net/Main_Page
As for creating a file the user can't access, create a temp file with the correct read/write permissions, extract the data to the temp file, then copy the file where it needs to go.
Extract happens without the user interfering, and copy protection is handled by the OS.
What about changing the build action for the file you want to hide to Embedded Resource, or something like that that compiles the file inside the dll/exe?
Executable program is just file, So you can append any data at you executables. (works for my c++ compiled program)
$ cat executables some_blob_data > new_executables
Since argv[0] of main() is name of your file, you can use this to acess data in this file itself (works for c or c++ and likley for other languages to)
A really simple way to do this is to use your archive tool or one of the dozens of already made installers. WinRar, WinZip and most others allow the creation of self extracting exe files. I know you've said that is not what you want but if you make sure to make it auto exec your installer app and remove all of the temporary files when you're done it really can be very fool proof and professional looking. Obviously, the various installer applications are able to do what you're wanting.
If you really want to do this yourself the easy solution is going to most likely be dependant on your IDE software and language. The generic answer is that you'll need a compression library which can accept a stream as input. Then you'll want to make your actual files into resources inside your installer app. At that point it's just a matter of telling the compression library to read from a stream which is pointed at the resource. How that is done varies greatly from language to language.
Let's say I have a file: test.txt and I save it on my harddisk.
Is there a way to determine on what (physical) spot the file is saved on the hard disk?
For example on vector 12 on track 10 of the hard disk.
I don't know if I got the terminology right of the above, but I hope you get what I mean.
I want to write of program wheer the user can point to a file and the program will find out where the file is on the HDD. Something like the old defrag (it's Windows ;) ) where it shows what parts of the disk is in use.
What is this called and can it be achieved? (I'm not looking for code (although exmaples are ok ofc), but rather whether it is possible)
P.S. The client will be Windows 7 (so think NTFS if it matters).
I'm pretty sure that doing that sort of low-level disk i/o in managed code is going to be...difficult, at best. Here's somebody that's done something like it:
http://codebrainz.ca/index.php/2010/05/23/low-level-disk-io-in-managed-net/
Anything you write to do something like this has to be hardware-dependent: unless you know what hardware you're talking to, you've got no idea how it physically stores data (e.g., a USB memory stick has neither platters, tracks nor sectors, nor does it spin. Yet, for all intents and purposes, it appears to be a disk).
Normally, you'd write some sort of device driver to accomplish this. This link
http://en.wikibooks.org/wiki/Windows_Programming/Device_Driver_Introduction
might help.
In Jeffrey Wall's WebLog you will find Defrag API C# wrappers. His GetFileMap method sems to come close to what you need.
It is possible from C++, so with a little interoping, you should be fine.
Look up FSCTL_GET_RETRIEVAL_POINTERS in the MSDN to get you started.
Not really done this before so I wanted a few pointers.
In my app, users are able to pick a folder that the application looks in when it is started to pick up some input files.
What is the best way to save this information between sessions.
the old fashion way I would have done in the past would be to have a config.ini file and read and write to that the path. However I am sure there are better ways now.
I don't want to have to write to the registary as I want a app that can be installed and uninstalled simple by copying a folder or deleating the folder.
Is there any way to save configuration settings that the uesr can update and remian constant between sessions?
Cheers
Aaron
AFAIK, the way is done now, is by writing these values to the Application.Settings file; however, that's not too different than writing to any XML file and reading it on startup. Either alternative is almost equally simple.
As Icarus said, you need a .settings file. You can specify that settings be Scoped to the User.
You can also look into using IsolatedStorage ( http://msdn.microsoft.com/en-us/library/x7dzh4ws.aspx ).
I am new to C# , i wrote one application its contain directories and some file , i dont want to edit these file from outside of the program or manually , plz tell me how to do that if u provide the code that will be very usefull.
Thx
There is no real way to protect from within the application. If you're storing these files on a file system, they will be accesible based on file system permissions. You could store information in a password protected database or something similiar in order to make it only accessible to the application.
Actually on second thought, you may be able to save these files within a resource bundle. I'm not sure if that is entirely protected though.
You can set the read only attribute. It is only a minor inconvenience to someone who wants to edit a file, but you haven't got much control over what a user does outside of your program. At least if a user clears the read only attribute and changes your file you can blame them for it.
System.IO.File.SetAttributes("path\\file", FileAttributes.ReadOnly)
Are you just reading from these files or writing to them? If you're just reading them, you might embed them as resources in your compiled output rather than keeping them as files on disk.
http://support.microsoft.com/kb/319292