|
Use a shared header externing the variable in the dll. Include this in the exe, and then the linker will do the rest for you.
==============================
Nothing to say.
|
|
|
|
|
Thanks Eric,
But I don't have exe's code. See my above reply for more details.
|
|
|
|
|
you can access extern (and exported) variables in a DLL from an EXE.
you cannot access variables in an EXE from a DLL.
you could, in theory, decompile the EXE, find the references to the data you want, figure out if the data is statically or dynamically allocated, then create some mechanism to probe the EXE's memory at the right locations and times, etc.. a huge task.
|
|
|
|
|
Thanks Chris for verifying that I cannot access variables in an EXE from a DLL directly.
So I am doing the Huge task. Still I think hooking should work as it is working for few of the functions; I will try a little more before leaving hooks.
|
|
|
|
|
This is largely a waste of time as there is nothing in the executable file that would get you a reference to the location of the variables. The use of extern on a variable declaration merely tells the compiler that it exists in a different source module. Such references are then resolved by the linker but no more information about them is held in the EXE file.
Unrequited desire is character building. OriginalGriff
I'm sitting here giving you a standing ovation - Len Goodman
|
|
|
|
|
that's true.
i suppose i left out the "...in a debugger..." part.
|
|
|
|
|
What you wrote looked fine to me; I just think the OP read more into it than you intended.
Unrequited desire is character building. OriginalGriff
I'm sitting here giving you a standing ovation - Len Goodman
|
|
|
|
|
I am getting error at following line of code
ShowControlBar(&m_wndColorBar, !m_wndColorBar.IsVisible(), FALSE);
the error is
error C2664: 'CFrameWnd::ShowControlBar' : cannot convert parameter 1 from 'CMFCToolBar *' to 'CControlBar *'
I understand the error is due to m_wndColorBar is a variable of
CToolBar ,but of CMFCToolbar. Please guide me which function can I use instead of ShowControlBar
Be Happy
|
|
|
|
|
It seems m_wndColorBar is a variable of type CMFCToolBar not CToolBar. Can you check what is the base class of CMFCToolbar??. It is supposed to be a child of CToolBar. But seems it is not
|
|
|
|
|
I don't understand why I can do CryptCreateHash with CALG_MD5 no problem, but when I use CALG_DES, It fails.
I want just the Basic DES Encryption, using a pair of keys. I suspect that I have the wrong CryptAcquireContext Statement, in which I may be calling the wrong service, but I can't find any reference other than PROV_RS_FULL. I did some research and I'll swear that the DES is a member of the MS_STRONG_PROV.
My Goal is to replicate a function in asp.net to c++
bResult = CryptAcquireContextW( &hProv, 0, MS_STRONG_PROV, PROV_RSA_FULL, 0);
if(!bResult){
bResult=CryptAcquireContext(&hProv, NULL, MS_STRONG_PROV, PROV_RSA_FULL, CRYPT_NEWKEYSET);
return 0;
}
bResult = CryptCreateHash(hProv, CALG_DES, 0, 0, &hHash);
asp.net function:
Dim cryptoProvider As DESCryptoServiceProvider = New DESCryptoServiceProvider()
Dim ms As MemoryStream = New MemoryStream()
Dim cs As CryptoStream = New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), _
CryptoStreamMode.Write)
Dim sw As StreamWriter = New StreamWriter(cs)
|
|
|
|
|
Call GetLastError after using CryptCreateHash and see what the error is (and tell us). See this[^] or this[^] for error codes.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> If it doesn't matter, it's antimatter.<
|
|
|
|
|
I should of done that last night, was really tired, this is my 4th time though the program.
The code is 2148073480
2148073480 NTE_BAD_ALGID: Invalid algorithm specified.
|
|
|
|
|
Yeah, it happens... anyways, i think Richard got the right answer.
> The problem with computers is that they do what you tell them to do and not what you want them to do. <
> If it doesn't matter, it's antimatter.<
|
|
|
|
|
I just tried this and received error code 0x80090008 which means "Invalid algorithm specified", so I guess the implementation does not match the documentation.
Unrequited desire is character building. OriginalGriff
I'm sitting here giving you a standing ovation - Len Goodman
|
|
|
|
|
My brain finally caught up ...
CALG_DES is an encryption algorithm, not a hash algorithm so cannot be used in a call to CryptCreateHash() .
Unrequited desire is character building. OriginalGriff
I'm sitting here giving you a standing ovation - Len Goodman
|
|
|
|
|
These 3 are qualified to support DES
Microsoft Base Cryptographic Provider v1.0 - DES
Microsoft Strong Cryptographic Provider v2.0 - 3DES
Microsoft Enhanced Cryptographic Provider v1.0 - 3DES
The page below list DES as a member of Microsoft Enhanced Cryptographic Provider
http://msdn.microsoft.com/en-us/library/windows/desktop/aa386986%28v=vs.85%29.aspx[^]
But on running MS_ENHANCED_PROV and calling CALG_DES to CreateHash
error 3435973836
NTE_BAD_UID
I'll do some more reading and get something to match.
|
|
|
|
|
You missed something; read my comments again - carefully.
Unrequited desire is character building. OriginalGriff
I'm sitting here giving you a standing ovation - Len Goodman
|
|
|
|
|
Hi there,
What Richard is saying is that DES[^] is a block cipher encryption algorithm. The CryptCreateHash function[^] does not encrypt anything... it creates a hash of the data passed into the function.
Some wiki information about hash functions:
Cryptographic hash function[^].
If you want to use the DES algorithm then you will need to use the CryptEncrypt function[^] but there is a small learning curve when working with the Microsoft Cryptography Functions... providers, contexts, keys, key stores...
Acquiring a Cryptographic Context and Generating Keys[^]
If you are looking for a quick copy-and-paste code snippit then you might want to take a look at one of my ancient posts from the Mesozoic era: Re: decrypting question[^]
CPallini still had hair back then.
Best Wishes,
-David Delaune
|
|
|
|
|
I wrote the hash function first, and tried to reuse the parts of code to write the encryption function.
I never did understand why I still had hash stuff, but most of the documentation I could find for symmetrical ???, using key IV pair values pointed me in that direction.
So I need to start all over again with a stronger understanding of how it works.
I will read your links.
Thanks, will let you know what I cook up here on round 5.
|
|
|
|
|
You code sample is what I was looking for. I have some questions if you don't mind.
Can I replace LPCBYTE with BYTE*
I added odbcss.h, but it adds a bunch of sql server stuff that I don't need.
Would Password be my KEY_192 with 24 bytes?
So I can add my IV_192 using CreateKeyParam?
|
|
|
|
|
jkirkerx wrote: You code sample is what I was looking for.
Great.
jkirkerx wrote: Can I replace LPCBYTE with BYTE*
Yes, you could do that. LPCBYTE is a Long Pointer to a Const[^] BYTE. It is good programming practice to pass a variable as constant if you do not want the variable to be modified. You have my permission to be a rogue programmer.
jkirkerx wrote: I added odbcss.h, but it adds a bunch of sql server stuff that I don't need.
Ok.
jkirkerx wrote: Would Password be my KEY_192 with 24 bytes?
So I can add my IV_192 using CreateKeyParam?
I read C/C++ better than I read English even though it is my native language. Show me some code.
Best Wishes,
-David Delaune
|
|
|
|
|
The asp.net version of the program used a key pair. Your example is very similar to what I wrote the 4th time, except you had the Base64 piece that I needed.
So in my 4th version, I had the CryptSetKeyParam to enter the IV for the symmetric key, to complete the pair, but in all honestly, I'm not really sure how it's used, because the asp.net version feed both into a function, and the underlying functionality was hidden.
Side question, How do get the length of a BYTE* for pwlen
BYTE KEY_192[24] = {42, 16, 93, 156, 78, 4, ...
BYTE IV_192[24] = {55, 103, 246, 79, 36, ...
CryptAcquireContext(&hProv, NULL, MS_STRONG_PROV, PROV_RSA_FULL, 0);
CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash);
CryptHashData(hHash, KEY_192, pwlen would be 24, 0);
CryptDeriveKey(hProv, CALG_3DES, hHash, 0, &hKey);
CryptSetKeyParam(hKey, KP_IV, IV_192, 0);
I like the idea of a definable password, so each copy of my program can have it's own unique key.
hmm.
|
|
|
|
|
jkirkerx wrote: Your example is very similar to what I wrote the 4th time, except you had the Base64 piece that I needed.
Great.
jkirkerx wrote: Side question, How do get the length of a BYTE* for pwlen
A BYTE is an unsigned char and typically for normal NULL terminated strings you would use strlen[^] or _tcslen[^] for obtaining the length of the string excluding the NULL terminator. This would be very common for username/password/key string variables.
However... in your case you are passing a constant array of BYTE so you could use the sizeof operator[^] to get the length in bytes.
CryptHashData(hHash, KEY_192, sizeof(KEY_192), 0);
I do not see anything wrong with the CryptSetKeyParam function you have shown. Are you receiving an error here?
Best Wishes,
-David Delaune
|
|
|
|
|
I went back to what I had before I posted, and changed CALG_DES to CALG_MD5. I don't get an error, , I'm just struggling in making my buffer that passes in/out in CryptEncrypt.
I get a value back that's sort or weird. It works, but I think the size of my buffer is too large.
Rã¾Î‚ò.¢Ó`Ï<oÝV|63¾ˆWãÔZ÷(šœ(è~Ó¥¶ãòõ¬"oÌtðaÏMûÏþƒÝÌXðýýýý««««««««îþîþîþîþîþîþ
I think the end in bold is a leak somewhere, or the buffer being too large
I know I need to CryptEncrypt once to get the buffer size, and do it again for the real thing.
I did a conversion to UTF8, that I think I need to dump. I'm going to dump it, and work on the buffer sizing.
This is what I had before I posted, with the one small change. It's not bad considering I had no clue what to do, but it's all I need, with the base64 at the end of the gig.
WCHAR* CA_Encryption::_encrypt_DES( WCHAR *pzInput )
{
BOOL bResult = FALSE;
WCHAR *szOutput = NULL;
DWORD cbKey64 = sizeof(KEY_64);
HCRYPTPROV hProv;
HCRYPTHASH hHash = NULL;
HCRYPTKEY hKey = NULL;
const int DES_SIZE = 64;
static BYTE hash[DES_SIZE];
DWORD buffer_size = sizeof(hash);
DWORD buffer_length;
int iChar = WideCharToMultiByte(CP_UTF8, 0, pzInput, -1, NULL, 0, NULL, NULL);
char *szInput = new char[iChar];
WideCharToMultiByte(CP_UTF8, 0, pzInput, -1, szInput, iChar, NULL, NULL);
bResult = CryptAcquireContextW( &hProv, 0, MS_STRONG_PROV, PROV_RSA_FULL, 0);
bResult = CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash);
bResult = CryptHashData(hHash, KEY_64, sizeof(KEY_64), 0);
bResult = CryptDeriveKey(hProv, CALG_DES, hHash, 0, &hKey);
bResult = CryptSetKeyParam(hKey, KP_IV, IV_64, 0);
buffer_length = strlen((char *)szInput);
BYTE *szBuffer = new BYTE[64];
memcpy( szBuffer, (BYTE*)szInput, sizeof(szInput) );
delete [] szInput;
bResult = CryptEncrypt(hKey, 0, FALSE, 0, szBuffer, &buffer_size, buffer_length);
CryptDestroyKey(hKey);
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return szOutput;
}
This is what I'm trying to copy from asp.net
Public Shared Function Encrypt(ByVal value As String) As String
If value <> "" Then
Dim cryptoProvider As DESCryptoServiceProvider = New DESCryptoServiceProvider()
Dim ms As MemoryStream = New MemoryStream()
Dim cs As CryptoStream = New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_64, IV_64), _
CryptoStreamMode.Write)
Dim sw As StreamWriter = New StreamWriter(cs)
sw.Write(value)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)
Else
Encrypt = ""
End If
End Function
|
|
|
|
|
jkirkerx wrote: I get a value back that's sort or weird. It works, but I think the size of my buffer is too large.
Rã¾Î‚ò.¢Ó`Ï<oÝV|63¾ˆWãÔZ÷(šœ(è~Ó¥¶ãòõ¬"oÌtðaÏMûÏþƒÝÌXðýýýý««««««««îþîþîþîþîþîþ
I actually recognize those bytes.... the ýýýý are 0xFD and called Guard Bytes. This is how Visual Studio detects when you overwrite a buffer. It checks to see if they are still there.
The next bytes are: «««««««« and are created by HeapAlloc and we call them 0xAB 'No Man's Land' Guard Bytes.
The last bytes are: îþîþîþîþîþîþ are 0xFE and indicate a region of Freed Heap memory.
Think about this for 3 seconds... why do you think you see this wierdness? You see this because 'C' strings are supposed to be NULL terminated. The encrypted memory you just created has no NULL terminator so the Visual Studio debugger shows you the entire contents...
You can fix this by adding this immediately after your CryptEncrypt function call.
szBuffer[buffer_size] = 0;
This will allow Visual Studio to properly display the encrypted bytes as a NULL terminated string.
But by writing a zero there... you just overwrote 1 0xFD guard byte. So don't do it. Heh, I knew you were a rogue software engineer all along.
Btw, congratulations... this code looks like it would actually work correctly. You should probably add more error handling and clean it up a bit but looks OK.
Don't forget to sanitize your buffers with the SecureZeroMemory[^]. Otherwise EvilHacker1337 might be able to retrieve stale memory contents to retrieve sensitive data. (Looks like your key is hard-coded so its not like it would help much anyway)
Best Wishes,
-David Delaune
|
|
|
|
|