IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [c++]

The C++ programming language

C++ is a low-level programming language. It allows (but discourages) direct pointer manipulation, making it rife for security vulnerabilities.

Use this tag for questions about security that are directly related to C++, such as security analysis of C code and exploiting badly-written C++ code. Do not use this tag just because you're writing a program in C++, only if C++ is directly relevant to the question. Questions about programming in C++ are off-topic here, but can be asked on Stack Overflow.

103 questions
4
votes
2 answers

C++ binary obfuscation: how to get around license checks being a simple if/then branches?

I'm looking into binary obfuscation for an exectuable binary written in C++. I realize preventing cracks is impossible, but making it slightly harder would be nice. No matter how complex the actual license scheme is, I can't think of a way to…
Tyson
  • 143
  • 3
4
votes
1 answer

What do you search for in Open Source code to be sure there isn't malicious code?

I realize the answers will be language specific, but I am curious what terms you would look for when checking something out on Github? I was looking for a remote administration tool that I could use with clients, and found some awesome ones, that…
Alan
  • 141
  • 1
  • 3
4
votes
1 answer

strstr and fopen, is there a bypass?

I have a binary that does this: if (strstr(USERCONTROLLERSTRING, "..")) exit; fopen(CurrentPath+"\\Data\\"+USERCONTROLLEDSTRING, "r"); then spits out all the content of the file. Is there any obvious vulnerability here? Its a Windows service, it…
JohnDoes
  • 193
  • 6
4
votes
2 answers

Can 4 single quotes still be escaped producing a sql injection on sql server?

I found a simple breakout in a where clause in one of our projects where the code is so old that they claim they can't use parameters to communicate with ms SQL server. It's written in C++, I can't read this language and I'm not able to access the…
Samyne
  • 41
  • 5
4
votes
1 answer

How does using unsigned integers protect against integer overflow attacks?

In order to avoid problems with integer overflow in C or C++, some people have suggested to use unsigned integers. How can this protect against possible overflow attacks? Doesn't an unsigned integer still eventually overflow when incremented beyond…
Fumerian Gaming
  • 163
  • 1
  • 7
4
votes
5 answers

What are attackers trying to achieve when doing attacks on local programs such as buffer overflows?

In attacks on programs, such as stack buffer overflows, what is the objective of the attacker? I’m having trouble learning the technical details of the attack (such as overwriting the function’s return address) because it’s not clear what such…
Celeritas
  • 10,039
  • 22
  • 77
  • 144
3
votes
3 answers

C++ memset() memory overflow

I am new to C++. Can any C++ expert tell me would this causing buffer overflow? Sample Code: MyObject op; memset(&op, 0, sizeof(MyObject)); On my view it is ok to be this since the limit is the size of the object type itself but there is a security…
overshadow
  • 351
  • 3
  • 5
  • 17
3
votes
2 answers

How to programatically verify a file signature?

I have a dll file signed with my private key, here is the signature info in Windows Explorer: Now, using the public key found in the certificate, how can I verify the integrity of the file? I am shipping the exe to the client and need the exe to…
Kethiri Sundar
  • 147
  • 5
3
votes
2 answers

Client-Server Authentication Security Issue

This is a repost, because i accidentialy posted on stackoverflow first I was wondering how i could achieve a high security level, using Client-Server Authentication. Below is a rough draft of what i thought about: Let me explain it a bit more: The…
ZZ_James
  • 33
  • 5
3
votes
1 answer

How can I check my program for vulnerabilities over TCP?

I made a program which runs constantly on a linux server (Program A). I also created another program which acts as user interface for A (Program B). A listens for incoming connections over TCP. After B connects to A and authenticated itself by using…
Bobface
  • 175
  • 5
3
votes
2 answers

How does malware load a dll from memory

I am trying to understand how malware loads a dll from memory, like from a resource section. I am seeing codes all over google but i cant find sort of a pseudocode like in simple english that can explain the process. I understand c++ and pe file…
jammy47
  • 43
  • 1
  • 6
3
votes
0 answers

Are there any C++ STL alternatives which is bulletproof against timing attack?

Just out of curiosity, I wonder if there are any packages of popular algorithm/data structures which are secure against timing attack. I think GNU libstdc++ std::string::compare(), std::unordered_map (which employs open addressing) and so on are all…
nodakai
  • 131
  • 3
3
votes
2 answers

when defining constants, is #define more secure than static const?

I want to have some constant values in my program, for example, I have a constant value TimeLimit in a header which is commonly used in other classes, but I don't know if #define TimeLimit 30 is more secure than static const int…
ggrr
  • 145
  • 3
2
votes
2 answers

How do I make a working example of a "Dangling Pointers" exploit? (or where do I find it online)

I was recently reading about buffer overflows and dangling pointers. I read "Smashing the stack for fun and Profit " by Aleph1 and that paper was really clear and concise in explaination. On the contrary when I search for dangling pointers, I get…
Pervy Sage
  • 467
  • 2
  • 6
  • 13
2
votes
2 answers

Can unencrypted keys & logins be kept out of program memory?

No matter what technique is used to store encryption keys & logins, it seems that all roads lead back to program memory (as far as I know), as an unencrypted version of the keys & logins will be stored there to perform encryption and logging in, and…
user24408
1
2
3 4 5 6 7