IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [c++]

The C++ programming language

C++ is a low-level programming language. It allows (but discourages) direct pointer manipulation, making it rife for security vulnerabilities.

Use this tag for questions about security that are directly related to C++, such as security analysis of C code and exploiting badly-written C++ code. Do not use this tag just because you're writing a program in C++, only if C++ is directly relevant to the question. Questions about programming in C++ are off-topic here, but can be asked on Stack Overflow.

103 questions
0
votes
1 answer

Is there a solution for runing processes in encrypted mode on runtime?

Is there any solution for securely running encrypted processes on an untrusted machine over the WAN? In public clouding, you can split your processes and send process request over the WAN, but you can not detect whether machine who wants to run your…
X-Virus
  • 1
0
votes
2 answers

Is this hash function safe?

Below is the hash function implementation of the roguewave library. It returns a 32 bit hash. The core operation is A = B ^ ((C << 5) | (C >> 27)). Is this hash safe to use as a password check or is it possible to retrieve all used B's by reversing…
Jasper
  • 3
  • 1
0
votes
2 answers

Programming languages for security?

I am a computer science student interested in the field of security and just had a few questions. What are the pros and cons for using C# for security purposes, I had assumed applications programmed in C# would be more prone to hacking etc. than C++…
Rav
  • 3
  • 3
0
votes
2 answers

Anti Virus Intergration

we have found an issue with some production systems that the Anti-Virus causes the program to become slow a lot of the times and generally interferes with the activity of our software. Now as far as I know, this is exactly what the anti-virus is…
qballer
  • 103
  • 4
0
votes
0 answers

Need a cross-platform method of generating near truly random numbers

I have been working on an app that uses a combination of different encryption methods; some of them are libraries, and the most important ones are my own implementations. The app is cross-platform that are compiled natively on desktop (Linux,…
mike yang yang
  • 1
  • 1
0
votes
0 answers

Using someone else's SSL certificate

As far as I know, the SSL certificate is public and anyone can read it. Is it possible in this case, for example, when someone, having copied the SSL certificate of my bank for himself, will be able to deceive me, acting as an man in the middle?
John
  • 9
  • 2
0
votes
0 answers

C# Hello World program detected as virus

I just wrote and compiled a Hello World program in C# (I'm using Visual Studio 2022) and when I sent the file to VirusTotal, 1 antivirus program detected the exe as unsafe (VirusTotal results of C# Hello World Program). When I rewrote the same…
Furkan125
  • 1
0
votes
1 answer

C++: How does format string vulnerability work?

Lets say that: char name[50]="TEST"; printf("%s",name); Here in the code, the %s just says that the variable is a string. But why when we print out user inputs, the %s suddenly change meaning? What's the difference between the user inputting %s and…
Mysterious Shadow
  • 87
  • 2
0
votes
0 answers

How to read output of a Reflective DLL?

Reflective DLL Injection is one of the most interesting and best techniques to run custom code in memory. I've been learning about it a lot, I've learned how to pass in inputs, But I can't figure out how to read in the output? I'm using C++. The…
Lynx
  • 1
0
votes
1 answer

Issue with openssl base64 decode function while decoding jwt payload

I have the below openssl code to decode json content. It works fine if the encoded data is eyJ0ZXN0MSI6eyJ2YWwyIjotOTEuNiwidmFsMyI6NDAuMTIzNH19 but it does not work if the encoded data is eyJ0ZXN0MSI6eyJsYXRpdHVkZSI6LTkxLjYsInZhbDMiOjQwfX0 It's not…
Scarlet
  • 11
  • 1
0
votes
0 answers

Does running a sensitive application in tmpfs provides enough protection against application theft in my use case?

I am thinking of running my C++ Linux application via a mounted tmpfs. The idea is to have application client running in the embedded Linux platform and download the main application from a secure server into tmpfs with its necessary files and…
Paul
  • 101
0
votes
3 answers

Prevent finding key in C++ application binary

I need to store a key (symmetric-key cryptography) within my C++ application binary (based on OpenCV) so that the key as unidentifiable as possible. Can someone help me choose the key so that is secure and it will be difficult for an attacker to…
Kozuch
  • 209
  • 1
  • 7
0
votes
1 answer

Is it secure to store my mysql password in a const std::string?

I am implementing a C++ server with a mariadb backend. I have to access my database and I do so using the mariadbpp (its c++ connector). Though I can use mysql_config_editor and store the passwords in an (encrypted) .cnf file, mariadbpp's API needs…
Hemil
  • 105
  • 5
0
votes
2 answers

How to hide a process in Windows?

Is there a way to make a process hidden without using any Administrator-level priviledges? I am building an antivirus which I want to protect from malware's actions, such as ending the process, or even detecting it. BTW, the targeted operating…
user96931
  • 103
  • 4
0
votes
1 answer

Does hashing a file consider its digital signature as well?

I have a signed (using Windows signtool) executable which is hashed by SHA1 algorithm and encrypted using RSA. Now I like to verify the executable to avoid security vulnerabilities. For that I have an idea to get the hashing algorithm from the…
Kethiri Sundar
  • 147
  • 5
1 2 3 4 5
6
7