当前位置:网站首页>Hide program command line arguments, such as entering passwords and other high-risk operations

Hide program command line arguments, such as entering passwords and other high-risk operations

2021-01-23 18:45:49 itread01

[toc]## Preface > It's very convenient to start programs with command line arguments , Simplify the configuration , But enter the user name, password and other operations , It's not safe to see the password directly through the program viewer .> Therefore, it is necessary to study how to hide some fields in command line arguments , Of course, making configuration files is also excellent , But there's no doubt that it adds extra operations to the program . There's something wrong with editing, storing, and configuring files .> I found some solutions on the Internet , And sum up a plan , Take notes .## Copy argv Arguments > The program is only in Linux Under the C The verification in the language is successful , Because window It's all win32api Get command line arguments , But I didn't set this , Estimate window This kind of operation is not supported .> The solution is to run the program with argv Content modification , Here's the original code , For reference only .```c#include #include #include int main(int argc,char *argv[]) { int i,j; for (i=1;i=0;j--) { argv[i][j] = 'x'; } } getchar(); return 0;}```> As shown in the figure below , Command line arguments are hidden . Normal program , You can argv Copy to memory variable , And then immediately copy argv, In this case, you can use the command line arguments normally , You can also hide arguments .![](https://img2020.cnblogs.com/blog/2135498/202101/2135498-20210123115849288-1952463546.jpg)## Get standard input > notice C Language hidden arguments are so simple , But I am window Next validation C Language failed , Execute `wmic process where caption="a.exe" get caption,commandline /value` Or the command-line arguments can still be seen .![](https://img2020.cnblogs.com/blog/2135498/202101/2135498-20210123120225039-1765370530.jpg)> So I thought of reading standard input to get program pass arguments , But you need to type in arguments after you run the program , But use echo It can solve the problem perfectly .> In view of C Language has not been used for a long time , Or use it go Let's write an example program in English . By the way go Get command line argument source code , I can't change the value , Include window and Linux.> As shown below , Use go Of flag Library gets a line of standard input , Used to parse command line arguments , The original code is as follows :```gopackage mainimport ( "bufio" "flag" "fmt" "os" "strings" "time")func main() { fs := flag.NewFlagSet(os.Args[0], flag.ExitOnError) s := fs.String("s", "", "string") i := fs.Int("i", 123, "int") argv, _ := bufio.NewReader(os.Stdin).ReadString('\n') fs.Parse(strings.Fields(argv)) fmt.Println(*s, *i) time.Sleep(time.Minute)}```> stay Linux Next test :![](https://img2020.cnblogs.com/blog/2135498/202101/2135498-20210123120934595-1955677707.png)> stay window Next test :![](https://img2020.cnblogs.com/blog/2135498/202101/2135498-20210123121312982-1845679716.png)## Summary > Run the program safely , Hiding command line arguments is important in some scenarios , So I studied it , It's not as hard to find as I thought .> It should be noted that , For commands that record command line history Linux, Use echo It's not safe . But you can also enter command line arguments after running the program , It's just more trouble .> In short, the most secure thing is to make a password file , By reading the password file , As long as others don't have the password file , Or encrypt the password file .> Encryption and cracking are always relative , There is no absolutely safe solution , Only relatively safe

版权声明
本文为[itread01]所创,转载请带上原文链接,感谢
https://chowdera.com/2021/01/20210123184315040k.html

随机推荐