Recently, when writing software, I came up with an idea, if I run a program .exe well protected, but if the dll is not protected, my application will use the dll file, will others debug my program through the dll file?
Today, let's write a special program to test it, let's use the application to call a method in the dll, as follows:
The code is simple:
dll code:
App Code:
Then, I create a new project, create a new class library, and copy the same type and cs file, as follows:
Let's replace the generated dll with the following figure:
The program successfully calls the dll method we forged, how can we prevent the dll we generated from being forged?
I thought of a simple idea, add a resource file to the application, fill in the dll file to be loaded, and the md5 value of the file, the entry point of the program run, and first check the md5 value of the dll that needs to be loaded
If the MD5 value of the DLL file is inconsistent with the MD5 value of the file in the resource list, it means that the DLL file has been forged or maliciously tampered with. It has not been practiced, it is logically feasible!
|
Posted on 10/19/2017 5:14:49 PM
|
|
|
|
