Jump to content
Mark Williams

ShellExecute and passing of password

Recommended Posts

I would like to shellexecute one app from another. Both apps require username and password. I would like to be able to pass the password securely from one app to the other.

 

Obviously, command-line parameters are out and I would imaging a memory mapped file will also not be secure.

 

Is there any relatively simple and secure way of achieving this.

Share this post


Link to post

You probably need to decide what you want to be secure from. As it stands it's probably impossible to give you specific advice. 

  • Like 2

Share this post


Link to post

Consider using pipes, I believe they're a bit harder to sniff than command-line params. Of course you'll need full-featured CreateProcess for this. Or you may encrypt your data and send it via any channel. You can even implement full TLS handshake.

  • Like 1

Share this post


Link to post

Afaik ShellExecute returns nothing, it does not even confirm if the command line was executed or not. By sticking to it you have no other options but command line parameters, best case scenario is to encrypt the password and decrypt it from the second app. You can check the running processes after ShellExecute and grab it's handle for data transfer but this introduces a lot of unnecessary checks, like timeout (don't wait for the second process until you can find it, what if it did not even launch), did it already initialize and ready to accept data?

 

If you use CreateProcess and map the stdin and stdout, you can make your first application to "type in" the user name and password to the second one and read back the output to verify if authentication was successful.

 

However if both applications are written and managed by you, move the worker method to a .DLL and make the first and the second application to load and use it. You also have to validate the legitimacy of the library, though. Or to a helper unit, and do not even include a secondary file.

 

However, external files will always pose a major security risk, especially if they need to share sensitive information. It's really easy to put a malicious .EXE file in place of yours (even if it's running) just to steal the credentials.

  • Like 1

Share this post


Link to post

An encrypted password on the command line, decrypted by the second app, may not help security very much; if an attacker sees it in the command-line of the second process, they can send the same password later to the second process.  Seeding the encryption and decryption with for example the current process ID makes this exploit harder, but not impossible.  Everything suggested here has to be interpreted in the light of how secure you actually need all this to be, which we do not know.

Share this post


Link to post

Sure, every security measures should be estimated from the point of what you want to achieve and what skill level of a hacker you want to withstand. In general, every local solution is hackable by design; and not every solution with remote server is non-hackable.

Edited by Fr0sT.Brutal

Share this post


Link to post

Thanks again. I have decided to go down a different route altoghether and instead of having separate apps, house them all within the same app.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×