WMI & ETW Question regarding the CLP of a process
- From: iLLiCiT@xxxxxxxxxxx
- Date: Wed, 24 Dec 2008 02:39:58 -0800 (PST)
Hi to all,
I'm developing software for a company that has some public computers.
One software calls from command line some 3rd party software with
sensitive command line parameters (like username & Password).
I've recently discovered that anyone with access to the computer
(public computer), could either run SysInternal's Process Monitor or a
simple query to the Win32_Process Class @ WMI and get in plain text
the command line parameters of the executed process.
Since the executed process is a 3rd party application, changes to the
way the application get the credentials are not applicable.
And the questions are: How can i either:
a) Hide the application's command line parameters
b) Delete an entry from WMI
c) Detect if an application has hooked the Event Trace for Windows
(ETW)
or d) find any other way to protect the command line parameters passed
to the 3rd party applications.
I am searching for a solution regardless the programming language it
would be on
Thank you in advance
.
- Prev by Date: create shortcut to dial-up connection
- Next by Date: WMI & ETW Question regarding the CLP of a process
- Previous by thread: create shortcut to dial-up connection
- Next by thread: WMI & ETW Question regarding the CLP of a process
- Index(es):
Relevant Pages
|
