I have a program in C++ that stores certain files such as movies, mp3 & Flash in the AppData folder. The issue is that whilst generally hidden, the user can easily visit this folder and take any of these files.
Is there a way that the program can encrypt this folder so that it's not possible for the user to access the files (except through the software itself)?
Any other solutions (even if not related to the above) are much appreciated.
You can use your own program to encrypt a file or a folder.However you can use open source software like truecrypt.The software along with the code is available.Code is written in C,C++ and assembly
Why not simply encrypt the files and then decrypt them when they are loaded by the app. That way it does not matter if the user can access the files.
Related
I would like to take a serialized file and save it to my recourses folder in project.
My reason for doing this (maybe there's a better way) is I have a published exe (single executable file) for the program that runs and when it creates a serialized file I don't want it to save it to desktop. I need to somehow save it to my exe without going outside of it.
Any advice on how I could do this?
It's very ugly.....but you could use an "alternative data stream" on NTFS system.
http://ntfs.com/ntfs-multiple.htm
https://learn.microsoft.com/en-us/sysinternals/downloads/streams
How to read and modify NTFS Alternate Data Streams using .NET
https://blogs.msmvps.com/bsonnino/2016/11/24/alternate-data-streams-in-c/
https://oddvar.moe/2018/04/11/putting-data-in-alternate-data-streams-and-how-to-execute-it-part-2/
https://blog.foldersecurityviewer.com/ntfs-alternate-data-streams-the-good-and-the-bad/
https://www.irongeek.com/i.php?page=security/altds
You'll probably have security scanners stopping you from doing it.
In addition if you copy the from an NTFS volume to say FAT, then alternative data streams are lost.
Also some backup software may not backup ADS properly.
https://wiki.sep.de/wiki/index.php/Support_for_NTFS_alternate_data_streams_(ADS)_for_Windows
https://www.2brightsparks.com/resources/articles/ntfs-alternate-data-stream-ads.html
https://community.osr.com/discussion/89308/alternate-data-streams-and-backups
https://social.technet.microsoft.com/Forums/Azure/en-US/007d5442-1cd8-4293-b717-b8fa72606189/ntfs-data-streams-broken-by-design-on-file-copy?forum=winserverfiles
I am working on a windows form application using c#. There are some important files near my project that I do not want anyone to have access them but my application needs files.
The first solution was using DotNetZip library with password.
But when the application want to use these files the zip file must unzipped and all files copy in hard disk.
Is there a solution without direct access to the files to use them?
Or is there a solution that can be secured folders?
You could consider encrypting the passwords and not worry about people accessing it. If this does not work then you could also consider using a database to store your passwords.
I have a bit of a difficult use-case.
I have for example 20 pdf files on a CD along with a program, which is used to open these files. But I want the user, who is using the program, to be unable to open the pdf files from the filesystem. Only the program should be able to open these files (after the user has given the password to open the "archive")
I have no idea on how to start with this, hopefully somebody can give me a hint or a pointer.
Thank you guys in advance.
Encrypt the files and have the program perform the decryption. Note that this won't necessarily make it impossible for the user to open the files without your program, but will make it inconvenient.
I don't think there is a way to solve it as you have described it.
You can use the files system flag 'hidden', but many users have set their file explorer to see hidden files.
But of course you could scramble the file content (with a simple or complex encryption) or put it in a password protected zip.
You can use an external tool that encrypts the file into an exe file.
e.g.
http://www.drmsoft.com/pdf-to-exe-encrypter.asp
You can run the exe and give password from your program.
I have an application, its Name and Logo can changed directly from a TXT and a PNG file in the same directory.
I want to give the user the ability to change the Logo and Text File from another application that does the following :
Takes the Logo.png , Name.txt file paths and the directory of my Software then encrypt these two files and put them in the Directory of the Software
In the other hand. The software will Decrypt these two files and write them to Hard Disk to temp directory then use them to display the name and the logo.
I searched for the simplest and easiest way to encrypt a file and i found :
From the MSDN :
File.Encrypt():
Encrypts a file so that only the account used to encrypt the file can decrypt it.
Could someone please tell me what does it mean "only the account used to encrypt a file can decrypt it"
What about encrypting the application from Computer1 by Application1 then the file will be decrypted by Computer2 in Application2
Will the encryption work correctly ?
Edit:The purpose why I need to encrypt these two files is to avoid users from directly change the Logo and the Name of Application from the directory
This will encrypt the file, but not as you expect - and almost certainly not such that it can be decrypted by another application/user on a different computer.
The Encrypt method basically just toggles a feature of the underlying NTFS driver to encrypt the specified file on the file system itself. The nice feature is that it (typically) provides seamless file encryption for the user, but it isn't really portable encryption. It is the same as opening the file properties, clicking the advanced button and selecting the "Encrypt" checkbox.
More information on the encrypting feature of NTFS can be be found here: http://technet.microsoft.com/en-us/library/bb457116.aspx
No. You should use a proper encryption method such as those in System.Security.Cryptography namespace. There is a stream implementation for this, too, called CryptoStream, which you may wrap a FileStream with for encrypting files with.
This is related to Windows' EFS.
You can try it from Windows Explorer by right-clicking on the file, Properties, Advanced, Encrypt contents. The file data is automatically decrypted/encrypted on the fly as your app accesses it. But if another user logs in the machine and copies the file it will appear encrypted since the encryption is based on a user token.
This is may or may not be what you want and that depends on your intended use of that feature. If you don't want the user to be able to modify the data outside your app it won't be enough.
I have an application in c#.net in which I have embeded the SWF file in SWFObject from COM Object.
Now after installation, the original SWF file also available in the application root directory. So from that place(application root directory) anyone can access that file. But I want to restrict that file from being opened.
axShockwaveFlash1.Movie = Directory.GetCurrentDirectory() + "\\XYZ.swf";
I did something like this.
So how can I restrict that file in application root directory such that only from my application I can access it..??
You can embed the file into a dll or exe file and play it from there. this way it is not (as a seperate file) in the file system at all.
For details see How to embed and access resources by using Visual C#.
You could save the swf file binary data as static bytes in your code and statically load them and convert back to an swf file. The conversion might take a little while but it only occurs once as you open the program.
Edit:
But k3b's answer is better.
Permissions are based on users, not applications, so the short answer is you can't. However, you can build your own application-specific authentication pretty easily. Have your SWF require specific FlashVars to be set in order to move beyond frame 1. People can still decompile your SWF but this will at least stop most people. Another option is to try to store the data within you binary somehow and load the SWF using a byte-array, see this post for one attempt at that.