Is it possible to access Windows memory

TheMSsForum.com: The Microsoft Software Forum

We are developing and application which keeps in the memory in clean
state some security information - such as passwords, etc. My question
is: is it possible in Windows OS to get this secure information using
some programs etc.

I have played DOS hit'n'run games a long time ago and it was possible
to increase you life by such cheating programs which were accessing
memory of the game and changing some of the values.
Top

Re: Is it possible to access Windows memory by Roger

Roger
Thu Mar 30 09:21:47 CST 2006

Perhaps you could benefit by reading some of the MSDN documentation
about the new NetFx v2 class for SecureString - what it does, how it
should be used, and to the point of your post, why it now exists.
If you are keeping the data in memory in the clear, then it is likely also
ending up on disk in the pagefile pages, so it is potentially accessible
in two places by process with the right credentials.

<cvetomir.todorov@gmail.com> wrote in message
news:1143708740.963850.65890@i40g2000cwc.googlegroups.com...
> We are developing and application which keeps in the memory in clean
> state some security information - such as passwords, etc. My question
> is: is it possible in Windows OS to get this secure information using
> some programs etc.
>
> I have played DOS hit'n'run games a long time ago and it was possible
> to increase you life by such cheating programs which were accessing
> memory of the game and changing some of the values.
>


Top

Re: Is it possible to access Windows memory by Joe

Joe
Thu Apr 06 17:20:45 CDT 2006

I wouldn't really recommend holding them in memory long term, I would pull them
in from a secured file for short periods of time as needed (and use
SecureZeroMemory to clear) or store the one way hashed versions of the passwords
in memory. As Roger indicated, sitting in memory they could be paged and
anything in memory could be "tapped" in various ways with debuggers or code
injection.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



cvetomir.todorov@gmail.com wrote:
> We are developing and application which keeps in the memory in clean
> state some security information - such as passwords, etc. My question
> is: is it possible in Windows OS to get this secure information using
> some programs etc.
>
> I have played DOS hit'n'run games a long time ago and it was possible
> to increase you life by such cheating programs which were accessing
> memory of the game and changing some of the values.
>
Top

Re: Is it possible to access Windows memory by alun

alun
Sun Apr 09 16:12:27 CDT 2006

In article <#SKZu2AVGHA.6084@TK2MSFTNGP14.phx.gbl>, "Roger Abell [MVP]"
<mvpNoSpam@asu.edu> wrote:
>Perhaps you could benefit by reading some of the MSDN documentation
>about the new NetFx v2 class for SecureString - what it does, how it
>should be used, and to the point of your post, why it now exists.
>If you are keeping the data in memory in the clear, then it is likely also
>ending up on disk in the pagefile pages, so it is potentially accessible
>in two places by process with the right credentials.

Sadly, of course, the SecureString has to be turned into a decrypted string
for most 'interesting' operations. You need to be very careful in how and
where you decrypt it to get out the secured information.

I couldn't immediately find any documentation on how to resolve that issue.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
23921 57th Ave SE | alun@wftpd.com.
Washington WA 98072-8661 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(425)807-1787 | Try our NEW client software, WFTPD Explorer.
Top