开发者

is it safe to call "plink.exe" in an application

开发者 https://www.devze.com 2022-12-27 07:59 出处:网络
i want to use \"plink.exe -u username -pw securepassword\" on my windows visual c++ program. will username and password remain safe while c开发者_开发问答alling this command? I mean can a hacker steal

i want to use "plink.exe -u username -pw securepassword" on my windows visual c++ program. will username and password remain safe while c开发者_开发问答alling this command? I mean can a hacker steal or sniff the username and password? (consider hacker can't get to the password directly from the exe file)


Use SSH Keys so your program does not have to use a password directly. Even if the hacker can sniff the username, a strong password should prevent an attack.


If I had access to plink.exe (presumably running on the local box) then I could replace it with a Trojan version that logged your user/pass - but still otherwise worked as normal. Its potentially a bad idea, but then again, if I have access to the box then all bets are off.


Does the hacker somehow have access to memory but not the executable? He could certainly pull it from memory, but it's hard to know what security problems you're facing without knowing the actual situation

0

精彩评论

暂无评论...
验证码 换一张
取 消