hi,
i have a security problem. I have to store userID and password of the database server in program code.
With using Ildasm :
IL_0024: ldstr "ResAdmin" -- OMG
IL_0029: callvirt instance void [System.Data]System.Data.SqlClient.SqlConnectionStringBuilder::set_UserID(string)
IL_002e: ldloc.0
IL_002f: ldstr "ResAdmin@123" -- :p
IL_0034: callvirt instance void [System.Data]System.Data.SqlClient.SqlConnectionStringBuilder::set_Password(string)
i reassembled code using /owner option, but i dont think thats enough. is there any way to encrypt userID and pass
thanx.
Gokhan Berberoglu.
Storing UserID and Password
nestlequ1k
Hi Gokhan
Although you say: "...have to store... in code" I would suggest you stored username and password in a .config file. This elliminates the "reassembly" issue and enables re-configuration.
If you still needs to "hardcode" the values, you might consider using af method to build/construct the values. Provided a good deal of creativity and fantasy when developing these methods, might provide you with some less readable IL-code.
Hope this helps
Jakob Eskar