Databases
StackOverflow2013
Postsdbo
POWhat can be read from memory in a C# application
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POWhat can be read from memory in a C# application
    primarykey
    data
    text
    <p>I know that any application running (whether it is built with C#, C, C++, Java, etc) will have elements exposed in memory. I'm curious as to how to control what and how it is exposed in memory?</p> <p>I'm curious because I know that many games get hacked or modified by a user viewing the contents in memory of the game and altering them. I just want to know more details around how this works. I know special programs must be used to even dive into the memory and there are conversions and stuff that must happen for it to even be some what readable.</p> <p>Let's take a extremely simple example and I'll ask some questions about it.</p> <pre><code>using System.Security; static class Program2 { private static SecureString fSecureString; public static string fPublicString = "Test123"; private static string fPrivateString = "321tesT"; static void Main2() { } } class TestClass { private string fInstancedPrivateString; public TestClass() { fInstancedPrivateString = "InstancedSet"; } private string DoSomething() { return fInstancedPrivateString.ToLower(); } } </code></pre> <p>}</p> <p>Given the code above, I imagine that fPublicString is pretty visible to see. What elements can someone reading memory see? Can they read the variable name or do they just see an memory address and an assigned value (Test123). What about Functions like DoSomething that are inside an instanced class? Can someone see that in memory and write malicious code to execute it at their will?</p> <p>I'm just curious as to how much of this I need to keep in mind while writing applications (or games). I understand the general idea of the accessor properties (public/private/etc) and their relation to other code having visibility to it, but I'm curious if they have any bearing on how it is represented in memory.</p> <p>My final question will be very specific: EverQuest (game) has a hack called MacroQuest which from my understanding reads memory by having the proper offsets and can then execute code from the EQ client side or simply change values stored in memory for the client. How did EQ get this so wrong? Was it poor programming on their end? A technology limitation that is sort of resolved now? Or can this technically be done with virtually every piece of software that is written with the right amount of knowledge?</p> <p>Over all I guess I could probably use a good tutorial, article, or book that provides some details on how code looks in memory etc.</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USTada
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POWhat can be read from memory in a C# application
      1. USSen Jacob
      1. VTFavorite
    2. VO
      singulars
      1. POWhat can be read from memory in a C# application
      1. This table or related slice is empty.
      1. VTClose
    3. VO
      singulars
      1. POWhat can be read from memory in a C# application
      1. This table or related slice is empty.
      1. VTDownMod
    1. COAs soon as someone runs your program on their local computer, they can view what is in the memory. There isn't a way to stop that. You can make it more difficult using certain techniques, but it will never be impossible.
      singulars
      1. POWhat can be read from memory in a C# application
      1. USMiddas
    2. COAs for the EQ hack, most apps -- particularly ones written in C or C++ -- have this vulnerability to some degree, because any variable that's not a local has its address, or at least the address of a pointer to it, somewhat fixed at link time. It's a bit harder in interpreted languages (and on VM'ish platforms like Java and .net) because the addresses can more easily vary, and can be changed basically at the runtime's whim. But there's still a table of objects in there somewhere, and the ID (read: location) of the object you're looking for isn't quite random.
      singulars
      1. POWhat can be read from memory in a C# application
      1. UScHao
    3. COThanks for the quick comments. @cHao, are you saying that the more local variables I use and the less global variables the better?
      singulars
      1. POWhat can be read from memory in a C# application
      1. USTada
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload