C ++ string protection using MySQL Connector

1

I did a program to check my database, and I wanted to see if the strings were protected (user password and database) and in case they are not. I decompiled the program using IDA PRO and found that the strings and information is not protected.

Issue Code

con = driver->connect("localhost", "root", "aaasd");

Image of the decompiled code.

Can you protect these strings ? Does the connector have some function to protect strings (since I did not find it)?

And what you guys from the community would recommend to me to protect my program (have I looked at some .NET obfuscators)?

I remember that in C # it protected these strings.

The program is for distribution and let's say its consumer base is not pleasant, and will probably try to decompile the program ...

    
asked by anonymous 21.01.2018 / 23:57

1 answer

2
So there is no solution (this way), if people are able to decompile (and can always fall into the hands of whoever can) they are able to decrypt something that needs a key and an algorithm running in the application. But they will not even bother checking this, just see where to decrypt and get the password flat.

The only solution is to not make the password available somewhere accessible by people. Or you should use integrated access to the operating system, or integrated with the database (someone will have to enter a password), or you have to leave the application in a place that people do not access, or you must make an accessible server application without a password and it accesses the database (of course, it will have to control access on its own.

There is no secure solution for wrong architecture.

    
22.01.2018 / 00:24