Process Explorer sees my public string constants

Hi to all,

Have any of you tried running your vb6 programs and then use Process Explorer by Sysinternals/microsoft (they acquired it) to view any information about your running vb6 program?

Maybe this is no big deal, but I have noticed that the values of my public/private variables and constants does appear in the Strings Tab of the Properties window of you application.

-> Select your program in Process Explorer -> Right click and select Properties -> The properties window will appear and then click the Strings tab, you will notice that some of the variables, mainly the constants that you have used in your vb6 program appears on that tab. I am refering to the string constants in my program, which I have declared public whether it will be on a form or a code module.

Is it possible that someone can have an idea on what information/data you have in your vb6 program just by using Process Explorer?

Why is this so?

Process Explorer is really one heck of a program. :D


Many thanks.

If you dont want your strings to be visible, then you would need to compress your final .exe with something like PECompact.. or UPX...

This not only does it make your final .exe a smaller size but also in a way encrypts your strings... so that programs like Process Explorer cant read from them.

You would probably be better off putting proper encryption in that only your program can decrypt

If you dont want your strings to be visible, then you would need to compress your final .exe with something like PECompact.. or UPX...

This not only does it make your final .exe a smaller size but also in a way encrypts your strings... so that programs like Process Explorer cant read from them.
That will not work. Strings are still visible if you change Process Explorer's view (from 'Image') to 'Memory'.

Thanks

So how does one deal with this dilemma? :D

I agree with 'the master'. Perhaps just store the strings encrypted in a resource file. Once the strings are decrypted, they should be destroyed after use, just to give the best illusion that nobody can see them. At least they would be safe from Process Explorer users, if that is the extent of your goal.

I guess if someone really wanted to get at your data then they still could. Im not sure on the exact workings of the process explorer but i know other things could get your data. You can encrypt it to stop people reading it but as soon as your app decodes it then you have the plain text version sat in memory where someone could read it.

Storing encrypted strings would definately slow someone down and if your app decrypts the string, uses it then instantly removes it from memory then its still possible to get it but its a lot harder. I think this is what Cerian Knight was saying. It would give the illusion that you cant see them because they appear and dissapear so quick and once they are gone theres nowhere to read them from

But, because of this, you should never store sensitive data (passwords, etc.) as constants in your app. They are NOT safe.