查看传递给程序的命令行参数 [英] See command line arguments being passed to a program
问题描述
你可以跳过这部分
<块引用>我正在使用我的拇指驱动器中的批处理文件,以便安装一个真正的加密卷.我在帮助下创建了那个批处理文件此链接.在那个批处理文件上我有用户名和密码我将其作为参数传递给 trueCrypt.exe 以使其成为安装.
<小时>
无论如何,我的问题是:是否有可能看到从第三方进程传递给程序的参数?换句话说,是否可以看到传递给该程序的参数:
使用系统;使用 System.Reflection;使用 System.Diagnostics;课程计划{静态字符串密码 = "";静态无效主(字符串 [] args){if (args.Length > 0)密码 = args[0];//获取这个程序所在的位置var locationOfThisExe = Assembly.GetExecutingAssembly().Location;Console.Write("按回车键启动这个程序的新实例.");Console.Read();var randomArgument = new Random().NextDouble().ToString();Process.Start(locationOfThisExe, randomArgument);//我将一个随机参数传递给一个新进程!//是否可以从另一个进程看到这些参数?}}<小时>
编辑
我正在创建一个编辑,因为我认为我对自己的解释有误,但这次编辑应该是一个解决方案而不是一个问题
我认为这个问题没有得到足够的重视.执行 https://stackoverflow.com/users/235660/alois-kraus 显示的命令:>
(我在记事本++上粘贴了输出)
在图像上它没有显示得很清楚,但我能够看到传递给该过程的参数.这对我来说很重要,因为我使用以下命令安装了真正的加密卷:
"C:\Program Files\TrueCrypt\TrueCrypt.exe"/v "a:\volume.tc"/lz/a/p a
这告诉 truecrypt 我想安装位于驱动器字母 z 上 a:\volume.tc 的卷,密码是 a
如果我执行该命令 true crypt 将在驱动器 z 上安装该卷:
问题是如果我再执行命令wmic process注意什么鞋了:
注意密码在里面!
总之,将安全信息作为参数传递是不安全的.如果您关闭接收参数的进程可能是安全的,但我认为了解这一点很重要...
如果其他具有管理权限或具有相同用户帐户的用户可以执行程序,您可以使用
查看所有命令行wmic 进程从所有进程使用这个单一的命令行.
You may skip this part
I am using a batch file that I have in my thumb drive in order to mount a true crypt volume. I created that batch file with the help of this link. on that batch file I have the username and password that I pass as arguments to trueCrypt.exe in order for it to be mounted.
Anyways so my question is: will it be possible to see the arguments being passed to a program from a third party process? In other words, will it be possible to see the arguments being passed to this program:
using System;
using System.Reflection;
using System.Diagnostics;
class Program
{
static string password = "";
static void Main(string[] args)
{
if (args.Length > 0)
password = args[0];
// get location where this program resides
var locationOfThisExe = Assembly.GetExecutingAssembly().Location;
Console.Write("Press enter to start a new instance of this program.");
Console.Read();
var randomArgument = new Random().NextDouble().ToString();
Process.Start(locationOfThisExe, randomArgument);
// I am passing a random argument to a new process!
// is it possible to see these arguments from another process?
}
}
Edit
I am creating an edit cause I think I explained my self incorrectly but this edit should be a solution instead of a question
I think this question has not received enough attention. Executing the command showed by https://stackoverflow.com/users/235660/alois-kraus shows:
(I pasted the output on notepad++)
on the image it does not show very clearly but I was able to see the argument being pass to that process. That matters a lot to me because I mount my true crypt volumes with the command:
"C:\Program Files\TrueCrypt\TrueCrypt.exe" /v "a:\volume.tc" /lz /a /p a
that tells to truecrypt that I want to mount the volume located at a:\volume.tc on drive letter z and the password is a
If I execute that command true crypt will mount that volume on drive z:
the problem is that If I then execute the command wmic process note what shoes up:
Note the password is in there!
So in summary it is not safe to pass secure information as an argument. It may be secure if you close the process that received the arguments but I think it is important to be aware of this...
If other users with administrative rights or with the same user account can execute programs you can see all command lines with
wmic process
from all processes with this single command line.
这篇关于查看传递给程序的命令行参数的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
