Obfuscate Command Line Arguments

Question

Hello,

I know that the passed arguments are read only, but is there any process that can obfuscate a specific argument passed to an executable at runtime? For instance a password could be reviled using task manager and by adding the column view command line.

The valid passed argument can be consumed at runtime then written back or updated to hide or obfuscate an argument would be fantastic.

Any thoughts?

Thank You

Brad

Answer 1

How would that work? The argument has to be passed so the executable knows what it is. If somebody types the argument no matter whether it is encrypted or whatever then it is available for keyloggers or viruses to get.

If you figure out a method please let all businesses that store information on humans know so that hackers can no longer access any personal information on humans such as phnrs, ssn's, born date, account info, etc. You'll become a billionaire overnight if you do it correctly.

---

La vida loca

Answer 2

No, I don't believe there is any way to do that... and it doesn't really make sense.

If there is a command line argument supplied to an exe then the user entered that argument, so they know the value they entered.  There would be no reason to find it via the task manager.  If the command line arg is set in a shortcut, then simply viewing the shortcut properties would reveal the command line args.

Maybe if you provide an example of exactly what you are trying to achieve we can offer a suggestion toward a workable solution.

---

Reed Kimble - "When you do things right, people won't be sure you've done anything at all"

Answer 3

The first argument is the actual desired argument that has been encrypted, the second argument is the decrypt key for the first - I have no idea if this helps you or applies to what you are doing, it is the only thing I could think of.

How secret does this have to be ? A simple way would be the convert the command to a byte array and use the base64 representation, or make your own conversion base using a non-standard number. As was stated - if you can describe just what you want to accomplish, it would be more likely that someone could offer specific help.

Answer 4

The first argument is the actual desired argument that has been encrypted, the second argument is the decrypt key for the first - I have no idea if this helps you or applies to what you are doing, it is the only thing I could think of.

 Wouldn`t that be kind of like locking your front door as you leave the house and hanging the key on a hook right next to the door handle?    8)

---

If you say it can`t be done then i`ll try it

Answer 5

Wouldn`t that be kind of like locking your front door as you leave the house and hanging the key on a hook right next to the door handle?

Not for public key encryption.  The public key isn't enough to decrypt it - it must be used in conjunction with the recipient's private key.  A bit like locking the door and putting the key into a lockbox next to the door, when the only person with the key to that lockbox is the person you want to allow into the house.

Answer 6

without having any idea what the OP wants to accomplish or how it will be used, that is what I came up with.

Is this per user ? per machine ? is the OP planning on sending command lines to them ? How often ? is the command line always the same ? If so why have a command line. 

I think if done right, it would be more like locking your door and leaving a note that says "Steve - the key is at the starting point of first place we ever went climbing"