1

I have many .exe files stored on IIS server (MSSQL) that contain reports and access to the file(s) on the servers . (These files will be change on Sundays .)

After connecting to the SQL Server and choosing an .exe file , I am Downloading(Select in SQL) , Now I have an array of bytes that assigned to a variable . I cant creating a temporary file like "temp.exe" in an unknown directory because I know there are many ways to understand a new created file directory and ...

It is not secure because my users are professional and if one of them know these ways ...

So , I want know is it possible to run an .exe file from an array of bytes (as default as running from "Windows Explorer") without creating a temporay file ?!

tnx update : Exe files are .net and Manager will be upload new files or change files .

Sinaw
  • 61
  • 2
  • 9
  • 1
    That's not secure either. This article has what you ask for though: http://www.codeproject.com/Articles/13897/Load-an-EXE-File-and-Run-It-from-Memory You could have found this easily enough with a websearch, just as I did – David Heffernan Jun 04 '14 at 09:09
  • 1
    Please write more on the "... there are many ways to understand a new created file directory..." part. It is just unclear what you are asking, seems you mixed some of your thoughts in which have not much to do with the question. – Mare Infinitus Jun 04 '14 at 09:13
  • @DavidHeffernan: That will not work for native executables though. – Mårten Wikström Jun 04 '14 at 09:14
  • @DavidHeffernan :thank u for read but I think nobody can reflect this file . because after closing this file , all of things will be lost . – Sinaw Jun 04 '14 at 09:14
  • @MårtenWikström Correct. My assumption is that we are talking about managed executables. For unmanaged executables running from memory is not supported, although possible using unsupported undocumented mechanisms. – David Heffernan Jun 04 '14 at 09:16
  • @user3706205 Once the file is in memory, reflecting it will be easy. If the user has access to the machine to read a file, they can also read the byte array that you send down the wire. Your attempt at security gives you complexity with no extra security. That's a terrible trade off. – David Heffernan Jun 04 '14 at 09:18

3 Answers3

1

Be warned that your belief of any extra security is illusory. If the user has access to the machine to read files, they will also be able to read the memory of your process.

However, to answer your question, what you are asking to do is simple enough and described here: Load an EXE File and Run It from Memory.

In essence you do the following:

  1. Pass your byte array to Assembly.Load to create a new Assembly.
  2. Read the entry point of that assembly using the EntryPoint property.
  3. Create an instance using Assembly.CreateInstance, and invoke the method on that instance.

The code looks like this:

Assembly a = Assembly.Load(bytes);
MethodInfo method = a.EntryPoint;
if (method != null)
    method.Invoke(a.CreateInstance(method.Name), null);
David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
0

Doesn't sound safe either way, why are you storing exécutables in a db to begin with? Who uploads them? Wether they're on the filesystem or not they're just as dangerous if malicious.

Are those .net exes? If so you could load the assembly into a child appdomain with security restrictions and i'm pretty sure you can do that without copying to disk.

For regular native exe i don't think it's possible to just launch an exe without a physical file backing it (even in the task manager you can see the path from which a program was launched)

Ronan Thibaudau
  • 3,413
  • 3
  • 29
  • 78
0

There are two different concerns for security here:

  1. That someone can see the file that you've downloaded from the database.
  2. That executing the file might be a security threat.

For the first concern: Create a directory on the server and restrict access to that directory so that no one but the user account that runs your server program can see/use it. Save the byte array into a temporary file in that directory, execute it, and once the process has completed, delete the temporary file.

For the second concern: You'll need to run that executable in a sandboxed environment. In .NET you can run code in a sandboxed environment by loading the code into a separate AppDomain that you've setup to only have partial trust. How to do that deserves another question on SO though.

Mårten Wikström
  • 11,074
  • 5
  • 47
  • 87