0

I have a Windows application which is accessed through Once Click installer. I installed the Windows application through Once Click installer. If we open the installed exe file in Windows Notepad, all the inline SQL queries are shown in the notepad. But other details are shown in encrypted format.

The inline SQL queries should not be displayed in Notepad. Is there any other way to solve it other than converting the inline queries to SP?

sleske
  • 81,358
  • 34
  • 189
  • 227
user3859666
  • 279
  • 1
  • 10
  • 24
  • 3
    Since, apparently, the application can *execute* arbitrary SQL queries directly, you're so far away from anything secure that it seems pointless to worry that someone might be able to get a head start by reading some of the existing queries that the application uses. – Damien_The_Unbeliever Aug 13 '14 at 09:56
  • You'll probably want to have a read about ofuscation and decompilation as well: http://stackoverflow.com/questions/265295/net-decompilation-how-easy-is-it – Matthew Steeples Aug 13 '14 at 10:10
  • @Damien_The_Unbeliever - Actually it is the issue reported by security team as a Sensitive information in the notepad. So need to fix it. – user3859666 Aug 13 '14 at 10:23
  • @MatthewSteeples - I encrypted the exe by obfuscation tool. It works. But the problem is it is once click installer. I can't go to each user get the exe and encrypt each exe. – user3859666 Aug 13 '14 at 10:26
  • 1
    So, you're not interested in security, just the appearance of security, based on whatever shoddy methodology the "security" team are using to assess it. – Damien_The_Unbeliever Aug 13 '14 at 13:40

1 Answers1

0

Using the Crypto Obfuscator tool solves the problem for me.

user3859666
  • 279
  • 1
  • 10
  • 24