Answer the question
In order to leave comments, you need to log in
M
M
Mercury132021-11-16 19:00:59
Mercury13, 2021-11-16 19:00:59
Can we determine which program is at the other end of the named pipe?
General task: there is a privileged 32-bit program that works as a proxy for one of the accounting systems. It is necessary to check who has access to "her body."
We sorted out the communication of two programs via the console more than a year ago, I checked who was calling the program.
They began to live on, expand the program - now it can be run in service mode, communicating with it through a named pipe!
But the issue of data security remains.
Actually, the question is: is it possible to determine which program is at the other end of the pipe, in order to later check its signature?
1 answer(s)
@rPman
R
rPman, 2021-11-16 @rPman
windows pipes can use windows authentication, i.e. Only authorized users have access to the pipe (by default, all authorized users, if I remember correctly).
Your proxy must be augmented to create a security descriptor for the pipes being created, everyone who tries to open this pipe, for example, must be users of the groups specified in the descriptor
Similar questions
V
I
R
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question