Hello,
In today's post i'm giving a good (and simple) anti-hacking tool which allow your application to CHECK for any changes in the Windows HOSTS file.
So, the operation is simple:
Just read the hosts file content, and validate that your site DNS is not included in the list.
[basiclly, check if hosts file contains your dns name]
if so, the user probably is trying to bypass your server so you can stop him from doing so.
The code:
Note:
Although reading the HOSTS file is allowed to all user, do not try to edit the HOSTS file, because on Vista & Windows7 this operation is allowed only for administrators. if your application is NOT running as Admin, then you won't have permission for this (and an Exception will be thrown).
Best regard,
MDB-Blog
In today's post i'm giving a good (and simple) anti-hacking tool which allow your application to CHECK for any changes in the Windows HOSTS file.
So, the operation is simple:
Just read the hosts file content, and validate that your site DNS is not included in the list.
[basiclly, check if hosts file contains your dns name]
if so, the user probably is trying to bypass your server so you can stop him from doing so.
The code:
static bool IsDnsByPassed(string p_dnsName)
{
string path = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.System), @"drivers\etc\hosts");
string hostsText = File.ReadAllText(path);
return hostsText.ToLower().Contains(p_dnsName.ToLower());
}
{
string path = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.System), @"drivers\etc\hosts");
string hostsText = File.ReadAllText(path);
return hostsText.ToLower().Contains(p_dnsName.ToLower());
}
Note:
Although reading the HOSTS file is allowed to all user, do not try to edit the HOSTS file, because on Vista & Windows7 this operation is allowed only for administrators. if your application is NOT running as Admin, then you won't have permission for this (and an Exception will be thrown).
Best regard,
MDB-Blog
Great tutorial!
ReplyDeleteYes.. Cool
ReplyDelete