Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Disabling WinAPI

Tags:

c

dll

winapi

I'm building a game where each player must program his bot. The key idea is that the player will program in C (or C++, or whatever compatible language), build a DLL and send this DLL to the server, so that no one can get his code. The problem is: how to make sure that he is not calling any illegal function? Like creating files or opening a socket. The DLL will be loaded with LoadLibrary and a function will be called. All interaction will happen with callback functions. A possible solution would be placing a empty kernel32.dll (and others) so that all winapi calls will fail. Is this safe and works on every case? Is there a better way to do it?

Please note that the player thread (the one how called the dll) must still be able to comunicate with the game, maybe with an open socket. On Linux this can be easily done with seccomp.

like image 640
Guilherme Bernal Avatar asked Sep 07 '12 15:09

Guilherme Bernal

People also ask

What is WinAPI in C?

The Windows API, informally WinAPI, is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems.

Do people still use Win32?

Largely implemented using the C programming language, Win32 became the predominant Windows application programming model for many years. The majority of legacy Windows applications that exist in the wild today still use Win32 in some form.

What is WinAPI calling convention?

A calling convention is a scheme for how functions receive parameters from their caller and how they return a result. The calling conventions can differ in where parameters and return values are placed (in registers; on the call stack; a mix of both), the order they are placed.

Will Win32 be deprecated?

WinRT spans across other architectures. Win32 might not get deprecated, however, the relevance of desktops may diminish.

1 Answers

Your best bet is to create a user with reduced privileges, which will allow you to control file access quite easily, and run the bot code in a sub-process running as that user.

If you also want to restrict network connections, it is also easy to setup a firewall so that the aforementionned process does not have the right to connect to external hosts.

If you need more control over which API calls you allow or not, there is a technique called 'API Interception via DLL Redirection' which is explained for example here: 

http://109.163.225.194/download/files/other/DLL_Redirection_en.pdf

(found via google)

like image 144
SirDarius Avatar answered Sep 29 '22 00:09

SirDarius
Sign in to Comment

Related questions

Parsing XML in Pure C
C Question: why char actually occupies 4 bytes in memory?
What is the # for when formatting using %s
Multiplying two 3x3 matrices in C
How to print both to stdout and file in C
Random access of a large binary file
How can I call notepad.exe from a C program?
Precedence of Logical Operators in C [duplicate]
Why does this (i = ++i % 3) generate a warning: "may be undefined"? [duplicate]
Reverse engineering C-source code from assembly
C/C++ Scope in two different .cpp files
Is there a dummy lvalue that can be used when nothing is to be executed?
Hiding the black window in C++ [duplicate]
ARC & Malloc: EXEC_BAD_ACCESS
How do I multiply 2 32-bit integers to produce a 64-bit integer?
#include or #import <objc/runtime.h>?
volatile unsigned int * const
Access an enum using an index in C
Change tempdir() in session (update R_TempDir)
called object 'char* 'type is not a function or function pointer

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!