.NET Encrypted Configuration Viewer

This application is a little tool used to check what goes on inside a .NET app.config or web.config configuration file.
Now, some of you might think that this is leaning in the direction of a hacking-tool, but on the contrary, I think that anyone who can hack his/her way onto a computer can write or run something in minutes/seconds to achieve the same effect without my app's help. Also, you can only view configuration files on the computer where it got encrypted.


Bear in mind that this application only supports two types of Protection Configuration Providers which comes standard in the .NET Framework:
  • DataProtectionConfigurationProvider
  • RsaProtectedConfigurationProvider

The DataProtectionConfigurationProvider is the simplest to use, as it makes use of a machine key to encrypt / decrypt configuration files. You need to be on the same machine and you don't need administration privileges to decrypt the information.
The RsaProtectedConfigurationProvider is harder to use as only users with privileges to the RSA key can encrypt / decrypt a configuration file.

So why is this tool created? It's created to help you investigate if the configuration files are indeed configured the way you think they are. You have no editing capability, only read-only views over configuration files. Its portable so that you can copy, run, view and remove after use so that you don't need to install it first, etc.
You can pass a path to a configuration file as a parameter too for the application to open up the configuration file.

I'm using the ICSharpCode.TextEditor editor which gives nice XML color syntax. Also, the areas that were encrypted are surrounded with comments indicating the area which is currently encrypted.

Last edited Sep 2, 2011 at 5:18 PM by dandrejvv, version 5


No comments yet.