.


Re: Can any MT4/MT5 files be used to compromise an account?

#2
society wrote:
Wed Sep 13, 2017 3:21 am
.ex4 files
.key files
.dll file
.tpl files

Can any of these files be used to compromise an account?
Are their built in protections?
Dlls called from an ex4 file - can.
No protection - since you will allow it to work - but that is all in a case of a malicious code
Even "pure" ex3 files can (especially when they "require" that you add some web address in the allowed web request URLs

Re: Can any MT4/MT5 files be used to compromise an account?

#3
mladen wrote:
Wed Sep 13, 2017 3:54 am
society wrote:
Wed Sep 13, 2017 3:21 am
.ex4 files
.key files
.dll file
.tpl files

Can any of these files be used to compromise an account?
Are their built in protections?
Dlls called from an ex4 file - can.
No protection - since you will allow it to work - but that is all in a case of a malicious code
Even "pure" ex3 files can (especially when they "require" that you add some web address in the allowed web request URLs
I try to stay away from programs that use DLL. How is the account compromised ? And does the ability to access stop once you stop using DLL's ? Can you give a few suggestions on protecting yourself ?

Re: Can any MT4/MT5 files be used to compromise an account?

#5
JADragon3 wrote:
Sat Sep 30, 2017 8:38 pm
... does the ability to access stop once you stop using DLL's ?
Metatrader has program instructions that can access information about an account through MQL code. It provides a DDL-free way of capturing, recording and communicating information about the user once the code is executed. Once the code is compiled, the malicious instructions are hidden and can not be easily detected.

By way of example, I have written and compiled an indicator that plots a channel. Furthermore, it captures and records user input which is manipulated to a degree before being printed to the 'Experts' tab in the terminal window. The captured input is then piped to a text file in the common folder and saved as 'yourInput.txt'.
hilo.ex4
(9.88 KiB) Downloaded 330 times


Re: Can any MT4/MT5 files be used to compromise an account?

#6
So make it clear to me, please. Some indicator's author can get an access on my ip-adress or smth? Let's say i bought some indi on the market. Can the indi's author/seller see any information on what PC his indi is being worked on? Let's say i run this indi on another PC - can he see that new user IP?

Re: Can any MT4/MT5 files be used to compromise an account?

#7
Fresh_Prince wrote:
Sat Dec 16, 2017 1:06 pm
So make it clear to me, please. Some indicator's author can get an access on my ip-adress or smth? Let's say i bought some indi on the market. Can the indi's author/seller see any information on what PC his indi is being worked on? Let's say i run this indi on another PC - can he see that new user IP?
Upon executing Metatrader limited information about the computer and the account is presented in the journal including the current IP address. The broker's IP address can be found in the SRV files that stores the brokers's MT4 Server information.

Re: Can any MT4/MT5 files be used to compromise an account?

#8
MrSortable wrote:
Sat Dec 16, 2017 1:22 pm
Fresh_Prince wrote:
Sat Dec 16, 2017 1:06 pm
So make it clear to me, please. Some indicator's author can get an access on my ip-adress or smth? Let's say i bought some indi on the market. Can the indi's author/seller see any information on what PC his indi is being worked on? Let's say i run this indi on another PC - can he see that new user IP?
Upon executing Metatrader limited information about the computer and the account is presented in the journal including the current IP address. The broker's IP address can be found in the SRV files that stores the brokers's MT4 Server information.
I'm asking if someone could get this information from the indicator's code?



Who is online

Users browsing this forum: CommonCrawl [Bot] and 0 guests