>Hi all,
>
>First off, sorry for being gone for so long - my largest client asked me to sub in for their IT department for the last 6 months as they "lost" 3 of their guys. So no coding for me since late fall. But I do have a question...
>
>I am using a utility in Rick Strahl's classes to encrypt data strings. Works fine. The utility eventually calls .Net encryption routines.
>
>My question is: what would a person need for tools to be able to get the key for the encryption? My key is made up of a long "base" and then for each record in a table, it is unique. Of course, this key gets assembled right before each call into one string.
>
>Is there a way to capture this key even if it is in memory as a var just long enough to call the encryption/decryption routine? If so, what tool would do that? And does the hacker need my source code in order to step through the code to stop on the line that assembles the key? Or can someone just capture every line as it executes and look at the results with some low level debugger?
>
>Sorry, I just don't do this kind of low level work to know the answer.
>
>Thanks,
>Albert

A person can generate a memory dump anytime they want -- so yes it's possible. some examples here:
https://hackernewsdog.com/best-memory-dump-tools-for-forensics/