Recently my brother had a problem with an old winforms application we developed to help him upload images and product information. The issue was really simple, once I had a chance to run and debug the application the issue was evident. The app was using FTP to upload pictures to the website and the credentials were invalid.
Easy I thought, go to the config file and change it, it'll probably be encrypted and might give me a hard time to hack. I opened it and didn't find anything. Let's open reflector and see what's happening I have a Stack Trace to start with, but that wasn't the best place. I remembered the name of the user, so the Reflector Add-in Code Search quickly pointed me to the right place:
From there a double click sent me to the method
Great. Someone thought it was safer to hard code it instead of using the web.config.
Then the question remains, how can we change it? The proper solution would be to open Visual Studio, connect to TFS, get the sources, edit recompile and sent back the new version. However I don't think the latest version is stable, so I would need to search for a label to get the latest deployed version. I'm running on a really slow connection now and that would probably take a while, beside it's sunday and I'm ready to go surfing (or at least try to).
Option 2. In that same screen just open Reflexil (another Reflector-Addin) locate the IL line that sets the password (this is not as hard as it sounds) and edit the string.
Then we simply save the assembly. This was probably the hardest part, this was the first time I used Reflexil and I was expecting the Save As option to be right next to the place where I do the edit, in the Tools menu or a toolbar, I finally found the option when clicking file in Reflector.
After that, just save the file e-mail it and ready to go, but then I had the brilliant idea of write this post and it took me more time than the fix.
You can find this an other reflector add-ins in http://www.codeplex.com/reflectoraddins