You do realize how insecure this is right?
Here are some possible attack vectors that this seems to neglect:
- The attacker merely modifies the ILASM and switches the startup form.
- The attacker modifies the ILASM and NOPs the calls to the login check.
- The attacker opens up your ILASM and says, "Thanks for all of this database authentication information. Now I can steal user passwords, add my own accounts, and delete users at my own free will."
I truly hope you would never consider deploying this in a released application.