|
Create your file. Encrypt it. Name if KE1lSD1.dll, or some other meaningless name, then store it
in Windows\System32. It'll look like any other DLL and no one would ever know. Even if someone
opened it with Notepad it would look like any other DLL they opened with Notepad.
Everything makes sense in someone's mind
|
|
|
|
|
Kevin Marois wrote: it would look like any other DLL they opened with Notepad
No, it won't. Have you opened a .net DLL in Notepad?
|
|
|
|
|
Yes I have. The average user won't know the difference.
Here's a snippet of a random DLL I found in System32 opened in Notepad. if you encrypt a file, it will look similar to the following:
Q 3À…Òt‹Âë‹U9QtRèúûÿÿ]Â ÌÌÌÌÌ‹ÿU‹ìV‹ñè³ûÿÿöE
tVèÑÿÿY‹Æ^] ÌÌÌÌÌ‹ÿU‹ìƒì ‹MVEìP¾ VèÂçÿÿ…À…Ç
SWEôPV3ÛShP‹pÿuìÿT‹p‹ð;ó…ê EèPEøPEðPÿuôèHØÿÿ‹ð;ó…à 9]ðj^‰]ü†¤ ƒþ…› ‹EèSSSS‰EäEäPÿuøÿuüÿuôÿL‹p‹ð;óuijèÞÐÿÿ;ÃYtÿu‹Èè£Úÿÿ‹øë3ÿ;ûtFjEàPÿuøÿÌ‹pƒÄP‹Ïè§óÿÿ‹ð;óu‹E;Guÿwÿuÿ ‹p…Àtj^j
‹ÏèDãÿÿëj^ÿEü‹Eü;Eð‚\ÿÿÿÿuøSÿ5ä ‹pÿ‹pÿuôÿX‹pƒþ…§ jèDÐÿÿ;ÃYtÿu‹Èè Úÿÿ‹øë3ÿ;û„ƒ j,è Ðÿÿ;ÃYtÿu‹Èè£Ùÿÿ‹Ø…Ût^ÿu‹ÏÿuèÊñÿÿ…ÀuM‹Ïè&ôÿÿ…ÀuBÿw‹Ëèfûÿÿ‹ð…öu
‹Ëè$ïÿÿ‹ð…öt‹Ïè7òÿÿ…öu‹MSèãéÿÿ…Àu
…öt j
‹Ëèþÿÿj
‹ÏègâÿÿÿuìÿX‹p_[^É ÌÌÌÌÌ‹ÿU‹ìV‹u‹Îè<áÿÿ…À‰EtEP‹ÎèIáÿÿ…Àt j
‹ÈèIâÿÿƒ} uâ…öt j
‹Îè" ^] ÌÌÌÌÌ‹ÿV‹ñ‹…ÀtPè£ÿÿÿÿvj ÿ5ä ‹pèÏÿÿ^ÃÌÌÌÌÌ‹ÿU‹ìƒìt¡p ‹pSV‰Eü‹EW‹}j,‹Ù‰E˜èöÎÿÿ…ÀYtƒ ƒ` H ‰ ‰H$‰H(ë3À‹ð÷ÞöƒæòƒÆ‰…Ù ‹ÈèÖàÿÿ‹ð…ö…¹ Wè'Ïÿÿ‰C÷ØÀƒàòƒÀ‹ð…ž {¾‹p¥E"P¥j
j ¥h(‹pÿu˜¥ÿT‹p…ÀuijY¾Ø‹p}¬ó¥E¬Pf¥ÿü‹pD ‰EEPE¬PEŒPj j ÿu"ÇEŒ
ÿ8‹p…ÀuEœPE¬Pÿü‹p…À|
uœ{¥¥¥¥ÿu"ÿX‹pSÿu˜èuôÿÿ‹ð…öt‹…Ût j
‹Ëèà ‹Mü_‹Æ^[è¿- É ÌÌÌÌÌ‹ÿU‹ìV‹ñèˆþÿÿöE
tVèÜÍÿÿY‹Æ^] ÌÌÌÌÌ‹ÿU‹ìQhH¡‹ph¡‹pèRÎÿÿ…Àu@é‘ ¡L¡‹pVÿpèÑÿÿ‹ð÷ÞöFulS¾° èÖßÿÿ‹X¡‹p‹Ëè!ßÿÿ…À‰EütGW‹Eü‹x‹G;EtEüP‹Ëèßÿÿƒ}ü uáë$‹Ïè/éÿÿ‹ð…öuÿuü‹
X¡‹pè èÿÿj
‹Ïènûÿÿ_è¥ßÿÿ[h¡‹pÿØ‹p‹Æ^É ÌÌÌÌÌ‹ÿU‹ìQ}ÿ vjWXé† ShH¡‹p»¡‹pSè†Íÿÿ…Àu@ëm¡L¡‹pVÿpè?Ðÿÿ‹ð÷ÞöFuLW¾° è
ßÿÿ‹=X¡‹p‹ÏèXÞÿÿ‰Eüë‹H‹A;EtEüP‹Ïè\Þÿÿ‹Eü…Àuãë
ÿuèúÿÿ‹ðèüÞÿÿ_SÿØ‹p‹Æ^[É ÌÌÌÌÌ‹ÿV‹ñƒ> tè‡çÿÿF ‰ ‰F$FPÿà‹pƒ& ^ÃÌÌÌÌÌ‹ÿU‹ìƒìƒeø SV‹ñ‹FƒøWu‹F$ëƒø
u ‹F$ƒÀ,‰Eü‹Müè±Ýÿÿ‹Ø…Û‰]ôt ‹{‹F;Gv‹MüEôPè°Ýÿÿ‹]ô…Ûuâë‹}ô…ÛtD‹F;Gu<W‹Îè=ùÿÿ…Àt‹G@P‹ÏèÒùÿÿ‰Eøë‹MüEôPèoÝÿÿ‹]ô…Ût‹{ÿFƒ}ø t¸ƒ}ø uJ‹MüVSèçåÿÿ‹ø…ÿu ÇEø ë1ÿvÿvÿvhà‹pÿvÿ5h ‹pè " …À‰Eøu‰~(ë ‹MüWè0æÿÿ‹Eø_^[ÉÃÌÌÌÌÌ‹ÿU‹ìVWj h€ @jj j ‹ñh Àÿvÿˆ‹pƒøÿ‰Fu
ÿÌ‹p‹øë3ÿ…ÿua‹FH‹}tHuÿw\ÿvè:( ëÿw\ÿvè( EPh hL‹p‹ÎèXèÿÿ…Àuÿuÿvè' ÿuÿX‹p‹Î‰~$èdþÿÿ‹ø…ÿt‹FƒøÿtPÿØ‹pƒNÿ‰~ ‹Ç_^] ÌÌÌÌÌ‹ÿU‹ìƒìD‹MVEðP¾ Vè¢àÿÿ…À…*
WEüPV3ÿWhˆ‹pÿuðÿT‹p…À…
EìPEøPEôPÿuüè+Ñÿÿ…À…Ü EÜM¼‰}¼‰}؉E܉Eà‰Eäè
Üÿÿ…À…² S3Û9}ôvs‹EìWWWW‰EèEèPÿuøSÿuüÿL‹p…ÀuNj,èµÉÿÿ;ÇYtÿu‹Èè8Óÿÿ‹ðë3ö;÷t.ÿuø‹Îè¦õÿÿƒøuM¼ë;Çu
‹MVè ãÿÿ…Àu ‹Îj
èÅ÷ÿÿC;]ôrM¼èÛÿÿ;ljE[t'EPM¼è(Ûÿÿ‹ð‹Îè>åÿÿ;÷t j
‹Îè÷ÿÿ9}uÙM¼èÖüÿÿÿuüÿX‹pÿuðÿX‹p_^É ÌÌÌÌÌ‹ÿU‹ìSV‹ñ3Û9^Wt9jèôÈÿÿ;ÃYt
ÿ6‹ÈèºÒÿÿ‹øë3ÿ…ÿtÿv‹ÏèÎëÿÿj
‹Ï‹ØèŠÛÿÿëj[è-Òÿÿ…Ûu9ƒ~ÿu3ƒ=h ‹pÿt*ÿvÿuè»Ýÿÿ‹ø…ÿtÿvÿuèwÞÿÿ…Àt
W‹Îè_ýÿÿ‹ØèüÑÿÿ_^‹Ã[] ÌÌÌÌÌ‹ÿU‹ìQ‹MèÚÿÿ…À‰EütJVW‹M‹øEüPè$Úÿÿÿu‹ðÿu‹Îè-ÿÿÿƒøu‹Îè(äÿÿ‹MWè$ãÿÿ…öt j
‹Îènöÿÿ‹Eü…Àuº_^É ÌÌÌÌÌ‹ÿU‹ìƒìVj,èõÇÿÿ3ö;ÆYtH ‰0‰p‰ ‰H$‰H(‰Eüë‰uü9uü„ù ‹MüèÛÙÿÿ…À…Ü EôPh VhP‹ph €ÿT‹p…À…Ç EìPEøPEðPÿuôè¥Îÿÿ…À…" S3Û9uðvzW‹EìVVVV‰EèEèPÿuøSÿuôÿL‹p…ÀuSjèPÇÿÿ;ÆYt
‰p‰p‰p‹øë3ÿ;þt4jEäPÿuøÿÌ‹pƒÄP‹Ïè<Òÿÿ…Àu
‹MüWè6áÿÿ…Àu j
‹ÏèíÙÿÿC;]ðrˆ_ÿuøVÿ5ä ‹pÿ‹p[ÿuôÿX‹pë
‹Müj
è¬ ‰uü‹Eü^ÉÃÌÌÌÌÌ‹ÿU‹ìQQSè·þÿÿ‹Ø…Ût~‹ËèlØÿÿ…À‰EøtjVWEøP‹ËèwØÿÿ‹ð‹Eÿv‹@Pÿ ‹p…Àu?‹Mè:Øÿÿ…À‰Eüt0‹MEüPèFØÿÿ‹øW‹ÎèoÙÿÿ…Àtÿuÿ6ÿwXÿuèÉôÿÿƒ}ü uЃ}ø uš_^Sè©öÿÿ[É ÌÌÌÌÌ‹ÿU‹ìQSèþÿÿ‹Ø…Ût|‹ËèÒ×ÿÿ…À‰EüthVW‹}EüP‹ËèÚ×ÿÿ‹ðW‹ÎèÙÿÿ…ÀtB‹Mè¥×ÿÿ…À‰Et3‹MEPè±×ÿÿÿv‹@Pÿ ‹p…Àuÿuÿ6ÿwXÿuè1ôÿÿƒ
Everything makes sense in someone's mind
|
|
|
|
|
The average user doesn't mess around trying to delete random files in places that are hidden by default (on "noob" settings), either, so what does it matter that an average user wouldn't notice the lack of MZ and "!This program can not be run in DOS mode." etc?
The non-average user is just going to open it with CFF Explorer to see what kind of thing the dll does, which will then explode with an error message on the invalid dll. That is assuming he will come across the dll in some way which is rather unlikely if it's in system32.
Other suggestion - use NTFS alternate data streams
|
|
|
|
|
Now look what you have started.
|
|
|
|
|
Moi?!
|
|
|
|
|
sí señor, usted.
|
|
|
|
|
Impossible since every application that runs does so AS the user that launched it. If the application can read/write the file, so can the user of that application. The two are indistiguishable from each other. When the user launches an app, the app gets a copy of the users security token, therefore, the two are indistinguishable from each other. Also, since a user cannot grant tehemselves more permissions than they already have, neither can the application that is using that users security token.
|
|
|
|
|
Does it have to be on the local file system? Perhaps use a web service to access the file on a remote server. Use encryption if you don't want anybody looking at the data as is crosses the wire. You can use the authentication scheme of your choice to prevent others from accessing the file using the web service.
|
|
|
|
|
|
So you've connected your database now?
|
|
|
|
|
Hi,
Yes Michel I connected to my database thanks to u help.
Can u help me now Michel to complete my project
Thanks
|
|
|
|
|
Sorry, list boxes and check boxes are not really my area . More of a backend and system kinda of person...
Good Luck!
|
|
|
|
|
So I was taking a look into Windows Desktop Sharing and have found an example that I have downloaded and tested on my machine. The issue is the one I downloaded is a client and server that are both Windows Forms (not a service).
So I attempted to try a service.
When I run my service as LOCAL SYSTEM (with access to desktop) it will connect but will automatically go to the black screen with a PAUSE symbol on it. If I run the service as a NETWORK SERVICE I get an error code of 1028... if I run the service as a DOMAIN admin user I get an error of 2308.
Server:
protected RDPSession _rdpSession = null;
private string invitation;
public ITMgmt()
{
InitializeComponent();
}
protected override void OnStart(string[] args)
{
_rdpSession = new RDPSession();
_rdpSession.OnAttendeeConnected += new _IRDPSessionEvents_OnAttendeeConnectedEventHandler(OnAttendeeConnected);
_rdpSession.OnAttendeeDisconnected += new _IRDPSessionEvents_OnAttendeeDisconnectedEventHandler(OnAttendeeDisconnected);
_rdpSession.OnControlLevelChangeRequest += new _IRDPSessionEvents_OnControlLevelChangeRequestEventHandler(OnControlLevelChangeRequest);
_rdpSession.Open();
IRDPSRAPIInvitation pInvitation = _rdpSession.Invitations.CreateInvitation("WinPresenter", "PresentationGroup", "", 5);
invitation = pInvitation.ConnectionString;
using (StreamWriter sw = File.CreateText("c:\\inv.xml"))
{
sw.WriteLine(invitation);
}
}
private void OnAttendeeConnected(object Attendee)
{
IRDPSRAPIAttendee pAttendee = Attendee as IRDPSRAPIAttendee;
pAttendee.ControlLevel = CTRL_LEVEL.CTRL_LEVEL_VIEW;
EventLog.WriteEntry("IT Management", "Connected: " + pAttendee.RemoteName, EventLogEntryType.Information);
}
private void OnAttendeeDisconnected(object Attendee)
{
IRDPSRAPIAttendee pAttendee = Attendee as IRDPSRAPIAttendee;
EventLog.WriteEntry("IT Management", "Disconnected: " + pAttendee.RemoteName, EventLogEntryType.Information);
}
private void OnControlLevelChangeRequest(object pObjAttendee, CTRL_LEVEL RequestedLevel)
{
}
I can't seem to attach visual studio to the service either. Keep saying there is a debugger already attached? I install the service with visual studios command prompt (installutil).
Anyways if you have any idea why this would work as a windows form and not this service please let me know. I do want to point out that you can see I have a event when a attendee connected and it actually fires because my event log does show that the user connected.
OS: Windows 7
VS: 2008
Client & Server on same computer at this point. Works with 2 windows forms this way.
|
|
|
|
|
Services with user interaction are severely deprecated in Vista and 7. Previously the user at the console ran in session 0, and so did the services. In Vista, only system processes and services run in Session 0, so they can't share the desktop anymore with the logged on user.
This change was made to prevent 'shatter attacks', where a non-privileged process ( running as the user ) could send Window Messages to a privileged process (running as LOCAL SYSTEM), possibly exploiting bugs in the privileged process.
So now when a service tries to display anything on the screen, the screen is dimmed, and the user is prompted to deal with the service.
If the user agrees, the desktop is switched to Session 0, and the Service is able to interact with the desktop (but NOT the user's desktop, that will be restored when the services has finished talking to the user.
To make a long story short: this will never work anymore.
|
|
|
|
|
Well that kind of sucks!
So basically I will need to create a Windows applications that runs in the background.. somehow making it where the user cannot close it or anything.
|
|
|
|
|
Yes. When creating these kind of apps, You usually just get a handle to Desktop Device Context, and possibly monitor the windows on the desktop. The sending app should not display any windows or decorations, which makes it easy to hide from the user.
|
|
|
|
|
int WM_Paint_Handler(
IntPtr hwnd, uint msg, uint wParam, int lParam,
ref bool handled)
{
Win32.PAINTSTRUCT ps = new Win32.PAINTSTRUCT();
Graphics gr = Graphics.FromHdc(Win32.BeginPaint(hwnd, ref ps));
DrawButton(gr, this.Capture &&
(this.ClientRectangle.Contains(lastCursorCoordinates)));
gr.Dispose();
Win32.EndPaint(hwnd, ref ps);
handled = true;
return 0;
}
The above code is from MSDN
I am subclassing textbox and trying to draw some lines over it. Instead of DrawButton in the above function, I draw lines. I don't want to use rich text box. Everything is fine. But when textbox control gets repainted, like I minimize and restore the form which has textbox control, the already available text in the textbox disappears. What's happening?
|
|
|
|
|
thomus07 wrote: handled = true;
you are taking full responsibility for painting, by telling Windows not to bother.
|
|
|
|
|
Thank you for reply.
I have even tried giving handled = false. No results.
The texts in the textbox are not really disappearing. When I restore the form the text disappears, and when I focus the cursor over the text box the text reappears !
|
|
|
|
|
i am using C#, and in my application there are MID form and other child forms exist, i have placed a progress bar on mdi container, i want that when any child form perform its long processing then the mdi forms progress bar should progress accordingly... like internet explorer
any help or code snippet or links may be appreciable..
thanks in advance.
Regards
|
|
|
|
|
Follow some simple steps:
1. Make the progressBar internal so that child form can access it.
2. Now access the progress bar like (child.MdiParent as ParentForm).progressBar.
3. Make sure you have a synchronization mechanism is on place so that at a time only one child form can access the proressbar.
[where child is the Child Form, ParentForm is the class name of the MDI form and progressBar is the control in MDI form.]
Or,
if you do not want to expose the control as internal then create some event in Child Form like
public event EventHandler<ProgressChangedEventArgs> ProgressChanged;
Then subscribe this event in parent form like
child.ProgressChanged += Child_ProgressChanged;
void Child_ProgressChanged(object sender, ProgressChangedEventArgs e)
{
}
and then call the event from child form like
if(ProgressChanged != null)
ProgressChanged(this, new ProgressChangedEventArgs(progressPercentage, null));
|
|
|
|
|
create an interface with the progressbar-methods and use inheritance...
(yes|no|maybe)*
|
|
|
|
|
Thanks for your replies guys..
i got the solution by making progress bar static internal.
after dragging the progress bar control on form i made its access modifier internal, and i manually changed some code of progress bar control in Designer.cs file.
through this i became able to get the progress bar like, MDIForm.PrgressBar_watinting.value=some value..
Regards
|
|
|
|
|
Are there any functions in .NET to load interlaced JPEG deinterlaced or some functions to compensate for it?
Чесноков
|
|
|
|