We had an application to retreive current logon user name in Windows. Since our application is an HTTP proxy, there are two approaches:
(1) Obtain user name using TCP connection
a). tcptable=GetExtendedTcpTable(...)
b). Get the process id of the socket
foreach(tcptable->dwNumEntries)
if (tcptable->table[i].dwLocalPort==port)
processid=tcptable->table[i].dwOwningpid;
c). Open process to get the process token
hrpocess=OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, processid)
OpenProcessToken(hprocess, TOKEN_QUERY, &hToken)
d) Then use the token to user info
GetTokenInformation(hToken, TokenUser, PUserInfo, dwSize, &dwSize)
e) Look up the user name from the user info
LookupAccountSidW(NULL, pUserInfo->User.sid, Name, &dwSize, lpDomain, &dwSize, &SidType)
(2) Obtain the user name using active session
a) enumerate the sessions
WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0 ,1, &pSessionInfo, &dwCount)
b) foreach dwCount
if (pSessionInfo[i].State==WTSActive)
dwSessionId=pSessionInfo[i].SessionId;
c). Then query the user token use the session id
WTSQueryUserToken(dwSessionId, &hToken)
After that following the d) and e) in approach (1)
Showing posts with label windows. Show all posts
Showing posts with label windows. Show all posts
Wednesday, December 15, 2010
Friday, October 22, 2010
Create a vista Gadget
Got my Windows 7 box in both home and office. It is time to play the Gadget side bar!
As a start project, I want to create a gadget to monitor a web site. Whenever it changes, it will display different icon. So you need a html file, a xml configuration file, and a javascript.
(1) How to access the Internet?
There are two ways: XMLHTTPRequest or create a dll to wrap the logic inside. Here I use the first approach.
(2) The regular request seems never sent out
It is because of the cache. Add the header like:
xmlhttp.setRequestHeader("If-Modified-Since", "Sat 1 Jan 2000 00:00:00 GMT");
(3) How to detect the network connection error
You can hook a timeout. Or if simply the web server did not start up, you will get the status code 12029 (WinInet error of the attmpt to connection to the server failed).
(4) I use:
<body onload="start();windows.setInterval('refresh()',5000)" ....>
to request the web site every 5 seconds.
As a start project, I want to create a gadget to monitor a web site. Whenever it changes, it will display different icon. So you need a html file, a xml configuration file, and a javascript.
(1) How to access the Internet?
There are two ways: XMLHTTPRequest or create a dll to wrap the logic inside. Here I use the first approach.
(2) The regular request seems never sent out
It is because of the cache. Add the header like:
xmlhttp.setRequestHeader("If-Modified-Since", "Sat 1 Jan 2000 00:00:00 GMT");
(3) How to detect the network connection error
You can hook a timeout. Or if simply the web server did not start up, you will get the status code 12029 (WinInet error of the attmpt to connection to the server failed).
(4) I use:
<body onload="start();windows.setInterval('refresh()',5000)" ....>
to request the web site every 5 seconds.
Wednesday, March 31, 2010
Deploy signed msi file to multiple machines using group policy
Windows Active Directory have two ways to deploy an application:
More things:
The Group Policy can be used to deploy three kinds of files: msi (windows installer package), mst(transform files) and msp(patch files)
If you want to modify signed msi file,
- Publish to a user
- Assign application to a user or a computer
More things:
The Group Policy can be used to deploy three kinds of files: msi (windows installer package), mst(transform files) and msp(patch files)
If you want to modify signed msi file,
Wednesday, March 24, 2010
create a certificate and sign it using signtool.exe: the windows way
It is assumed that you have installed the Visual Studio 2005, and open a command promote for it:
(1) create the certificate:
makecert.exe -sv mykey.pvk -n "CN=Mycompany Inc." mycert.cer
now you will have the private key in mykey.pvk and the certificate in mycert.cer
(2) Convert the certificate to the software publisher certificate (.spc) format
cert2spc.exe mycert.cer mycert.spc
It will generate the mycert.spc, which will use together with mykey.pvk to sign your executable.
(3) Before sign it, you have to comtine these two files into a single PFX file
pvk2pfx.exe -pvk mykey.pvk -pi -spc mycert.spc -pfx mycert.pfx -po
You always have to specify a password for -po.
(4) now you can sign your code using
signtool.exe sign /f mycert.pfx /p /t /v filetobesigned
The url can be one of he following:
http://timestamp.verisign.com/scripts/timestamp.dll
http://timestamp.globalsign.com/scripts/timestamp.dll
http://timestamp.comodoca.com/authenticode
(1) create the certificate:
makecert.exe -sv mykey.pvk -n "CN=Mycompany Inc." mycert.cer
now you will have the private key in mykey.pvk and the certificate in mycert.cer
(2) Convert the certificate to the software publisher certificate (.spc) format
cert2spc.exe mycert.cer mycert.spc
It will generate the mycert.spc, which will use together with mykey.pvk to sign your executable.
(3) Before sign it, you have to comtine these two files into a single PFX file
pvk2pfx.exe -pvk mykey.pvk -pi
You always have to specify a password for -po.
(4) now you can sign your code using
signtool.exe sign /f mycert.pfx /p
The url can be one of he following:
http://timestamp.verisign.com/scripts/timestamp.dll
http://timestamp.globalsign.com/scripts/timestamp.dll
http://timestamp.comodoca.com/authenticode
Monday, March 22, 2010
Add a customize data to an msi installer
The idea is to append the data to the certificate section at the end of the file. A little bit background first:
- How to generate/verify the signature: it hashes the executable and then used to make a digital certificate which is authenticated by some authority. This certificate is attached to the end of the PE executable in certificate table. When the executable is loaded, windows will compute the hash value and compares with the value in the certificate table.
- There are three areas of PE executable are excluded from the hash computation:
- the checkum in the optional windows specific header, 4 bytes
- the certificate table entry in the optional windows specific header. 8 bytes
- The Digital certificat section at the end of the file. Variable length.
- PE header offset located at 0x3c, read that offset as pe_offset
- pe_offset will start with "PE\0\0", which is 4 bytes
- From the pe_offset, find out the Certificate Table Entry (after 28 bytes COFF header and other header 120 bytes), so the offset to the pe_offset should be 0x98 (152bytes)
- You can first read the certificate table entry offset (4 bytes), and then the size of the certificate table entry (4 bytes)
- Modify the size if you want to append the data.
- Now seek to the certificate table entry (the absolute location is in the previous certificate table entry offset), change again the certificate size if you modified it.
- Then go to the end of the file and add the new payload.
- Possibly calculate the new checksum of the file.
Subscribe to:
Posts (Atom)