Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 9 years ago.
Improve this question
I'm refactoring an application used by the employees of an insurance carrier, they have had some problems with some kind of malware on their computers that was controlling this application to do bad things, or at least that's what they say.
I'm pretty sure the malware is using the Win API to make calls to the application instance, so my question is, there's any way to detect if a real user is controlling the application or it's being controlled by another process through calls to the Win API? The app is coded in C#.
This answer is coming from my experience with developing Win32 apps using C++.
I can only think of two ways in which the app is being controlled -- one using OLE automation, using automation verbs and secondly inserting keyboard/mouse events into the system event queue. (I'm assuming that this app is not listening for any network originated commands). You can verify the first by checking the source code and using a debugger with some OutputDebugString calls. The second can only be detected by a malware scanner. Any COTS/free AV or MS security essentials should be able to identify a malware, unless of course it's written internally by a malicious employee.
Have you taken a look at the task manager process list and gone through them one-by-one to see if there's anything that looks suspicious? Can you run the app with elevated privileges? Then the OLE automation client, if one is present, won't be able to access the process.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
Is there a way to call a function to run on all instances of a Windows Forms application across a LAN?
I have an application which contains a dashboard of their own Joblist. I want another user on another PC to create and allocate a job to this user. Once created and saved, I would like the method GetJobs(); to refresh. I've not done anything this advanced yet, so please go easy :)
Chris Walsh has excellent advice in his comment. That said, it is possible for Windows Forms applications to communicate with each other, and the simplest method, for me anyway, is WCF, self-hosted server. Typically the server code will not be running in the UI thread -- at least I don't recommend it. In fact, all WCF is best kept running in a background thread in a Windows Forms application, to avoid blocking the UI. WCF has lots of error conditions you will need to handle.
Another thing you might want to look at is MSMQ, now called Message Queueing. It can store a queue of jobs for you, and it won't lose them if the power is lost.
I assume you have some SQL Server Express Edition installed as the database backend.
This way you can connect to the database using some authentication, and add the job's directly there.
Then on the other computer, add a refresh button or poll for changes. This has the advantage that you don't need to write a service by yourself, and jobs can be created even if the user is not there and his PC is switched off.
You need just one server which hosts the database.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'd like to create a Skype application that displays to the other end of the call one of my windows, rather than what my camera sees. I'd like to select which window and even switch between windows on my machine. I have looked at the API, but there's a good deal there I don't understand. Was wondering if this is possible?
Skype itself does not provide too many options for its automation. Some program API was announced in the Skype site, but is not yet available (at least for ordinary users). The only Skype API I found was the Skype4COM.dll in-process COM object. Skype4COM permits operations like management of Skype user accounts, calls, etc. But most Skype settings are not addressed, and screen sharing is left completely out of its scope. Other automation techniques should be combined with Skype4COM to achieve active screen sharing.
For better understanding Remote Desktop Control with Automated Skype might give some idea.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
Trying to make console app that monitors alongside its main program, and monitors what the main program has going in and what goes out its tcp/ip sockets. I have seen people do this in a few programs, but I can't figure out how. Something about using a raw socket, but I am not sure.
Any ideas how?
If you want the console app to be entirely separate from the main program, you can do this various ways:
Create a man-in-the-middle proxy for the connections. Run a client and server socket from your console application - i.e. clients connect to your proxy server and then your proxy server will forward the connection to your main program. This allows you to record the packets on their way through your console.
Hook winsock.dll. Essentially you will be gaining access to the parameters of send() and recv() calls that your main program makes, and you can then output or do as you like with it.
Forget programming it, and use Wireshark or another network sniffer to check what's going in or out.
More information on number 2:
It was surprisingly difficult to find good tutorials in C#, mainly because it's generally done with C++ or C. Some links to get you started:
https://en.wikipedia.org/wiki/Hooking
http://csns.calstatela.edu/download.html?fileId=2062150
http://www.elitepvpers.com/forum/co2-programming/1917917-c-dll-injecting-hooking.html
A tool to assist with hooking: http://easyhook.codeplex.com
I'll update this list as I find better resources. I might make a tutorial myself, will keep you informed.
Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
I'm designing a program that uses a third party electrical solver.
I want to perform monte carlo simulations on large electrical grids and most of the times the program (mine) takes hours.
Because of this I thought that if I create a client in other computer I could call from my computer (and vice versa) I would have a nice distributed simulator.
Since I lack the knowlwdge, I would like to know what is the best way (if even possible) to "invoque" a program installed in another computer in the local network to do a specific task: simulate a file that I send and return the results back. The idea is to call the solver in lets say 10 computers at a time and gather the results asynchronically.
The language I use is C#.
I hope that my question is clear enough.
The easiest is to have a shared drive on the network, to which all computers have access. Then your app saves the input file (or one input file per machine, depends how you want to do it) on the shared drive, and your app starts another app remotely on each client. It monitors each one it starts for the exit status. After all of them have exited, it takes the output files and combines them and processes the data. Job done. The simplest "remote process" invocation is probably through psexec which you can download from technet, we have used it very successfully and very simple to use. The top two answers of How to execute process on remote machine, in C# have other good ideas: I think you will find them more overhead (longer to implement) but will give you more power in the long run.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
I'm currently thinking about developing a sockscap-like tool with some cool new features and a nice WPF gui.
For those who don't remember:
SocksCap was a tool that allowed you use any application with the use of a SOCKS4/5 Proxy... So e.g. you could play games with another IP without using VNC and alike.
However I'm not much of a network guy, so I'd love some input on how to "socksify / proxify" from an external application within a windows environment. As this is supposed to be a project, not a "quick and dirty" thing I'm only into "clean and generic" approaches instead of "modify HOSTS entry" or "plugin for each application"...
So how would someone with knowledge about networking programming start his research about redirecting (routing?) an applications traffic via a proxy?
Thanks for any help :-)
Google always helps.
Under windows there is something similar to socksify:
FreeCap -- is a program for transparency redirect connections from programs through SOCKS server. In fact that some programs hasn't native SOCKS support (for example Internet Explorer), In this case FreeCap will be helpful, transparently redirect all connections requests through SOCKS server.
The internal implementation of this seems hijacked the socket call of the client applications.