A little background for the question:
I recently had a near-death experience with Microsoft and socket binding. I was testing production code and one of the test PCs kept failing. I eventually suggested that there was a bug in the bind() function, one of the oldest functions out there.
I submitted the error (see CAsyncSocket Create's bind implementation has a bug in Visual Studio's Developer Community feedback forum), but got handed off to the Windows team (see "__imp_bind implementation has a long-standing situational bug in it" in their Feedback Hub), who never did anything about it.
Since I couldn't debug bind(), and Microsoft refused to assist, I eventually discovered after 2 weeks of dev work, that the test machine in question had Hyper-V enabled and my interface resolution code was picking up this spurious AF_INET address and resolving on it instead of on the real IP address.
I can't expect my customers to turn off the unwanted Hyper-V feature just to run my software, so I need to make my resolution code more granular.
My question:
What I need to do is to be able to get a particular address's verbose name, like for ipconfig /all. I can see that others have asked this question, like Ivan's how to determine interface name and tez's Linux getting all network interface names. Ivan's answer was to use getsockname() and tez's answer was to use if_nameindex(). Neither one of which returns the verbose interface name as seen in ipconfig.
So, does someone know what function call that would be?
Remy Lebeau's answer was to use GetAdaptersAddresses. The sample code for that function shows how to iterate through socket adapter interfaces and get copious amounts of interface data. To answer the question (ie, get ipconfig-like verbosity), however, you need the individual ip addresses. These are available in the LPSOCKADDR lpSockaddr members, which are outputs of the GetAdaptersAddresses call, an example of which is pUnicast->Address.lpSockaddr.
Related
Can you give me details of all the terms that are useful to understand properly the issue with crash after we use "!analyze -v"? Which term indicates what like The FAULTING_IP field shows the instruction pointer at the time of the fault.
I am not getting it anywhere with proper description.
It is BUCKET_ID that categorizes the issue, and Microsoft has a big internal database to reveal typical issues,
The BUCKET_ID field shows the specific category of failures that the current failure belongs to. This category helps the debugger determine what other information to display in the analysis output.
If you are connected to the internet, the debugger attempts to access a database of crash solutions maintained by Microsoft. This database contains links to a tremendous number of Web pages that have information about known bugs. If a match is found for your problem, the INTERNAL_SOLUTION_TEXT field will show a URL that you can access for more information.
https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/using-the--analyze-extension
If you need to investigate on non typical issues, things like STACK_COMMAND might be your friend.
However, dump analysis on native crashes is never an easy task, and corrupt memory can further mess up the situation.
So you should buy services from either Microsoft or other service providers.
Hi everyone and sorry for my bad English.
I'm learning penetration testing.
After reconnaissance and scanning of my target, I have enough information to pass to next phase.
Some info I have is open ports with related running services, names of the services, service's versions, operative system of the device, firewalls used, etc.)
I launched the mfs console.
I should find the correct exploit and payload, based on the information collected to gain access. I've read the Metasploit Unleashed guide on offensive-security. I've learned the Metasploit Fundamentals and the use of mfs console.
But I don't understand the way to start all of this. Assuming that my target has 20 ports open, I want test the vulnerability using an exploit payload that do not require user interaction. The possibilities of which exploit and payloads to use are now reduced, but are always too. Searching and testing all exploit and payloads for each ports isn't good! So, if i don't know the vulnerability of the target, how do I proceed?
I would like to be aware of what I do. and do not try without understanding.
Couple of things:
We have a stack exchange for security! Check it out at https://security.stackexchange.com/
For an answer: you want to look for "remote exploits", as those do not require user interaction. you can find a curated list of exploits here: https://www.exploit-db.com/remote/
You can search the services on this page for something that matches the same service/version as your attack vector.
I'm writing a piece of software that will run on computers as well as phones.
The service uses an HTTP API for communication and will be published over the local network using Zeroconf.
Initially I published my service using _http._tcp. as the service type but I quickly discovered that both my NAS and my music receiver(!) also broadcasts themselves with that exact service type.
So the question now arises how to differentiate between my service and other services that are using HTTP.
Alternatives
Using a different service type
The is certainly the most certainly the easiest way and (almost) guarantees no other services will be picked up.
However, according to Apple1 new services should be registered with IANA. This is obviously not required but seeing as they recommend it it feels like it would be the wrong way to do it
Using the TXT record
Apple2 describes the TXT record like this:
When a service is registered, three related DNS records are created: a service (SRV) record, a pointer (PTR) record, and a text (TXT) record. The TXT record contains additional data needed to resolve or use the service, although it is also often empty.
The certainly feels like it could be the right way to do it, but I'm still not sure and it's hard to find a description of what the field should contain.
My first though would be to put something like <service_name>-<version> which will then be parsed to see which service it actually is.
My NAS seems to use this for identifying model and version numbers.
Try talking to the service
After finding a service one could always perform a HEAD request on a known endpoint and look for a known header set by the service.
This feels like a fairly slow approach and who knows what making a HEAD request to my receiver will do.
And just to be clear, this question has nothing to do with a specific language or framework, it's about the concepts of zeroconf.
I could show some code but I don't see how that would help.
First, does the service you're advertising actually meet the qualifications for _http as defined by RFC 2782. Specifically- is it not just using HTTP for a transport but is also:
can be displayed by "typical" web browser client software, and
is intended primarily to be viewed by a human user.
If no, register your own service type (there are a couple other services that use HTTP as a transport but don't meet those qualifications so they have -http as a suffix to the service name, see pgpkey-http, senteo-http, xul-http).
If yes, there are a couple ways to go depending on how strict one's interpretation of the RFC is. The least strict being just adding a TXT record as you've already noted in your question. iTunes registers itself with a TXT record in the format iTSh Version=196618.
If you're feeling a little more strict, the RFC only explicitly states that the u=, p= and path= TXT records exist for HTTP. Perhaps someone can chime in on this, but I haven't seen much discussion on whether adding TXT records to already existing entries is frowned upon or not. So with that, the other way is to just an algorithmic instance name. For example, adding the suffix "-NicklasAService" to the device name. Hopefully giving it a unique name to the local network but still making it so that the service can be easily picked out by the PTR record by just looking for the suffix.
So I have been modifying the chat program found here: http://www.dreamincode.net/forums/topic/259777-a-simple-chat-program-with-clientserver-gui-optional/ and I am at the point where I am ready to use it between twp pc's.
The problem is, I do not know enough about server-client relationships to set it up. Is there anything missing in the code for this to work? I just want to link two laptops to chat with one another. Is there any server softare I need to run or something?
I tried openfire but couldn't figure out how to link it, every port number I tried (listed in the admin page) didn't work. This is my first attempt at anything like this and probably beyond my current level of understanding which is why I would greatly appreciate a straightforward solution.
I chose this becaue I needed to do a lot of customization to the code so please use the ones on the page above as a reference. I would post the code here but there are 5 classes and they are neatly displayed on that page already with a explanation of each.
Thanks in advance!
Before you start trying to incorporate external libraries or functions, understand the code. Play around with it a little. See what does what and if you change this setting or that what will happen. Bare in mind that the code is separated into 2 applications:
Client - [ClientUI + Client + ChatMessage]
Server - [ServerUI + Server + ChatMessage]
Check that the application works on a single machine. So keep the server class the same and simply edit the client class so that it points to the current machine.
Run both the server and the client (from the example) on the same machine and when the client asks for the server location input 127.0.0.1 then put the port number you gave for the ServerSocket in Server. This should point to your machine and if this works but not when using 2 separate machines check your firewall settings.
Is there a FileMaker (11 Advanced) native way to obtain the client's computer name in a script? The computer name shown in FileMaker server when displaying clients connected to a database would do nicely.
Purpose: I'm looking to have filemaker recall and set window position based on user and computer. (The same user could have a different window position and size preference for their laptop than for their desktop -- think of byHost user preferences.)
Alternate: I'm aware that a the client computer name could be grabbed using an external script, but would prefer a native way, if available.
I am still unable to answer the question as asked. However, for the purpose stated, I just found the command
Get ( SystemNICAddress )
It will provide a unique identifier for each computer that will change infrequently. This is all that is required for my purpose and will likely work better than the value I originally requested.
This new function was introduced in FileMaker Pro 12.0:
Get ( PersistentID )
From the FileMaker documentation at http://www.filemaker.com/help/12/fmp/html/func_ref2.32.54.html:
"Returns a unique, unchanging identifier for the computer on which FileMaker Pro is running or the device on which FileMaker Go is running, in the form of a 32-digit hexadecimal string."
If you're using FMP 12+, this would be a better choice than relying on Get(SystemNICAddress), which can change.
I know this is an old post, but we've worked with the same thing for other reasons and maybe this will help someone.
Since it doesn't seem that FM natively has this function built-in, even for version 17, I just made a table with the NIC address records created when the file opens (if it doesn't exist already) and then the DNS name was manually added later. Then the DNS name could be referenced after using GET to find the NIC address. Some computers do have multiple NICs so those are broken up into separate records (it's just returned as a list) but the same DNS name is applied to them all. Except in the case of a VPN NIC which sometimes reports at 00:00:00:00:00:00; those are just ignored. Otherwise you may have multiple computers with the same null NIC - and that isn't helpful. We use the DNS name for reporting of our employees sales in relation to their call volume. And trying to remember the NICs of a hundred computers is not as simple as a DNS name to know where the person was sitting at the time.
There is a native way to do it.
Get ( HostName )
But you can't use this with a hosted filed, file needs to be opened on the client machine locally.
There can be other advantages to using local FileMaker files that communicate with hosted files
- Better performance for graphics heavy layouts
- Providing an offline cache
Another approach is to use a system shell script.
For completeness sake, a non-native approach, there are a few Filemaker plugins that can provide this functionality. www.360works.com/scriptmaster/
To identify client with FileMaker 11, I simply use:
Get(DesktopPath)
Maybe it could help...