Control Host playback from JUCE audio VST plugin - vst

I am trying to find a way to control the playback position / tempo of a VST Host from a VST plugin build with JUCE.
I am not sure if this is possible.
I found a setPlayHead function on the AudioProcessor, and i think this might be what i am looking for.
https://www.juce.com/doc/classAudioProcessor#a9015f8476c07b173e3c9919b3036339d
But on the doc of the setPlayHead i am reading this:
Tells the processor to use this playhead object.
So can anybody tell me if this is supposed to mean that the new AudioPlayHead that is set on the AudioProcessor will be used for the Hosts playback (z.b. Cubase), or does it mean that only the AudioProcessor of my VST plugin will use this AudioPlayHead, and the AudioPlayHead of the Host remains unaffected)
Thanks for any help / input on this.

A sequencer cannot be controlled by a VST plugin in this way. The VST API doesn't allow for anything like this. The method you've found is actually part of the Juce API which allows a sequencer to pass a playhead structure to a plugin.
To be fair, there is no technical reason that a plugin couldn't do this. The host would have to supply an unofficial custom opcode and an associated canDo for the feature. However, it would not be part of the VST standard, and would only work for that specific host.
As far as I know, no major VST host (including Ableton Live, Cubase, etc) has a mechanism to allow this. Thinking from the host's standpoint, it would be a bit crazy to provide such a mechanism. Just imagine multiple plugins trying to stop/play the host's playback at the same time!
So yeah, sorry, but this is not really possible in the way that you are thinking. However, it would be possible for a VST plugin to control the host's tempo (but not playback state) via Ableton Link. Since Link works over a local network socket, and doesn't have any concept of master/slave, a VST plugin could theoretically send tempo changes to the host in this manner.
Right now (where "now" == September 2016), Ableton Live is the only sequencer which supports Link, but Ableton has said that they are working with other companies to help them add support for Link, so I wouldn't be surprised if more sequencers start to add Link support in the near future.

Related

Which exploit and which payload use?

Hi everyone and sorry for my bad English.
I'm learning penetration testing.
After reconnaissance and scanning of my target, I have enough information to pass to next phase.
Some info I have is open ports with related running services, names of the services, service's versions, operative system of the device, firewalls used, etc.)
I launched the mfs console.
I should find the correct exploit and payload, based on the information collected to gain access. I've read the Metasploit Unleashed guide on offensive-security. I've learned the Metasploit Fundamentals and the use of mfs console.
But I don't understand the way to start all of this. Assuming that my target has 20 ports open, I want test the vulnerability using an exploit payload that do not require user interaction. The possibilities of which exploit and payloads to use are now reduced, but are always too. Searching and testing all exploit and payloads for each ports isn't good! So, if i don't know the vulnerability of the target, how do I proceed?
I would like to be aware of what I do. and do not try without understanding.
Couple of things:
We have a stack exchange for security! Check it out at https://security.stackexchange.com/
For an answer: you want to look for "remote exploits", as those do not require user interaction. you can find a curated list of exploits here: https://www.exploit-db.com/remote/
You can search the services on this page for something that matches the same service/version as your attack vector.

Terminology: "live-dvr" in mpeg-dash streaming

I'm working with live MPEG-DASH streaming, and I would like to know if there exists a stardard terminology for a given functionality.
It's the "live-dvr" functionality. That is, a mix between a live stream and VOD features: a live stream with the seeking bar in the player allowing to watch past stream time. This involves a series of infrastructure tweaks.
The term "live-dvr" for this setup is kind of informal, and different parties call it in its own way: "live catch-up", "live-vod", "cached live", some vendors set the name for this based on their product lines, and so on. I would like to know if there's a standard term for this kind of setup. Specially because interpreting the standard in order to understand setup parameters for the manifests may be confusing or even misleading without proper terminology.
The MPEG-DASH standard only mentions a timeShiftBufferDepth, which specifies how long after the availability of a segment it is still available on the server.
From the spec:
#timeShiftBufferDepth specifies the duration of the time shifting buffer for this Representation that is guaranteed to be available for a Media Presentation with type 'dynamic'.
There is no mention at all of DVR in the spec. So time shift seems to be the term used by MPEG-DASH. However, for example HLS does not mentioned DVR or time shift at all.
DVR (Digital Video Recording, also known as nDVR - network DVR) is a functionality that allows recording the live stream and perform its playback from any moment of recorded period. Live stream can still run while the end-user may rewind it to any particular moment in past.
Typically media servers (like our Nimble Streamer) also provide time-shift and time range selection - see our links for details.

Network Time Protocol for iPhone

I am writing an application that requires accurate timing. After asking this question, I have decided to investigate using NTP or maybe Simple NTP.
Is there any open source implementation of these protocols for the iPhone? So far I have managed to find a broken link. I am also aware that NTP has a C reference implementation, so I am trying to see how much effort it would require to make it work on the iPhone.
Update: I thought I had a working link, but it is to the Wayback Machine, which only saves text, not files link that works.
There's a small iOS library named ios-ntp. I have used it in one project in the past and it seemed to work reasonably well.
As of mid 2013 the original ios-ntp project has a few missing pieces, so I have mirrored the original svn repository to github. You can checkout out a working version of the code here: https://github.com/jessedc/iOS-ntp
I would probably start by pulling code from OpenNTPD.
If you're not developing a commercial application, peek at the linux source.
http://packages.ubuntu.com/source/lucid/ntp
If you need to use NTP, but don't want to trust the iPhone (or iPod's) clock, you can always just use sockets (or Cocoa streams) and query the server yourself. It's one of the simplest network transactions out there.
Cocoa Streams
I don't know what application you're creating, but if trusting the clock is a critical feature of its security or (in the case of game) cheat prevention, etc, then you need to be very careful of open protocols like NTP-- a cheater could do a man-in-the-middle on your NTP request and tell your app what he wanted you to hear.
If this is potentially a concern, you'll want to build your own trustable source of truth for time into your server (e.g. build your own time service, and sign your responses with PK crypto), and set your app's internal clock to that within some acceptable clock skew.
Since you are developing a commercial app, if all else fails, RFC 2030 describes the SNTP protocol. I have no information on commercially available libraries that do not require a background task, which the iPhone won't let you use.
You can use that open source: https://github.com/huynguyencong/NHNetworkTime
[[NHNetworkClock sharedNetworkClock] syncWithComplete:^{
NSLog(#"%s - Time synced %#", __PRETTY_FUNCTION__, [NSDate networkDate]);
}];
And use:
NSDate *networkDate = [NSDate networkDate];

What are the legitimate uses of global keyboard hooks?

Other than for app launch shortcuts, which should only be provided by the O/S, what are the legitimate uses of things like Windows keyboard hooks? It seems to me that we only have problems with things like key loggers because operating systems provide hooks to do things that should not be permitted by anyone under any condition except the O/S kernel itself.
EDIT: OK, so given some legitimate places where they may be required, should not the O/S provide a high level ability to globally turn them off, and only allow exceptions on a program-by-program basis?
I'm currently working on a mobile application platform / hardware abstraction layer for an enterprise client, and one requirement was that a screensaver would be brought up after a certain period of inactivity. Since mobile devices don't have mice to move, "activity" consists of key presses or screen taps. One of our devices doesn't have a touchscreen, and, to make a long story longer, the mobile hardware vendor didn't properly implement the Win32 API calls that would allow me to get the time since the last user input.
Since the hardware vendor was unwilling to implement the Win32 API properly, the next best way I knew of to ensure that my console application could trap key presses in any application on the system was to install a global keyboard hook.
That said, I agree that the average consumer scenario is very different from mine, and the OS should allow the user to whitelist activities like this.
Not true, there are environments where the owner of the computer may want to stop things such as Ctrl+Alt+Delete... example, a Kiosk, or... .... Best Buy?
For example I have installed two applications;
One maps Windows-V as paste unformatted text
Another one modifies how caps lock works
I think both of them require a hook.
I wrote an app that let me place virtual sticky notes on my monitor. I used an OS keyboard hook to bind a hotkey to it.
I had an option in settings to disable the hook.
There may not be a lot of legitimate uses. However, I'm of the opinion that you shouldn't intentionally limit the features of a system, simply to make it more secure.
Also, a key-logger isn't a bad thing if you know it's there and you installed it yourself.

best tool to reverse-engineer a WinXP PS/2 touchpad driver?

I have a PS/2 touchpad which I would like to write a driver for (I'm just a web guy so this is unfamiliar territory to me). The touchpad comes with a Windows XP driver, which apparently sends messages to enable/disable tap-to-click. I'm trying to find out what message it is sending but I'm not sure how to start. Would software like "Syser Debugger" work? I want to intercept outgoing messages being sent to the PS/2 bus.
IDA Pro won't be much use to you if you want to find out what 'messages' are being sent. You should realise that this is a very big step up for most web developers, but you already knew that?
I would start by deciding if you really need to work at the driver-level, often this is the Kernel level. The user mode level may be where you want to look first. Use a tool like WinSpy or other Windows debug tool to find out what messages are getting passed around by your driver software, and the mouse configuration applet in control panel. You can use the Windows API function called SendMessage() to send your messages to the application from user mode.
Your first stop for device driver development should be the Windows DDK docs and OSR Online.
I suggest reading the synaptics touchpad specs (most of the touchpads installed on notebooks are synaptics') available here http://www.synaptics.com/decaf/utilities/ACF126.pdf
I believe on page 18 you'll find the feature you are looking for. At least you'll know what to expect.
So, very likely, the touchpad driver "converts" the command coming from user mode to this PS/2 command.
I don't know the specifics of the touchpad PS/2 driver but I see two major ways for the user mode panel to communicate with the driver:
- update some key in the registry (this is actually very common)
- the driver provides an alternate "channel" that the user mode app opens and writes specific commands to
You may want to try using the process monitor from sysinternals to log registry activity when setting/resetting the feature.
As for the options 2 you may want to try IRP tracker from OSR and see if there's any specific communication between the panel and the driver (in the form or IRPs going back and forth). In this case, kernel programming knowledge is somewhat required.
The windows kernel debugger may also be useful to see if the PS/2 driver has some alternate channel.
Have a look at IDA Pro - The Interactive Disassembler. It is an amazing disassembler.
If you want to debug, not just reverse engineer, try PEBrowse Professional Interactive from SmidgeonSoft