What exactly happens when Complex Script Support is enabled? - unicode

When we click the check box "Install files for complex script and right to left languages (including Thai)" in Regional and Language settings what exactly happens?
Changes to registry keys?
I noticed that it installs some .fon files and keyboard dlls.
Is this totally necessary if one just wish to read complex script on Windows XP? My test inside VirtualBox as Windows 7 as the host OS seems to indicate that for reading Complex Script need not be enabled. Yet that's not what all the literature on the subject says. What's going on?
Update:
http://hi.wikipedia.org should not be readable if Complex Script is not enabled
http://hi.wikipedia.org/wiki/विकिपीडिया:Devanagari_Help
Problem is that it is readable.

Font files. Rendering libraries ('Uniscript'). Input methods. Certainment beaucoup de cle-registry. (Certainly lots-o-registry-keys.)
Note that IE will tend to get things right even when other things don't, since it builds in a good deal of fancy-pants rendering. Try, oh, Outlook, or some simple sample Win32 program.

Related

Obfuscating a PowerShell script

I have written a PowerShell script in many hours and days and would like to obfuscate it, but so that the code is no longer readable or decompilable, but the script can still be executed. Is there something like that?
With regards to actually obfuscating an entire powershell script, this site seems to do just that.
I tested a script a little over a year ago and here are some of my findings:
Windows10: The obfuscated script worked on Windows 10. I dont
remember the Powershell version I had back then.
macOS: Confirmed it also works on Macs (if you have powershell installed), but I remember there were some errors spat out.
I just tested another script a few minutes ago on a Windows Server 2016 (PSVersion:5.1./Desktop) system. No issues so far.
Now, as was already mentioned by previous posters, it is important to note that any obfuscation can be hacked into. It's just a matter of incentive for the hacker.
I say "any" specifically because you dont control the hosts on which your powershell script will be used. And as such, those who do, if inclined, can alter the binary of the powershell program to get it to spit out everything that it does. How easy that is, I do not know. But a quick google search suggests there are settings available that, if turned on, can log the entire execution of your powershell script, obfuscated or not.
A couple of links that touches on Powershell logging:
PowerShell Logging: Recording and Auditing all Things
About Logging Windows - PowerShell - Microsoft Docs
There is a thing named Powershell Constrained language.
Quoting from here: https://devblogs.microsoft.com/powershell/powershell-constrained-language-mode/
Constrained language mode is a language mode of PowerShell designed to support day-to-day administrative tasks, yet restrict access to sensitive language elements that can be used to invoke arbitrary Windows APIs.
In Constrained mode, these are not supported:
COM objects
Unapproved .NET types
XAML based workflows
PowerShell classes
It's best for running administrative tasks, still it's not better for daily uses. To start it use:
$ExecutionContext.SessionState.LanguageMode = 'ConstrainedLanguage'
Read more here: https://devblogs.microsoft.com/powershell/powershell-constrained-language-mode/
The Invoke-Obsufcation wrote by Daniel Bohmann is much better for this purpose. Link: https://github.com/danielbohannon/Invoke-Obfuscation
Usage Guide: https://blog.vonhewitt.com/2017/08/obfuscating-powershell-commands-using/
If you want something to obfuscate your powershell code to make it unreadable but keep it working you should check a project called Invoke-Obfuscationation done by Daniel Bohannan. You should check his talk about powershell obfuscation where he presented the tool.

Can Windows Theme files (aero.msstyles) be sideloaded with spyware in their resources, specifically in UI scripts

Short version: see topic
Detailed version:
I want to use a specific 3rd party theme for Windows. I'm already using an open source solution which I've compiled myself to disable Window's restriction on Themes.
In the past, when using 3rd party theme related mods that come with DLLs (for example authui.dll for the login ui, or imageres.dll for modding system icons), I avoid using unknown DLLs by simply copying the unknown DLL's theme related resources (such as Bitmaps, Icon groups or UI scripts) unto it's virgin MS Dll counterpart. I call this resource grafting, where resource are changed but the executable elements of DLLs or exes are left alone.
Going back to the theme I want to install, I used sha256 hashing to determine that only aero.msstyles which is also modifiable by resource hacker. So I did the same thing I usually do and transferred resources from the third party theme to Window's own aero.msstyles. Problem is that I ran into a type of resource that I am unable to read or know the contents of. It's called VARIANT. From some experiments done in a VM, it seems to be some kind of binary UI script that resource hacker is unable to decompile. I usually like to be able to read any UI scripts that I transfer but I am unable to do so with this one.
Would this constitute any real security risks? Can UI scripts be side-loaded with some kind of exploit? Seems unlikely to me since the function of a theme file (msstyle) is to coordinate the appearance of the system UI but I don't know enough about the inner working of the whole theming system to be sure. I thought I'd get some other point of views before I take the theme out of the Virtual Machine.
I used vBinDiff to compare the hex code the altered VARIANT/NORMAL binary to that of the original theme. You can also copy the binhexes and save them to two text files which you would compare with WinMerge.
vBinDiff and WinMerge will highlight what modifications and what additions/substractions were made to the binaries, displaying them side by side. I read through the differences, 90% of them were no larger than 4 octals (4bytes), typically what you would expect to see when modding colors using a hex editor. The biggest divergence was an added 32bytes of code.
There are two possible explanations for the such an addition: (1) the author added extra image resources and added the entries necessary to reference them, (2) there is some kind of unwanted code that has been slipped in.
To address the possibility of 2, I did a search to see how small trojan code can get. How likely is it that a trojan has been stuffed into 32bytes if compiled UI scripts? I found a few mentions of an old 17byte virus from the DOS era called trivial which I disegarded right away because it would become apparent very quickly given it's known behavior. As far as full fledged trojans with backdoor and downloading abilities, the smallest I found was 20kb (trojan tinba), discovered in 2012. There is also Catchy32 which is still considered a Trojan but with simpler and very specific functionalities and that one's about 580 bytes (reference). Based on this info, I established that it is highly unlikely (if not impossible) to slip any code in 32bytes of code and established that the resource in question is clean.
Mind you, this doesn't answer the question I asked (can binary UI script resources in a theme carry mal-code) but it does solve my dilemma. Thought I'd share it.

Why does Netbeans IDE look terrible with X forwarding over ssh?

I like the Netbeans IDE and have been using it for many years. Sometimes I am forced to run it on a remote machine, which I access using ssh with X forwarding.
Whenever I do this, all the text looks TERRIBLE! The fonts are ugly, jaggy, pixelated, and sometimes hard to read. The common solution for adding -J-Dawt.useSystemAAFontSettings=lcd to the default settings in netbeans.conf makes fonts look better, but it causes a HUGE performance drop - the IDE responds so slowly that it is practically unusable.
What can I do? Must I choose between decent performance or readable text? Can't I have both?
It turns out that it is indeed possible to have good performance and good fonts at the same time. I had a really hard time finding this answer, so I put it here on stackoverflow in the hope of making other Netbeans users' lives easier.
The magic trick is the xrender option to the JVM. It changes something about how the java runtime renders text so that the performance drop I saw with font smoothing completely disappeared!
Just add -J-Dsun.java2d.xrender=true -J-Dawt.useSystemAAFontSettings=on to the settings line in netbeans.conf (Usually /usr/local/netbeans-X.Y/etc/netbeans.conf), and enjoy pretty fonts and good performance!
Source: https://docs.oracle.com/javase/7/docs/technotes/guides/2d/flags.html
Tested on RHEL remote machine running Netbeans 8.2.
PS: -J-Dawt.useSystemAAFontSettings=on turns on font AA without subpixel hinting. This is my personal preference. You might want to try gasp or lcd to see which one you like better. The link lists all the available options.

Are there any console (not GUI!) alternatives to powershell.exe?

There are a number of GUI hosts for Powershell (Powershell ISE, PoshConsole, etc) but I'm not aware of any purely console hosts other than powershell.exe. Are there any that offer any advantages over powershell.exe?
I'd like to be able to customise more of the host behaviour - specifically to add and customise key bindings other than TAB, and to customise error reporting. There could well be more...
If there aren't any "extended" versions of powershell.exe that offer this, how difficult would it be to write one? I have the SDK sample code, and it looks fairly accessible, but it's hard to be sure what features powershell.exe provides as opposed to the powershell "engine" (as there's no documentation I've found that focuses specifically on the host capabilities).
How about Console it can host multiple shells. Might be worth a look.
The best pure-console for PowerShell is obviously PowerShell Plus, which actually uses a fullblown "native" Windows console, but it wraps it up in candy coating and adds tons of IDE-style features. As far as I know this is the only third-party host that's capable of running "graphical" console apps like edit.com
As a sidenote, I'm honestly not sure it's worth the handicap of a true console just to keep compatibility with whatever graphical interactive console applications like Edit.com might still be around. Considering the limitations, and the amount of work that has to be done to pull off something like what PowerShell Plus has... Personally I can't wait for the day when I no longer have to worry about and can move on to console apps that are really MEF-style plugins in a console-style interface like PoshConsole :-)
I realise that this question is years old, but since I stumbled across it in search of answers, I thought I would add my findings.
I settled on Cmder, for the following reasons:
It wraps cmd and Powershell, so you get the same set of features you would find in either.
The default colour scheme is Monokai, which is not only pleasing to the eye, but actually readable. Maybe I was missing something, but the default output for most of my tasks (Git, Mocha tests etc.) had poor contrast most of the time and I found myself squinting at the screen.
Tab support - I've wanted this for a while, but until now I hadn't found a solution that provided tabs as well as everything else. Powershell IDE has some character encoding / text colour issues that I couldn't ignore.
It's portable - stick it on a USB stick and take it with you wherever you go.
It's configurable - the developer (Samuel Vasko) has done a great job here. It's not lacking for customisation.
Specifically answering the OP's requirements, you can remap key bindings and create macros. I don't see the ability to customise error reporting however.
Hopefully anyone else out there still searching for a decent command line emulator on Windows will see this answer and rejoice.
If you stick with a "Console" subsystem approach you will be saddled with all the limitations that come along with a Windows console subsystem application. Many complaints about PowerShell.exe limitations are really limitations of this feature of Windows (kbd shortcuts, line editing, etc).
What's wrong with PoshConsole? Even though it allows graphics to be displayed it is still a "console-style" UI on top of the PowerShell engine?

How can I intercept and correct keypresses at a low level?

I keep typing "t eh" instead of " the" which is, of course, annoying in the amount of time it takes me to correct myself.
The obvious answer is "Learn to type, noob!" or at least to type more slowly and/or more correctly. This error is frighteningly consistent so it appears I've trained my muscle memory for that pattern already.
But I'm wondering if it's possible to write a small, windows portable script or application that, when it detects the incorrect sequence, backspaces and corrects it automatically at a layer where it would apply to any keyboard input.
Does C# have access to that layer of the OS that intercepts keypresses systemwide?
Will I run into UAC issues with Vista?
Am I re-inventing the wheel (ie, are there open source tools I can modify or use out of the box)?
In DOS this sort of thing was quite easy and one could make TSRs (Terminate and Stay Resident) programs that would, for instance, give you a calculator onscreen with a special keypress. Not to mention the many, many practical joke programs based on this concept (dial "M" for monster!)...
I would, of course, never suggest such a utility could be used that way for co-workers...
-Adam
On windows you could use AutoHotKey. That allows you to create little scripts or macros to automate and correct things like mistypes.
One use was posted on lifehacker which took the common mistyped words and corrected them. It is at http://lifehacker.com/192506/download-of-the-day-universal-autocorrect
UPDATE Per Comment: This is Free software and windows only as far as I know.
The above script is just an example of what it can do. There are a slew of scripts available at AutoHotkeys Site
I suggest AutoHotKey. If you've never used it before, have a quick read of the tutorial: http://www.autohotkey.com/docs/Tutorial.htm
The feature you are looking for is called "hotstrings." http://www.autohotkey.com/docs/Hotstrings.htm
In your case, your script would look something like:
::teh::the
That's it! Add other things you want corrected on additional lines. AutoHotkey scripts can be compiled so you don't have to install AutoHotKey on all of your machines.
It's a very cool program. It's primary use (for making custom hotkeys) rocks! These scripts are system wide so you'll also probably want to make a hotkey to be able to turn them off too!
EDIT: In a comment, it was mentioned that he actually types "t eh" (with a space in it) and I wondered if something additional would be needed for it to work. I just tested it and it works fine. Just install autohotkey, and create a file with the .AHK extension. In that file put in the following line
::t eh::the
and save the file. Then double-click on the AHK file to load AutoHotKey with your script (you'll see a green square in your system tray to let you know it is running). It should work fine!
Yes, you can use pinvoke commands from C# to intercept the low-level os commands. I recommend you take a look at http://www.pinvoke.net. The coding isn't easy but it does work.
I suggest learning to type more slowly. I also suffer from "teh" and "ahve" in part due to autocorrect giving me the leniency. If you forced yourself to retrain then you would not be at a disadvantage when using someone else's machine.
Not to mention the unfortunate event when you need to write "t eh" and are being prevented by an overzealous 'corrector'.