This article is related to the “Windows Catalog Files” post and describes how to parse catalog sis.cat file using posix c++ on Linux platform. On Windows as it is mentioned in “Windows Catalog Files” it is possible to retrieve thumbprints with mscat.h API. The Linux parsing method is based on searching positions of some OIDs… Read More »
Windows Catalog file is used to store hash checksums or thumbprints of any collection of files to validate its authenticity. Besides the Catalog file may be digitally signed and be used as group digital signature of the files which thumbprints are presented in this Catalog file. Catalog file may be generated from text catalog definition… Read More »
More than 10 years ago I started XEdit project which is binary editor for files and disks contents. XEdit is available there. I am still using it sometime, however I do not support the project since 2011 mainly because this MFC application was written on Visual C++ 6 and I have no time to do… Read More »
Several years ago I implemented a small project: “Optical character recognition (OCR) of Windows application screenshots”. It the first part of the project – the console application which makes screenshot of some process main window or capture entire screen image. The process is selected by its process ID which should specified as argument. When argument… Read More »
It is continuation of “Signing Windows PE file on Linux” post to verify digital signature programmatically. For demonstration, I am using a previously signed usb-cubby-signed.exe file on Linux with self-signed certificate and Windows .Net API from X509Certificates namespace. The C# console application which determines if application is signed and presents certificate issuer if certificate has… Read More »
The first question is: what for? There are a lot of reason for example someone download Windows application from Linux Apache server. The downloaded application is signed in runtime with different certificate according to selected license. Later during execution Windows application checks certificate type, revocation status and blocks or grants some features. Also application may… Read More »
This article shows how to obfuscate PowerShell command or script for free using Invoke-Obfuscation. We will obfuscate powershell command on Linux CentOS machine and execute obfuscated command on Windows PC. Invoke-Obfuscation runs under powershell and because Microsoft powershell is cross-platform tool and available for many not Windows platforms this obfuscator could be also used anywhere.… Read More »
Renci.SshNet.dll was already mentioned in current blog. It is client library to connect to SSH servers for example Linux sshd daemon. Similar as other ssh related software Renci.SshNet.dll has list of default Ciphers, Key Exchange Algorithms, Message Authentication Code and other connection settings. These setting are defined in Renci ConnectionInfo class. It is possible to… Read More »
Why command prompt when a lot GUI application can do it for you? There are several reason. Command line interface better explains matter of things. It is faster and some remote monitoring and management systems provides only command line remote control methods to access to remote devices. The example below shows how to get TCP… Read More »
This the second article related to ACL, the first one is “Changing file ACL in Windows programmatically”. Going through WellKnownSidType commonly used security identifiers. I found some which I never heard about and several legacy ones, for example DIALUP. Just for fun I decided to test how this user permission look like in the file… Read More »