<2007 February>
SunMonTueWedThuFriSat
28293031123
45678910
11121314151617
18192021222324
25262728123
45678910

On this page...

Search

Links

Member of...


ASP Insiders

MVP Visual Developer ASP/ASP.NET

Enter CodeZone

Blog Categories

Microsoft

Blogroll

Deutsche Resourcen

Management

Sign In
 

#  Wednesday, 28 February 2007

Fiddler is a HTTP debugging proxy. Although it is easy to use (a very good thing!), it is also very powerful. Point in case and why I am writing about it today is that I stumbled across a drive-by-download site (stumble is the wrong word, the URL came with what seemed like a phishing mail and that piqued my interest):

That site is actually quite clever though: when you go there the second time, it detects that it tried to infect you before and tells you that your IP is blocked. And it doesn't send a peep to a browser other than IE. Plus - and that takes the biscuit - it also verifies the referer.

But I still wanted the code, so I reset my router and started Fiddler:

Although Fiddler has tons more features, this did the trick for me in this case (if you want to learn what Fiddler can do, look here).

So what's the obfuscated script about? The short version: it is a variant of the ASUS download server drive-by download incident. The actual code can be found in a discussion on our German .NET community site here.

Categories: Cool Download | Security | this
Wednesday, 28 February 2007 15:26:38 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 

The video recordings for the main tracks of FOSDEM 2007 are online now. Of interest for .NET developers might be Miguel's session on "Turbocharging Linux with Mono".

Categories: .NET | Community
Wednesday, 28 February 2007 09:20:15 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Thursday, 22 February 2007

Usually, this wouldn't be down my alley, but thanks to VSTS I am a WSS user: all new WSS templates in one download. There are quite a few templates to choose from:

  • Absence Request and Vacation Schedule Management
  • Help Desk
  • Budgeting and Tracking Multiple Projects
  • Inventory Tracking
  • Bug Database
  • IT Team Workspace
  • Call Center
  • Job Requisition and Interview Management
  • Change Request Management
  • Knowledge Base
  • Compliance Process Support Site
  • Lending Library
  • Contacts Management
  • Physical Asset Tracking and Management
  • Document Library and Review
  • Project Tracking Workspace
  • Event Planning
  • Room and Equipment Reservations
  • Expense Reimbursement and Approval Site
  • Sales Lead Pipeline

I highlighted a few that might be interesting to developers.

Thursday, 22 February 2007 10:19:47 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Wednesday, 21 February 2007

This is v2 of the Vista UAC development requirements document. From the TOC:

  • Why User Account Control?
  • How UAC Works
  • Will UAC Affect Your Application?
  • Designing Applications for Windows Vista
  • Deploying and Patching Applications for Standard Users
  • Troubleshooting Common Issues
  • References
Categories: Security | UAC | Vista
Wednesday, 21 February 2007 09:48:17 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Tuesday, 20 February 2007

Yesterday, Peter Koen held a talk at the .NET UG Vienna about Office Business Applications (OBA). I had ignored this topic up until now, but it definitely is worth checking out. Get started with Office Business Applications: What is it, and how can I get started? and then head over to the Office Business Applications Developer Portal. (Also have a look at the topics in Architecture Journal #10)

Tuesday, 20 February 2007 11:09:37 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 

Get it from the revamped VPC homepage. What's new? Hardware virtualization is supported, x64 as host operating system, Vista as host and guest plus a couple other enhancements.

Categories: Cool Download | Virtual PC
Tuesday, 20 February 2007 10:57:34 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Sunday, 18 February 2007

Microsoft Not Discussing Windows 7, Office 14

As for the title of this blog post, please refer to Falco.

Categories: Newsbites
Sunday, 18 February 2007 12:23:00 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



#  Friday, 16 February 2007

Categories: this | Vista
Friday, 16 February 2007 19:51:04 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 

In my last blog entry UAC Elevation in Managed Code: A .NET COM Component Elevated I showed how to get up and running with an all-managed code solution for UAC and COM elevation. Today I want close out my series on UAC with some information on how to properly organize the project plus present a library you can reuse to get up and running quickly - without many of the manual and tedious steps from the previous proof of concept example.

Speaking of the previous sample: it is still the basis for this best practice, so the following directory layout will look familiar to you:

Before diving into code, I want to start out with the SampleSetup directory, which contains the executables. As you can guess, the starting point is Step1Register. It contains register.bat, which you have to execute:

Note that on machines without the .NET Framework SDK, there is no gacutil.exe. In that case, you have to drag & drop ManagedElevator.dll to c:\windows\assembly.

And in case you have been wondering from this screenshot, yes, the application now also plays nicely on Windows XP:

Of course, there is no consent UI popping up, nor is there a shield icon like there is on Windows Vista:

The magic for this cross-platform functionality is hidden in the UACHelper project - which brings us to the source section of this blog post:

All the necessary COM elevation magic is now moved to this neat little library - including the adapted UAC bits of VistaBridgeLibrary (no longer necessary). The names already give away the purpose of each class and where they are used:

  • COMRegistration Used by the elevated component to automatically register the necessary registry keys.
  • ShieldButton Used by the client to display a button with a shield icon (on Vista). For XP, no shield is rendered.
  • COMElevation Starts the requested component with admin privileges.
  • ElevatedProcess If you want to start a simple process elevated. Not used in this guidance.

The first customer of this library is the elevated component, so we start discussing this guy next:

At first glance, this is similar to the previous POC implementation. The main difference now is that I have broken down the functionality by feature area into namespaces:

  • The "main" namespace
  • The .Components namespace
  • The .Guids namespace
  • The .InterOp namespace

Let's look at these one by one.

The "main" namespace

Here, we have one class only:

class RegisterFunctions
{
  [ComRegisterFunction]
  public static void CustomRegister(Type t)
  {
    COMRegistration.RegisterForElevation(Assembly.GetExecutingAssembly().Location,
       SampleComponent.ClassToElevate,
       Global.AppId,
       100);

    // add additional "for elevation" components here by duplicating the above
  }

  [ComUnregisterFunction]
  public static void CustomUnregister(Type t)
  {
    COMRegistration.UnRegisterFromElevation(Assembly.GetExecutingAssembly().Location,
        Global.AppId);
  }
}

It is called when the assembly is regasm'ed, and it is here where you call into COMRegistration.RegisterForElevation to add all the necessary registry keys for elevation:

public static void RegisterForElevation(string assemblyLocation,
    string classToElevate,
    string appId,
    int localizedStringId)
{
 if (!UACHelperFunctions.IsUACEnabledOS()) return;

 // [HKEY_CLASSES_ROOT\CLSID\{71E050A7-AF7F-42dd-BE00-BF955DDD13D4}]
 // "AppID"="{75AB90B0-8B9C-45c9-AC55-C53A9D718E1A}"
 // "LocalizedString"="@E:\\Daten\\Firma\\Konferenzen und Talks\\..."
 RegistryKey classKey = Registry.ClassesRoot.OpenSubKey(@"CLSID\{" + classToElevate + "}", true);
 classKey.SetValue("AppId", "{" + appId + "}", RegistryValueKind.String);
 classKey.SetValue("LocalizedString", "@" + assemblyLocation + ",-" + localizedStringId.ToString(), RegistryValueKind.String);

 // [HKEY_CLASSES_ROOT\CLSID\{71E050A7-AF7F-42dd-BE00-BF955DDD13D4}\Elevation]
 // "Enabled"=dword:00000001
 RegistryKey elevationKey = classKey.CreateSubKey("Elevation");
 elevationKey.SetValue("Enabled", 1, RegistryValueKind.DWord);
 elevationKey.Close();

 classKey.Close();

 // [HKEY_CLASSES_ROOT\AppID\{75AB90B0-8B9C-45c9-AC55-C53A9D718E1A}]
 // @="ManagedElevator"
 // "DllSurrogate"=""
 RegistryKey hkcrappId = Registry.ClassesRoot.OpenSubKey("AppID", true);
 RegistryKey appIdKey = hkcrappId.CreateSubKey("{" + appId + "}");
 appIdKey.SetValue(null, Path.GetFileNameWithoutExtension(assemblyLocation));
 appIdKey.SetValue("DllSurrogate", "", RegistryValueKind.String);
 appIdKey.Close();

 // [HKEY_CLASSES_ROOT\AppID\ManagedElevator.dll]
 // "AppID"="{75AB90B0-8B9C-45c9-AC55-C53A9D718E1A}"
 RegistryKey asmKey = hkcrappId.CreateSubKey(Path.GetFileName(assemblyLocation));
 asmKey.SetValue("AppID", "{" + appId + "}", RegistryValueKind.String);
 asmKey.Close();

 hkcrappId.Close();
}

Please take note that when the component is registered on eg Windows XP, no registry entries are written. After all, they are not needed.

The .Components namespace

Not much of a change - it contains the administrative component(s).

The .Guids namespace

The guids have been moved to a separate namespace. The reason? That way you can reference the assembly in the client project and use the guids directly - no magic strings anywhere any more.

The .InterOp namespace

This is the most important change with regards to the POC project - defining the correct ComImport'ed interface is now the responsibility of the implementer of the elevated component. That way, anyone needing access to this component only needs to reference the assembly and they are good to go. It is a bad idea to have this interface part of the client codebase!

Speaking of the client... here is the button code for DemoForm.cs:

private void cmdLaunch_Click(object sender, EventArgs e)
{
 if (UACHelperFunctions.IsUACEnabledOS())
 {
   IHelloWorld ihw = COMElevation.Start<IHelloWorld>(
        SampleComponent.ClassToElevate, SampleComponent.IHelloWorld);
   ihw.SayHello();
   COMElevation.Release(ihw);
 }
 else
 {
   ManagedElevator.Components.ClassToElevate c = new ManagedElevator.Components.ClassToElevate();
   c.SayHello();
 }
}

What looks interesting at first is COMElevation.Start as well as Release:

public class COMElevation
{
 public static TIFace Start<TIFace>(string IID_Class, string IID_Interface)
 {
  return Start<TIFace>(new Guid(IID_Class), new Guid(IID_Interface));
 }

 public static TIFace Start<TIFace>(Guid IID_Class, Guid IID_Interface)
 {
  object o = UACManager.LaunchElevatedCOMObject(IID_Class, IID_Interface);
  return (TIFace)o;
 }

 public static void Release(object o)
 {
  Marshal.ReleaseComObject(o);
 }
}

Actually all it does is encapsulate the necessary calls to UACManager and Marshal. Why is there no if / else using IsUACEnabledOS here? Well, at first I thought I'd build such a switch, but then I thought again: why would I use COM InterOp if I don't have to? I already referenced the assembly for the component (for the guids and interop interface), so why not use managed all the way and save time? That's what I did in the cmdLaunch_Click event handler.

That's it for the code folks, now a little discussion at the end on why in the world would you even think about doing this in a cross-platform way, or why it is a stupid idea all along:

This approach is only sensible if your application runs as administrative user on XP, otherwise all the calls in the administrative component will fail. However, the cross-platform part is only there to make it a complete best practice, there is no "you must use it cross-platform" - if you build applications for Windows Vista with the eventual need to elevate a task, then UACHelper is definitely for you! (and forget about that it would even work on XP)

Oh, and I almost forgot - here is the complete download, source code included of course (my code is BSD licensed):

AutomaticRegistration.zip (91.92 KB)

Categories: Security | UAC | Use the source Luke | Vista
Friday, 16 February 2007 08:02:29 (W. Europe Standard Time, UTC+01:00)  #    Comments [1]

 



#  Thursday, 15 February 2007

Yesterday was the last day of VSone, the German .NET conference featuring almost all  well-known German speakers. As I had hinted at earlier, I did three talks there, and I still owe the audience of my VSTE DbPro talk a couple of resource links:

Thursday, 15 February 2007 16:39:26 (W. Europe Standard Time, UTC+01:00)  #    Comments [0]

 



© Copyright 2017 Christoph Wille

newtelligence dasBlog 2.3.9074.18820
Subscribe to this weblog's RSS feed with SharpReader, Radio Userland, NewsGator or any other aggregator listening on port 5335 by clicking this button.   RSS 2.0|Atom 1.0  Send mail to the author(s)

 
Don't contact us via this (fleischfalle@alphasierrapapa.com) email address.