Posts
Run an hardware accelerated Fuchsia emulator on WSL2
Fuchsia is an open source and security oriented operating system developped at Google. You can run it in an emulator on your Mac or Linux computer. But what about Windows? With WSL2 running on the hypervisor, all that is required is to enable nested virtualization and fix an access mask.
Find new, modified and unversioned Subversion files on Windows
Nobody likes to break the build. When I do it, it is often because I forgot to add a file to the repository. The build server will not get it and the build will break.
Bug dans le changement de mot de passe SMTP de Videotron
Le site de support à la clientèle de Vidétron offre la possibilité de changer le mot de passe STMP ou POP associé à votre compte. Ce mot de passe n’est pas le même que celui utilisé pour ouvrir une session dans l’espace client. Votre code d’utilisateur débute par VL (en minuscule, pour Videotron lté) vlxxxxxx et vous avez un mot de passe associé pour la réception de courriel SMTP.
Activate XP Mode with the latest Virtual Box on Windows 7
Windows XP mode is like a virtual image that allows you to run Windows XP (applications) on Windows 7. It comes with an activation key, in the file key.txt in XP Mode installation folder (C:\Program Files\Windows XP Mode\KEY.txt). It will activate your Windows XP virtual image in Virtual PC or in VMWare player, but it will not work with Virtual Box.
Edit a remote registry through Windbg
I found a way to edit the registry while under a remote Windbg session. !dreg allows you to read the registry, but I had added a corrupt authentication package to the Lsa list in the registry that I had to remove. I found out the hard way that LSASS will load all authentication packages listed, even if you boot in safe mode.
How to debug a Credential Provider locally
Here is a quick and easy way to debug a Credential Provider running on your development machine, without needing to set up a kernel debugging session with two computers. Before you go down this road, let me tell you a little bit about LogonUI.exe behavior (as seen on Windows 7 ultimate SP1 64 bits) set to require CTRL-ALT-DEL to log on.
Unlocking another user's session using Credential Providers
I have been working a little bit lately on a Credential Provider port of my custom GINA. I did some tests, I poked around the API and I whipped together something I could load and play with. The route I first thought of taking is still the right one, but I ran into some unexpected problems.
Can your GINA do this ? (running any process on the secure desktop)
I get asked a lot of questions about my custom Gina. Most of them come from people who want to write a custom Gina themselves to do … whatever.
Subversion GUI output from the command line
I use Subversion command line client. But I also have Tortoise SVN installed, because some operations like log and check-in benefit from the GUI.
Interdit de désosser le logiciel Simple Comptable
Je lis toujours les contrats de licence. Celui de Simple Comptable 2010 est particulier : il nous interdit de désosser le logiciel !
Notifu now supports silent operation
I just release a small update to Notifu. You can now display a pop-up without playing the system event sound (-q). Notifu also supports the Windows 7 quiet time. By default, pop-up will not be displayed in the first hour or so after the very first logon. I you must display a pop, you can ignore the quiet time with the –w flag.
Aucun reboots computer, unless a debugger is present
There is a bug in my replacement GINA. I left a call to DebugBreak in my initialisation code.
Aucun now supports 64 bits versions of Windows
Again with much help from user Abdul Khaliq, I can now offert you a 64 bits version of my replacement GINA, called aucun64.dll.
FIX : Changing password with Aucun crashes winlogon
There is an important update to aucun that fixes a bug in the dialog procedure hooking code. If you have Aucun version 1.4.2 or earlier, you will experiment the following bug :
Attaque mathématique des codes Bixi (vélo libre-service)
J’étais au centre ville aujourd’hui et j’avais affaire pas très loin. Au lieu d’utiliser le métro, j’ai loué un Bixi, vélo en libre service. J’ai été surpris de constater que les codes Bixi ne comporte que 3 chiffres, sur 5 caractères, soit 3^5=243 codes possibles.
Notifu 1.5 supports IUserNotification2 new result codes
I updated my Notifu utility to use the new IUserNotification2 interface introduced in Vista. It allows to detect a left or right click on the icon in the system notification area. If you run Windows XP, behaviour is unchanged.
Porting a custom Gina to a Credential provider
Making a replacement Gina behave like a Credential Provider (not the other way around) looks like the ticket to have a single source solution to a Gina and Credential Provider.Segmentation example in a CAPTCHA
From time to time, I come across an application whose designers need - or think they need - a CAPTCHA. I stay convinced that CAPTCHA are to be avoided. This post just goes to show the effect of segmentation on optical character recognition (OCR).
If you read about artificial intelligence and character recognition, you will hear that there are references to segmentation. In short, segmentation is separating the letters from each other, before trying to guess what letters are there.
Segmentation is the “hard” part in solving a text based CAPTCHA, background noise and colors are the easy part. As a rule of thumb, if the letters of your CAPTCHA do not touch each other, your CAPTCHA is weak.
Ne jouez pas avec un CAPTCHA sans la surveillance d'un expert
Je suis tombé sur cette implémentation d’un CAPTCHA.
Les sources du malaise identitaire Québecois
Le Parti Québecois à répondu au président Sarkozy. Je retiens surtout ce passage :
Stop internal drive from showing up in "Safely remove hardware"
Like many of you, I had a drive that showed up in the “Safely remove hardware” tray icon, and was unable to remove it.
Full disk encryption single sing-on and secure backup
I have a been a TrueCrypt user since version 4.0. I used to have an half-baked solution of TrueCrypt, EFS with SYSKEY option 2 (password). When full disk encryption was introduced, I finally got a laptop encryption scheme that I like. It features :
Aucun version 1.4 released : bug fixes, fail safe and debug support
I just put online version 1.4 of my replacement Gina ! Thanks to everyone who gave me a break while I was spending more time house shopping, buying and renovating. This release is very good, thanks to everybody who wrote me about problems they were facing… Here is what’s new :
Easy test coverage with constant Hamming distance of 1
I left a terrible bug in version 1.3 of my replacement Gina. I didn’t want to miss any test case this time, so I wrote a batch file that tests every one of them. That batch file adds a user to a group and a group to the registry. There are two possible groups in the registry, and the user can be a member of either two groups, making 2^(2+2) possibilities, 16 use cases.
High availability for humans
I noticed a new link in my GMail account (I am using gmail for your domain), showing the sessions used to connect to an account and the last time since it had activity on that session.
Step by step guide to create your own MSCASH hashes
I wanted to test the relative strength of a password policy. I wanted to run a password cracking tool over different passwords, from a dictionary based password (like Banana42) to a random one (generated with Password Safe). Creating users setting passwords and running different password extraction tools was a lot of trouble.
Notifu supports concatenation of parameters
This Notifu update allows you to concatenate multiple /m and /p switches. It is usefull when a paramater to Notifu is feed by a program you have no control over.
Notifu supports embedded quotes in parameters
I fixed a bug in notifu that made it ignore quotes that were escaped with a backslash. For example, this command line works now :
Reversing WebSphere {xor} password protection
IBM WebSphere stores its passwords in files. Everybody does that and it is hard to do otherwise. When I am confronted with the problem, I usually say that the only option you have is what file you want a password in. IBM (in WebSphere) went a little further by applying a hardcoded XOR. Each caracter is XORed with the caracter ‘_’, and the resulting string is encoded in base64. This is not cryptography, it is just enough encoding so that a casual glance at the file will not reveal the password.
Asymmetric cryptography mnemonic trick
When ever I teach cryptography to beginners, they are confused with what you can do with the private and public key, in an asymmetric cryptographic scheme. I start by saying the your private key never leaves you, no matter what. No exception to the rules.
Notifu updated, now with Vista support
Here is just a little update to my Notifu utility. It is a drop-in replacement (no new command-line switches) that features
Remplacement GINA now allows force logoff, administrator exclusion
I was a little overwhelmed by the reaction to my custom GINA. The good thing about it is that it motivated me to put a better version out that addresses all the comments I had so far, namely :
Gathering entropy from children
Here is a trick I found that solved an old problem: How can coin flipping ever be fair if only one person chooses head or tail ?
My name is Guillaume, and I want to be a hacker
I was reading the FAQ on how to be a hacker, from Eric Raymond. I recognized in me many of the hacker traits - maybe even some of the skills. But I use a handle, ixe013.
Unlock any user's session without losing data or killing processes
UPDATED Feb. 2nd 2008 : There is an enhanced version out, with better code, features and documentation.
Denial of service on Vista using Resource Monitor
Microsoft wants you to run with lower privileges. They went out of their way in Windows Vista. You are a member of the Administrative group in Vista, but you the group is for deny only in your token. When you elevate, you get a new token without that deny group. Just like an administrator removing its newbie mask.
Getting the username from a desktop handle (HDESK)
I was struggling with an strange error message, trying to retrieve a username from a desktop handle (HDESK). The Windows function LookupAccountName would always return error code 0x534 (that’s 1332 in decimal). Looking it up with GetLastError gave this :
Lettre d'opposition à l'introduction d'une loi DMCA au Canada
Il y a présentement un mouvement d’opposition à l’introduction d’une loi semblable au DMCA américain. Le mouvement “Online Rights Canada” (ORC) a un outil qui permet d’envoyer une lettre à votre député ainsi qu’aux Ministres Prentice et Vermeer.
GSSP - Java self study reference links
This page contains links to useful, free content to prepare to your GSSP certification. I gathered these links as I was preparing for the exam myself.
Counting on your 1024 fingers
Last week I went to a conference given by Mathieu Hébert. He was showing off, and somewhat teaching, his ability to do mathematical operations on his fingers (article in French), using each one as a binary digit. Ten fingers makes for 1024 combinaisons, allowing to represent number as big as 1023 since it starts with 0.
Hosting at DreamHost is funnier
I used to my code in Google’s subversion. It was good, but I needed more. The built-in wiki was to restrictive, and I wanted to track usage and downloads.
LoadLibrary fails when impersonating
I was playing around with SSPI, the Security Support Provider Interface. I stumbled across a behavior that I cannot explain : you cannot call LoadLibrary when you are impersonating.
A convenient way to run Apache Forrest on Windows
I use Apache Forrest to generate what will someday be the homepage of paralint.com. I use “forrest run” most of the time, and “forrest site”, “forrest clean” every now and then.
Using vi ? Try this in Google
I followed advice from my father and learned how to type back in high school. Using a typewriter, in case you wonder. The first time I had to type something, I forced myself to “do it right”, even though hunt and peck was faster. I now type quite fast, and I can type while looking at somebody. Might not qualify as listening, though…
Making Jetty listen to the local interface only
I use Apache’s Forrest tool, which uses internally the Jetty engine. I wanted to make Jetty listen to 127.0.0.1 instead of 0.0.0.0, so my computer wouldn’t show up in a enterprise port scan.
Égalité ou indépendance ? (vieux refrain unioniste)
À la lumière des résultats de l’élection mais aussi de la campagne électorale en général, je suis encore en réflexion sur l’avenir du Québec et le fondement de mes convictions souverainistes. Le projet de souveraineté du MSA de 68 ou du PQ de 76 n’est plus applicable tel quel aujourd’hui, 30 ou 40 ans plus tard. Le Québec a trop changé. On parle maintenant aux enfants de la loi 101 et au Québec inc.
Change Paros Proxy MITM SSL certificate
Don’t you just love man-in-the-middle (MITM) HTTPS proxies ? I use Burp proxy a lot, it does man-in-the-middle and gzip.
UDDI, qu’osse ça donne ?
J’ai lu la présentation sur les services web de Benoit Piette. Très bien, mais j’ai des réserves sur tout ce qui est UDDI. Non pas que la technologie est mal expliquée, c’est juste que je résume habituellement UDDI par “technology waiting for a problem”. Voici mon raisonnement.
Free subversion hosting at Google is fun
I was looking for free subversion hosting. I had just set up an empty projet at opensvn.csie.org when I heard the news : Google is now hosting open source projects. So I added a few hobby projects I have going.
ASP.NET Impersonation
I was looking for a table that showed how client authentication, server authentication and impersonate flag work together. I found many good examples and tutorials explaining how to make any combinaison work, but not a quick reference table.
A journey through WSS
I’ve been playing with web services for a while now. First code to hit production was in 2001. SOAP has come a long way since then… I am now focusing on computer security, actually making a living out of it.
So this is a first post about securing a Web Services in J2EE with WSS. Not just by using HTTPS, but using a full fledged WS-Security setup. Things I have ready to run :
subscribe via RSS