|
Thanks
I just tried this right after CreateProcess
char wintxt_memory[] = "Client Manager";
char winclass_memory[] = "IEFWINDOW";
LPTSTR wintxt = wintxt_memory;
LPTSTR winclass = winclass_memory;
HWND h = NULL;
h = ::FindWindow(winclass,wintxt);
if (h != NULL)
::SetWindowPos(h, HWND_BOTTOM, 0, 0, 0, 0, SWP_HIDEWINDOW);
However the window is visible for a brief,flickering and noticable moment and if at all possible I would like to avoid that
|
|
|
|
|
|
Thanks, I'll give it a try.
|
|
|
|
|
You may also want to try not setting the STARTF_USESHOWWINDOW flag in STARTUPINFO structure.
Chen Venkataraman
|
|
|
|
|
Thanks, but I've used the STARTF_USESHOWWINDOW all the time.
|
|
|
|
|
be warned when working with third party apps ( mainly if you don't know what library ( and language ) created it. We had a major issue awhile back working with apps created in delphi because it turns out the "main" window is handled by a global application object and not allowed available for use by outside apps.
Never did get that fixed....
Joseph Dempsey
joseph_r_dempsey@yahoo.com
"Software Engineering is a race between the programmers, trying to make bigger and better fool-proof software, and the universe trying to make bigger fools. So far the Universe in winning."
--anonymous
|
|
|
|
|
Thanks, for the warning, I really hope that this won't be one of those that can't be fixed.
I'm almost 100% positive that Visual C++ 6.0 was used for this particular app.
|
|
|
|
|
Hi There,
Could anyone help me with the code to Auto-Lock a NT4.0 Workstation after a certain period. The program should run as a service under a Local Admin account because on NT the user policies is going to prevent other users from
changing the delay as with a screensaver. Any help would be much appreciated.
|
|
|
|
|
You mean something like described in Q262646 in MS KB?
|
|
|
|
|
What exactly does Q262646 say?? I've found a few Q's on Microsoft's Knowledge Base but I can't find 262646.
|
|
|
|
|
The full name is
"How to Lock a Workstation from the Command Line"
and I really cannot found it on the microsoft's website in any way... But it can be found in the msdn library I have installed on my computer. If you haven't I can rephrase the article for you.
|
|
|
|
|
an official solution from MS how to lock a NT4 workstation - part of Q262646
....
There is no solution to lock a Windows NT 4.0-based workstation from the command line. You can, however, achieve a similar effect with some additional configuration.
In Windows NT 4.0, you can use the SendMessage call to send a SC_SCREENSAVE message to the topmost window, which locks the workstation if the current user has a screen saver configured and the screen saver is configured to require a password.
To ensure that a screen saver is configured, you can create registry entries. Run a registry (.reg) file that adds the following entries from the command line:
HKCU\Control Panel\Desktop\ScreenSaveActive = 1<br />
HKCU\Control Panel\Desktop\ScreenSaverIsSecure = 1<br />
HKCU\Control Panel\Desktop\ScreenSaveTimeout = timeout in seconds<br />
HKCU\Control Panel\Desktop\SCRNSAVE.EXE = %SystemRoot%\System32\Appropriate screen saver.scr
Some screen savers require additional parameters in HKCU\Control Panel\Screen Saver.screen saver name as well.
After you create these registry entries, the following call invokes the screen saver:
SendMessage(HWND_TOPMOST, WM_SYSCOMMAND, SC_SCREENSAVE, 0)
You must write and compile a short program (.exe file) that contains this call. You can then call your program from the command line to activate the screen saver. Because the ScreenSaverIsSecure value in the registry has been set to 1, this has the effect of locking the workstation.
....
|
|
|
|
|
Hi, everyone!
I have written a small program which can send SYN TCP package.
The trouble I met with is when using 1.2.3.4 as source address
and using 2.3.4.5 as desrination address, all procudure works
OK. I have used Ethereal to sniffer the sending out packages.
But when I change the address to the real address of the LAN of
our lab. Strange packages are sent. They are ARP packages.
For example, when I change source address to 210.73.46.75 and
destination address to 210.73.46.82. Ethereal reports to me
a ARP package is sent, which means "who has 210.73.46.82? Tell
210.73.46.75".
How to use real network address to send a SYN TCP package?
Here is all of my source codes.
Source codes:
--------
/********************** main.c source file ************************/
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#pragma comment(lib, "ws2_32.lib")
struct tcpheader {
unsigned short int th_sport;
unsigned short int th_dport;
unsigned int th_seq;
unsigned int th_ack;
unsigned char th_x2:4, th_off:4;
unsigned char th_flags;
unsigned short int th_win;
unsigned short int th_sum;
unsigned short int th_urp;
}; /* total tcp header length: 20 bytes (=160 bits) */
struct ipheader {
unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
unsigned char ip_tos;
unsigned short int ip_len;
unsigned short int ip_id;
unsigned short int ip_off;
unsigned char ip_ttl;
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;
unsigned int ip_dst;
}; /* total ip header length: 20 bytes (=160 bits) */
typedef struct ps_hdr
{
unsigned int source_address; // Source Address => 4 Bytes
unsigned int dest_address; // Destination Address => 4 Bytes
unsigned char placeholder; // Place Holder => 1 Bytes
unsigned char protocol; // Protocol => 1 Bytes
unsigned short tcp_length; // TCP Length => + 2 Bytes
// = 12 Bytes
struct tcpheader tcp;
}PS_HDR;
// IP/TCP/UDP Checksum Function
USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while (size > 1)
{
cksum += *buffer++;
size -= sizeof(USHORT);
}
if (size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >>16);
return (USHORT)(~cksum);
}
#define PORT 25
int main (void)
{
WSADATA wsd;
char datagram[4096];
int bOpt = 1;
if (WSAStartup(MAKEWORD(2,2), &wsd) != 0)
{
printf("WSAStartup() failed: %d\n", GetLastError());
return -1;
}
// Create a raw socket
SOCKET s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (s == INVALID_SOCKET)
{
printf("WSASocket() failed: %d\n", WSAGetLastError());
return -1;
}
struct ipheader *iph = (struct ipheader *) datagram;
//struct tcpheader *tcph = (struct tcpheader *) datagram + sizeof (struct ipheader);
struct tcpheader *tcph = (struct tcpheader *) (datagram + sizeof (struct ipheader));
struct sockaddr_in sin;
sin.sin_family = AF_INET;
sin.sin_port = htons (PORT);
sin.sin_addr.s_addr = inet_addr ("210.73.46.82");
memset (datagram, 0, 4096); /* zero out the buffer */
iph->ip_hl = 5;
iph->ip_v = 4;
iph->ip_tos = 0;
iph->ip_len = sizeof (struct ipheader) + sizeof (struct tcpheader);
iph->ip_id = 1;
iph->ip_off = 0;
iph->ip_ttl = 255;
iph->ip_p = 6;
iph->ip_sum = 0;
iph->ip_src = inet_addr ("210.73.46.75");
iph->ip_dst = sin.sin_addr.s_addr;
tcph->th_sport = htons (1234);
tcph->th_dport = htons (PORT);
tcph->th_seq = rand();
tcph->th_ack = 0;
tcph->th_x2 = 0;
tcph->th_off = 5;
tcph->th_flags = 2; // SYN
tcph->th_win = htons(65535);
tcph->th_sum = 0;
tcph->th_urp = 0;
iph->ip_sum = checksum((unsigned short *)&iph, sizeof(ipheader));
struct ps_hdr pseudo_header;
pseudo_header.source_address = inet_addr ("210.73.46.75");
pseudo_header.dest_address = sin.sin_addr.s_addr;
pseudo_header.placeholder = 0;
pseudo_header.protocol = 6;
pseudo_header.tcp_length = htons(20);
pseudo_header.tcp = *tcph;
tcph->th_sum = checksum ((unsigned short *)(&pseudo_header), 32);
if (setsockopt(s, IPPROTO_IP, IP_HDRINCL, (char *)&bOpt, sizeof(bOpt)) == SOCKET_ERROR)
{
printf("setsockopt(IP_HDRINCL) failed: %d\n", WSAGetLastError());
return -1;
}
while (1)
{
// Send The Packet
if (sendto(s, datagram, 40, 0, (SOCKADDR *)&sin, sizeof(sin)) == SOCKET_ERROR)
{
printf("sendto() failed: %d\n", WSAGetLastError());
return -1;
}
}
return 0;
}
/********************** main.c source file ************************/
--------
Thanks in advance,
George
|
|
|
|
|
Hi,
maybe I didn't get it correctly from your description and having no time to test your code, so I hope that I am answering your question .
It goes that way, than when you want to sent some packets from src: 210.73.46.75 to dst: 210.73.46.82, the IP stack needs to know the Ethernet address of the destination card, because it must be filled to the ethernet frame, which will be send.
Therefore the 210.73.46.75 sends ARP packet with a query:
"who has 210.73.46.82? Tell
210.73.46.75".
Then the computer, which have IP 210.73.46.82 will send back his ethernet address, using ARP reply. And then the 210.73.46.75 can finally send the ethernet frame containing your IP packet.
I hope, that this is what you asked and that it cleared the sense of ARP packets as well. If you have some another/additional questions, just ask.
|
|
|
|
|
Thanks, geo_m buddy!
I do not understand why when I use virtual network address
"1.2.3.4" and "3.4.5.6", it works fine. I have used Ethereal
to sniffer and no ARP packages are sent.
So, I want to know why when using virtual network address, no
ARP packages are sent.
Can you help?
regards,
George
|
|
|
|
|
Don't know what happened exactly in your configuration, but I'll try to go deeper in that - the ARP packets are not send in a situation, when the computer is able to fill the correct ethernet address itself. This can happen' in two cases
1. the ARP result is in a cache (because the results are cached)
2. it is for the same computer (some derivate of 1. - computer knows his own ethernet address, so there is no need to ask through ARP)
You can look to content of your arp cache using command arp -a
Here you will probably see the default gateway for your computer and it's ethernet address. And I think this is also a key for answering your question - as the address 1.2.3.4 is correct internet address, and it is not in your subnet, your computes asks default gateway for processing the packet - it is simply forwarded to default gateway. And because default gateway was probably used before, the ARP result is taken from cache - no need for sending ARP packets.
You can play with arp command, and you can try to delete the content of the cache and see what's happened in what situation. Don't worry clearing the arp cache is harmless operation
|
|
|
|
|
Thanks, geo_m buddy!
I want to do things like this. Implement TCP three time shake
hands procedure on Windows system. Such is, Site A send a SYN
and then Site B send ACK_SYN, and finally site A send back ACK.
I want to know is it possible to do the job on Windows platform?
What the trouble I met is, I do not know how to send a TCP package
including special fields.
I want to use bind-accept mechanism to implement this. But I do not
know how to send back a TCP package with special field. For example,
flags field (where I can set SYN, ACK_SYN and ACK fields, etc).
I want to learn your advice about my work.
regards,
George
|
|
|
|
|
Hi,
difficult to say, I never worked with RAW_PACKETs or what is it, I worked only with really _raw_ packets But I think, it is possible to do it on WinNT. Question is only, why? The TCP is already implemented and works... So if there is no special reason for doing it with this hard way, I'd suggest to stick with proven solutions and stay on normal winsock. Or if it is just a toy project, it is a great way how to learn the internals of the TCP/IP (a bit too much coding for me, but why not, if you enjoy it :P )
Anyway, I looked to your sample, and I think the answer is quite easy - for ACK, FIN, PUSH, RST, SYN, URG flags, you have to simply set the th_flags member of your tcpheader structure, exactly as you are setting the SYN flag now.
The values for flags are defined as follows:
#define TCP_FLAG_URGENT 0x20<br />
#define TCP_FLAG_ACK 0x10<br />
#define TCP_FLAG_PUSH 0x08<br />
#define TCP_FLAG_RESET 0x04<br />
#define TCP_FLAG_SYN 0x02<br />
#define TCP_FLAG_FIN 0x01
so if you want to set two flags, you can simply do it by or-ing them. Then instead of:
tcph->th_flags = 2; // SYN
write something like:
tcph->th_flags = TCP_FLAG_ACK + TCP_FLAG_SYN; // Set ACK and SYN together
Let's go to the next step
|
|
|
|
|
Thanks, geo_m buddy!
I have written a simple program to send SYN. It works good when the target machine port number is 25 (SMTP). But when I change the port number to 5678
(you can see this statement #define PORT 5678 from the source code), I find the target machine automatically sending back a RST ACK package.
I do not want this to happen. For I want to simulate TCP's three time shake hands procudure. If the target machine sending back the package automatically for me, I will have no work to do.
How can I disable the RST ACK package sending by the target machine? Can you help?
I have a snapshot of Ethereal which recording the communication procedures.
If you want it, I can send it to you. For I do not know how to post an attachment of the post.
Here are the source code:
--------
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#pragma comment(lib, "ws2_32.lib")
struct tcpheader {
unsigned short int th_sport;
unsigned short int th_dport;
unsigned int th_seq;
unsigned int th_ack;
unsigned char th_x2:4, th_off:4;
unsigned char th_flags;
unsigned short int th_win;
unsigned short int th_sum;
unsigned short int th_urp;
}; /* total tcp header length: 20 bytes (=160 bits) */
struct ipheader {
unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
unsigned char ip_tos;
unsigned short int ip_len;
unsigned short int ip_id;
unsigned short int ip_off;
unsigned char ip_ttl;
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;
unsigned int ip_dst;
}; /* total ip header length: 20 bytes (=160 bits) */
struct ps_hdr
{
unsigned int source_address; // Source Address => 4 Bytes
unsigned int dest_address; // Destination Address => 4 Bytes
unsigned char placeholder; // Place Holder => 1 Bytes
unsigned char protocol; // Protocol => 1 Bytes
unsigned short tcp_length; // TCP Length => + 2 Bytes
// = 12 Bytes
struct tcpheader tcp;
};
USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while (size > 1)
{
cksum += *buffer++;
size -= sizeof(USHORT);
}
if (size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >>16);
return (USHORT)(~cksum);
}
#define PORT 5678
int main (void)
{
WSADATA wsd;
char datagram[4096];
int bOpt = 1;
if (WSAStartup(MAKEWORD(2,2), &wsd) != 0)
{
printf("WSAStartup() failed: %d\n", GetLastError());
return -1;
}
// Create a raw socket
SOCKET s = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (s == INVALID_SOCKET)
{
printf("WSASocket() failed: %d\n", WSAGetLastError());
return -1;
}
struct ipheader *iph = (struct ipheader *) datagram;
struct tcpheader *tcph = (struct tcpheader *) (datagram + sizeof (struct ipheader));
struct ps_hdr *pseudo_header = (struct ps_hdr *) (datagram + 8);
struct sockaddr_in sin;
sin.sin_family = AF_INET;
sin.sin_port = htons (PORT);
sin.sin_addr.s_addr = inet_addr ("210.73.46.79"); // TARGET ADDRESS MAKE SURE IT DOES EXIST
memset (datagram, 0, 4096); /* zero out the buffer */
pseudo_header->source_address = inet_addr ("210.73.46.75"); // YOUR ADDRESS, CAN BE SPOOFED
pseudo_header->dest_address = sin.sin_addr.s_addr;
pseudo_header->placeholder = 0;
pseudo_header->protocol = 6;
pseudo_header->tcp_length = htons(20);
tcph->th_sport = htons (1234);
tcph->th_dport = htons (PORT);
tcph->th_seq = rand();
tcph->th_ack = 0;
tcph->th_x2 = 0;
tcph->th_off = 5;
tcph->th_flags = 2; // SYN
tcph->th_win = htons(65535);
tcph->th_sum = 0;
tcph->th_urp = 0;
tcph->th_sum = checksum((unsigned short *) (datagram + 8), 32);
iph->ip_hl = 5;
iph->ip_v = 4;
iph->ip_tos = 0;
iph->ip_len = htons(40);
iph->ip_id = 1;
iph->ip_off = 0;
iph->ip_ttl = 255;
iph->ip_p = 6;
iph->ip_sum = 0;
iph->ip_src = inet_addr ("210.73.46.75"); // YOUR ADDRESS, CAN BE SPOOFED
iph->ip_dst = sin.sin_addr.s_addr;
iph->ip_sum = checksum((unsigned short *) datagram, 20);
if (setsockopt(s, IPPROTO_IP, IP_HDRINCL, (char *)&bOpt, sizeof(bOpt)) == SOCKET_ERROR)
{
printf("setsockopt(IP_HDRINCL) failed: %d\n", WSAGetLastError());
return -1;
}
//while (1)
//{
// Send The Packet
if (sendto(s, datagram, 40, 0, (SOCKADDR *)&sin, sizeof(sin)) == SOCKET_ERROR)
{
printf("sendto() failed: %d\n", WSAGetLastError());
return -1;
}
//}
return 0;
}
--------
regards,
George
|
|
|
|
|
Is there some service/daemon/another program listening on the machine you are sending tye SYN packet to?
I assume, on that machine some mailserver is running and he responds to your request n port 25, but on port 5678 is nothing and therefore the OS refuses you the connection.
You need to have here some listening peer - you can write such a simple app from a scratch, just create socket, bind it to some address and start listening on the 5678 port. Then run it on the remote machine.
On the remote machine you can also run netstat -a -n and you will see on which ports someone is sitting and listening.
The ports marked as LISTENING are available for new incoming connections, on any other port you'll be refused - this is defined behavior.
good luck
|
|
|
|
|
Thanks, geo_m buddy!
I have made a test. When there is no process binding the port on the destination machine, after sending a SYN package from the source machine to the destination machine, the destination machine will send back a RST ACK package.
Then I write a simple TCP server to bind to a specific port on the destination machine. I found out that after sending a SYN package from the source machine to the destination machine, the destination machine will automatically send back a SYN ACK package.
Since I want to implement the three time shake hands myself, I do not want either cases happen. I just want to send a SYN package and do not want the destination machine to send back anything.
But I do not know how to do that. Can you help?
regards,
George
|
|
|
|
|
Hmm, if you want to implement the standard TCP handshake, I would first leave the server (remote machine) running standard IP stack and make my client to be fully running & compatible with.
In a next step I would make the server part communicating with standard TCP client (e.g. Telnet.exe). As a last step I'd put my client and my server together, and in this step it should work like a charm
To achieve the customized server-side, you have to develop the server using the probably raw_sockets also. There you will get your packet and you will make your response to it as well. But I'd keep that for a second step.
|
|
|
|
|
Thanks, geo_m buddy!
Your reply is a good road for me. Maybe a long way,
But the trouble I met with is how to disable the server
sending back anything. Because if the server automatically
sent back anything, all of my work is nonsense.
My plan is like this, client sends SYN to server. And at the
server side, I will start a process to sniffer. When the sniffer
process noticed the SYN package comes, it will start another process
to send back ACK SYN package. Is my plan feasible?
regards,
George
|
|
|
|
|
There I am on unstable grounds with the raw socket implementation on w2k :P
In general, where there is no listening socket at all, the OS should return RST to you. If there is a listener, he can either accept your connection (ACK ) or also refuse it (RST ), or just don't respond at all and you will timeouted.
The problem of your plan I can see in a fact, that meanwhile the sniffer will start new process etc, the OS will reply with the RST , because there will be no associated socket with the port specified. But there's a point of my raw winsock ignorance - maybe it is possible to listen with some raw socket on some specific port - this can be a solution for you, I don't know, I worked with TCP/IP either on a lowest level (next to ethernet), or using the std sockets, therefore the lack of knowledge in case of concrete raw socket configuration.
But maybe I don't understand your plan correctly - you want to have some sort of application on a server, which will return SYN ,ACK to your SYN request - but this is what the normal socket app. will do for you (as well as the smtp server already did), or where is the difference?
|
|
|
|
|
Thanks, geo_m buddy!
quote:
> or just don't respond at all and you will timeouted.
geo_m, I think if I can implement this and I will work out
my solution. Do you know how to let a client timeout? I think
I can set the timeout value to a large value to serve my purpose.
(Just let the client wait ACK SYN, and I will send back my own ACK SYN
from my another thread.) Is that feasible? Can this be easily done on Windows 2k platform?
quote:
> But maybe I don't understand your plan correctly - you want to have some >sort of application on a server, which will return SYN,ACK to your SYN ?>request - but this is what the normal socket app. will do for you (as well >as the smtp server already did), or where is the difference?
Yes, you are correct, geo_m. I just want to implement it myself. Just for learning purpose. Because I am interested in TCP three time shake hands communication.
Hope you can give me further help.
regards,
George
|
|
|
|
|