Category: win32

  • Patching lcc-win32 so that it runs under Windows 2000

    lcc-win32 is a small C (not C++!) for Windows, which comes with a simple editor/IDE. It is free for non-commercial use and is small and quick to install. Unfortunately it wouldn’t start on a fully patched Windows 2000 SP4 box, even though the homepage explicitly mentions Windows 2000 as supported. The problem was that my…

  • What can a malicious program do under a limited account with Windows 7?

    The scope of this post is to demonstrate what a malicious program can do under Windows 7 (the newest and presumably most secure version of MS Windows) with a Guest account (the most limited one from a capability point of view). The “malware” in the video below demonstrates that a program run by the user…

  • Breaking into a process before the TLS gets executed

    I found out about this from the SANS blog: you can make Olly break before the TLS get executed. Just Debugging Options –> Events and set “Make first pause at” to “System breakpoint” instead of “WinMain”. Cool! (until now I was patching executables with TLS to avoid them being executed).

  • Reason #341 for using stackoverflow.com

    I’ve written about stackoverflow.com, a place to ask and answer programming questions. And here is an other reason to use it: they have great error pages 🙂 And today I’ve learned something new on SO from Oliver Giesen (also, his SO profile): you can’t delete executable files which are “in use” (programs are being run…

  • It can happen to the best of us

    I was reading Scott Hanselman’s The Weekly Source Code 33 – Microsoft Open Source inside Google Chrome and came upon this piece of text: Older versions of ATL, and by older I mean pre-Visual C++ 2005, used dynamically generated code in small isolated cases. Obviously, without the appropriate APIs this is going to cause problems…

  • Reboot Windows – the hard way

    I was clicking around via an RDP session on a Windows server and managed to kill the LSASS process (note to myself: next time pause the view of ProcessExplorer before killing processes!). The one minute till reboot screen promptly appeared and my first reflex was to stop the countdown (this is a trick which came…

  • Perl, Windows and File Locking

    For some Perl scripts you want to make sure that only one instance of it is running at the same time. So you use lockfiles, in a way like this: open(LockFile, “>$lock_file”) or die(“Failed to lock file $lock_file, error: $^E”); flock(LockFile, LOCK_EX) or die(“Failed to lock file $lock_file”); The idea being that the OS guarantees…

  • Perl and Windows

    Perl is a nice scripting language, but originally it wasn’t designed for the Win32 OS. There have been many improvements over time however (the greatest of them all being ActivePerl with PPM, which – as opposed to CPAN – doesn’t require you to have all those command line tools which you have on 99.9* on…