Someone asked me how to consume webservice using unmanaged c++ client.
1. Open your C++ project in Visual Studio 2003/2005
2. Right click on the project name in the solution explorer and add reference to the web service
This operation will create the web service proxy and add if to your c++ solution.
3. Call the web service
Assuming that you want to consume the basic HelloWorld webservice these are the lines that you need to add to your C++ app:
Service::CService proxy;
BSTR Result=NULL;
HRESULT hr = proxy.HelloWorld(&Result);
MessageBox(0,Result,CComBSTR("Hello World Result"),0);
An article that was published yesterday by DarkReading demonstrate how easy it is these days to hack into system even into credit unions !
I hope next time you’ll find a USB key somewhere around your work you’ll bring it straight to the company security officer and don't try to plug it into your comp.
[Thanks Rick for the link to the article]
Someone asked me today how to change the blue background of the login screen.
Its pretty simple !
1. Open RegEdit
2. Navigate to HKEY_USERS\.DEFAULT\Control Panel\Desktop
3. Change the Wallpaper to the wallpaper you want, for example ‘c:\bitmap.bmp’
4. Change the TileWallpaper to 1
Would you run an EXE file downloaded from the net without running it through an Anti Virus ?
I guess the answer is no.
Would you open a source code i.e. Visual Studio Solution downloaded from the net in Visual Studio ?
I guess the answer is yes.
Well Think Again or just download this source code and double click the .sln file.
What you will witness is a Visual Studio exploit that enables a hacker to execute arbitrary code on your station as soon as you open the .sln file.
Following is the full explanation of the exploit:
If a UserControl is used in A windows Formular (Designer). Visual Studio execute the _Load function inside the User_Control. It is possible to add malware code inside this _Load function. Sample attack scenario: I send a solution file (.sln) to my victim which have visual studio installed. He opens the solution and the sample formular. Visual Studio execute the backdoor inside the _Load function and I have access to his computer.
So what is there to to do ?
1. Never trust solution from unknown source.
2. Immediately change the CS editor from 'CSharp Form Editor' to 'CSharp Editor' (i.e. from the form editor to the text editor) - Right click on cs file in the solution explorer and choose 'Open With' choose the 'CSharp Editor' and click 'Set as default' and then on the OK button.
Please note : The action proposed here is not the ideal as it will not eliminate the attack but only prevent the automatically execution of the code.
Disclaimer:
This exploit isn’t new and was reported sometime around January but as it was presented today at the Israel Security UG by Nimrod Luria I’ve decided to have a post on this issue in order to have people aware of its existence.
Check here the original report by Team Priestmasters Security Research and download their vs exploit sample
A question that I've received today was how to move a winform using the keyboard arrow keys
Its pretty simple... you need to override the ProcessCmdKey.
protected override bool ProcessCmdKey(ref Message msg, Keys keyData)
{
//Returns true if the character was processed by the control;
//otherwise, false.
bool bHandled = false;
switch (keyData)
{
case Keys.Right:
this.Left += 10;
bHandled = true;
break;
case Keys.Left:
this.Left -= 10;
bHandled = true;
break;
case Keys.Up:
this.Top -= 10;
bHandled = true;
break;
case Keys.Down:
this.Top += 10;
bHandled = true;
break;
}
return bHandled;
}