All Questions

Tagged with
307 questions with no upvoted or accepted answers
Filter by
Sorted by
Tagged with
7votes
0answers
1kviews

How to view exe's SmartScreen reputation score?

Users who download my freeware application from codeplex get SmartScreen alert in Win 8: "Windows SmartScreen prevented an unrecgnised application from starting. Running this application might put ...
user avatar
  • 2,877
5votes
0answers
464views

Windows equivalent of application-scoped Linux Wallet

In Linux, there's a KDE Wallet (and GNOME Wallet) application, that stores passwords and other sensitive data. These wallets by default prevent accidental data access of application other than the one ...
user avatar
  • 6,365
5votes
0answers
3kviews

Determine why a program is blocked by Windows Defender SmartScreen

I have installed the Komodo IDE and now I like to activate my license by running file Komodo-IDE-8-Windows-SC92********.exe but it is blocked by my Windows Defender: Windows protected your PC Windows ...
user avatar
5votes
0answers
2kviews

How to validate user's cached credentials against a domain?

When you logon to Windows, your credentials are cached. This allows you to use single sign-on. If you were to then browse to another computer, e.g.: \\hydrogen you would not be prompted for ...
user avatar
  • 232k
5votes
0answers
293views

How Can I Sandbox my Process?

Problem I'm creating a Windows server program that is potentially quite vulnerable to attacks. I'd like to sandbox (jail?) it or at least run my process in very low integrity setting. I probably be ...
user avatar
5votes
1answer
6kviews

Creating a service for user (S4U) token

The Windows Task Scheduler can create tasks that run with the account of a particular user, without storing the user password. They call it "S4U", service for user. This should work something like the ...
user avatar
  • 16.4k
5votes
2answers
2kviews

How can Active Directory compare a users previous passwords when setting a new one?

This is for a college assignment. At our College they use Microsofts's Active Directory to run their network. Every month we get asked to change our passwords and when we do so it won't accept any of ...
user avatar
  • 1,373
4votes
0answers
2kviews

Get WindowsPrincipal from UserPrincipal

The goal I'm writing a class that abstracts various Windows user mechanics. My class knows about the user's account name and domain, if any. I am trying to hydrate a property that indicates whether ...
user avatar
  • 128
4votes
0answers
307views

Standalone DartVM: Self-Signed Certificates and SSL

I've been struggling recently with using the standalone DartVM and SSL as a client. I'm of the understanding that Dart uses Mozilla NSS to manage the certificates. What I'm having a problem wit, is ...
user avatar
  • 275
4votes
0answers
2kviews

Reading catalog file information

When you open a catalog file (.cat) in Explorer, you get a 'Security Catalog' tab with several catalog entries (that on their term list entry details). I need to read these entry details but I could ...
user avatar
4votes
0answers
2kviews

Why does LogonUser always return error code 1008?

I'm using LogonUserA function to authenticate a user in an ASP.NET 4.0 web application that running on IIS7/Win2008. It works well if the user enters correct username and password, but in case ...
user avatar
  • 9,053
3votes
0answers
188views

How to get Node to trust root certs in my Windows OS certificate store?

My organization has pre-installed its own root certificates in our machines to enable it to inspect HTTPS traffic. The browsers don't complain since they trust the OS certificates by default. This ...
user avatar
  • 36.4k
3votes
0answers
48views

No audit events generated although relevant SACLs are in place

I want to monitor registry modifications from a given key and its subkeys and values by setting the relevant SACLs and consuming the audit event. I've set the SACL in place on the registry key and ...
user avatar
3votes
1answer
245views

C# Secure way to store a Number?

I have built my own lock screen for Windows 7. Thus, it uses a password to unlock itself. So I decided to store only the hash code of the password string (For example, I call the GetHashCode method of ...
user avatar
  • 59
3votes
1answer
149views

Restoring inheritance to a Windows directory via Java using JNA

I have a problem and I HOPE someone out there can give me advice! Basically in my program I will be taking a windows folder, changing ownership, setting Access Control rules etc, for this its pretty ...
user avatar
  • 367
3votes
0answers
673views

Wired IEEE 802.1x for windows

Does anybody know Windows API function (or other ways) for Windows 7/8/10 for wired(lan, not wifi) adapters which allow to: Enable and configure 802.1x authentication for wired adapter Most important ...
user avatar
3votes
0answers
422views

C# - write windows security log

Yeah, this question have been asked several times. But I am not satisfied with the answers. Here, I'd like to aggregate all infos I found, and discuss this question again. MSDN: EventLog Class ...
user avatar
  • 1,877
3votes
0answers
211views

Need to Check running app has admin privileges or not in C#.Net Compact Framework

Is there any way to check the admin privileges in C#.Net Compact Framework?? I have the source code from MSDN in C++. and This will check if user is in the local Administrators group (assuming you'...
user avatar
  • 291
3votes
0answers
111views

Create WCF service with Integrated Windows Security on IIS7

I'm trying to create a WCF service that uses Integrated Windows Security and will be hosted on IIS7. This service is going to be used inside a domain and will be consumed by a java client. My ...
user avatar
  • 1,379
3votes
4answers
2kviews

How is ring 0 protected on Windows? Or, why do I care if Media Player gets exploited?

I'm more familiar with the *nix environment, but I'm trying to learn about security from the Windows perspective. I see a lot of exploits and patches in the Windows security realm that seem to target ...
user avatar
3votes
2answers
319views

Which API is used for encryption of hibernation files on Windows?

The following is quoted from the "Security improvements" section of this article. "In response to our public complaint regarding the missing API for encryption of Windows hibernation files, ...
user avatar
  • 3,409
2votes
1answer
86views

Activating rule 16 of WDAC doesnt allow to apply policy without rebooting

I'm applying wdac using commands when I have enforced mode I try changing it to enforced mode but it doesn't work without the reboot with the Rule 16 activated, I have tried using gpupdate /force but ...
user avatar
2votes
0answers
42views

Production Application Crashes when accessing X509Certificate2 Key Data

Really hoping you can help me with the following. I have created an .Net Core Application that is run as a windows service. I'm trying to open a certificate in order to decrypt the app settings. The ...
user avatar
2votes
0answers
163views

How does DPAPI protect MasterKey for system accounts?

While reading Microsoft's documentation about DPAPI I found the following text: DPAPI is focused on providing data protection for users. Because DPAPI requires a password to provide protection, the ...
user avatar
  • 12.2k
2votes
0answers
125views

How to determine the OS (linux or windows) just by using assembly? (x86)

I want to see if its possible to determine the OS just by using assembly the only related question i found was this : What are techniques for determining running OS in assembly language at runtime? ...
user avatar
2votes
0answers
142views

What is the shortest way of getting localized name of builtin Windows user account?

I need to call CreateProcessWithLogonW, for which I need to pass builtin account name (say Administrator). The problem is that builtin account names are localized. For example in French its "...
user avatar
  • 21
2votes
2answers
649views

Create a Windows user for an IIS site and nothing else

I'd like to add basic authentication to a website in IIS, https only. For this I need to create a Windows user. It is important that this user can access nothing other than this website. So I need to ...
user avatar
  • 1,676
2votes
1answer
348views

Protect private certificate from Mimikatz

Which is the best way to protect a private(client) certificate from Mimikatz on Windows? currently, my certificates mark as non-exportable, but when I run Mimikatz, it succeeds to export them.
user avatar
  • 21
2votes
0answers
492views

Get security descriptor of local IPC$ share programmatically

I am trying to get the security descriptor (or at least the DACL) of the IPC$ share. For other shares (such as C$, ADMIN$ and user-created shares), GetFileSecurity works (e.g. with "\localhost\C$"). ...
user avatar
2votes
1answer
167views

Is there a best practice for throttling service calls to Windows services?

My team ships a client API that allows applications to communicate with our Windows service. There is a concern that malicious apps could possibly flood our service with requests, so we want to put in ...
user avatar
2votes
0answers
65views

Restricting a process to write-only access to a single directory

We have a server process which handles user requests. Per user request we need to create a temp directory to which the process must write sensible data. As the process can somewhat be controlled by ...
user avatar
  • 18.7k
2votes
0answers
163views

How to stop Windows from prompting user for Certificate A3 PIN/Password?

Windows operational system keeps asking the user to input PIN/Password when the Certificate is an A3 Smartcard/eToken. But in my application (C# Windows Forms) I already input the PIN ...
user avatar
  • 509
2votes
0answers
49views

Prevent access to files generated by a Java application

I'm working on an application that generates a series of files based on user input that would be later uploaded to a cloud service. It is important that these files remain intact (prevent ...
user avatar
2votes
0answers
555views

Quicker way to hardening with CIS Benchmark on Windows Server 2016

I'm hardening new Windows 2016 servers manually with CIS Benchmark Since I've got a couple of 'em and can't copy/duplicate the VM for some "reasons". I need to extract the secpol and copy it on ...
user avatar
2votes
1answer
519views

Automating CIS Hardening benchmarks for Windows Server

It seems that CIS benchmarks on Hardening for Windows Server is more then 700 pages and if there are multitude of servers, doing manually is a challenge. I wonder, how does one really automate the ...
user avatar
2votes
0answers
102views

Change file Permissions of a specific user - Windows

I want to give a specific User write/change access to a specific file. I already have the SID of the user. I tried to make use of the code specified here: how to change the ACLs from c++? but ...
user avatar
2votes
0answers
1kviews

How can I change the Service Control Manager Access Rights for a user/group?

I need to query the status of a service in a remote computer and I can't use a admin user, I need to create a user with the least privileges necessary to do that. Looking at the Service Security and ...
user avatar
  • 813
2votes
0answers
3kviews

DLL Injection - CreateRemoteThread

Hello again at StackOverflow! I return for help on implementing DLL injection using Python, and the results have been fairly successful. I am using non-reflective injection ('CreateRemoteThread') to ...
user avatar
2votes
0answers
238views

Find out IF a process killed the current process

Any way to figure out IF the current process of the program is killed by another other process (I don't need to know which process, only that its killed by any other). Note: It IS possible, see: http:...
user avatar
  • 117
2votes
0answers
162views

Setting up a chromium-like sandbox (error 0xc00000a5)

I'm trying to setup a sandbox akin to chromium. In particular, I'm trying to replicate their trick of creating a sleeping process with a low-privilege token, then setting a high-privilege token ...
user avatar
  • 51
2votes
0answers
259views

Launch Windows process as another user without directly knowing the password

We have a machine that basically runs as a local system in kiosk mode by auto-logging in as a local machine user. The user needs to launch a program that runs in a domain account. What we've done in ...
user avatar
  • 2,272
2votes
2answers
97views

How to avoid principal propagation from worker-thread to GUI-thread

We have a Windows Application with a worker-thread who needs to update GUI. We uses BeginInvoke to do it asynchronously. Our problem, demonstrated in the example below, is that the Principal is ...
user avatar
  • 97
2votes
1answer
1kviews

Start->Run Dialog - "Run as Administrator" checkbox?

I'm trying to find if there's a registry key to enable the "Run as Administrator" checkbox on the Start->Run Dialog in Windows 7 (similar to the "Run in Seperate Memory Space" checkbox which can be ...
user avatar
  • 590
2votes
1answer
119views

What code in the OpenSSL sources contains the FREAK vulnerability?

There is an issue in the code found in s3_clnt.c. I'm trying to determine what library this code ends up getting built to. Is it libeay32/64 or ? Thank you
user avatar
  • 1,052
2votes
0answers
2kviews

Impersonation for Windows in Python 3 using win32security

I've been working on a way to access and modify privileges to a file on Windows via Python 3, more precisely with the win32security library. From those 2 answers How to authorize/deny write access to ...
user avatar
2votes
0answers
494views

How to problematically set HKEY_LOCAL_MACHINE\SECURITY\Cache values off domain

I am trying to construct a application that will allow a user to reset his domain password and get access to their box while it is off domain and off the corp network. E.G. User is a domain user, is ...
user avatar
2votes
0answers
1kviews

Where to store RSA private key for windows application?

We have a windows application that generates signatures to authenticate itself to a remote server. It uses RSA to generate the signature. What would be a recommended secure location on the windows ...
user avatar
2votes
0answers
1kviews

Java Web Start and Windows Admin Rights Affecting client-server communication

Update: I no longer need this, we have a different solution for clients who have this problem. Thanks to everyone who tried to answer.. I tried JWS FAQ, Google, stackoverflow and found nothing ...
user avatar
  • 785
2votes
0answers
345views

Does MapUserPhysicalPages (AWE remapping) affect ASLR?

The MapUserPhysicalPages API takes an address allocated using VirtualAlloc with MEM_PHYSICAL and MEM_RESERVE and remaps the pages to a sequence of physical page frame numbers. This is designed to ...
user avatar
  • 26.5k
2votes
1answer
154views

Is the clipboard shared between desktops under Windows?

MSDN says: A window station contains a clipboard, an atom table, and one or more desktop objects. According to above, both of the winlogon desktop and the current desktop are belong to WinSta0; ...
user avatar
  • 37.5k

15 30 50 per page
1
2 3 4 5
7