Remko Weijnen's Blog (Remko's Blog)

About Virtualization, VDI, SBC, Application Compatibility and anything else I feel like

Archive for the ‘Uncategorized’ Category

Announcement: Dear Visitor

If this is your first visit, take your time and look around. Here are some things you might be looking for:

Do you like my work? Did my work help you?

  • Leave a comment and tell me how it was usefull to you.
  • If you want you can make a donation with the Paypal Donate Button in the right Sidebar.

Thank you!

  • Comments Off on Announcement: Dear Visitor
  • Filed under: Uncategorized
  • Twitter Analytics and AdBlock Plus

    Twitter has opened access to Analytics for all users. However when you use an Ad Blocker, like Adblock Plus, you’ll get the following error:

    A problem occurred while loading the page. To use this site, you need to disable AdBlock or any other ads-blocking extension you are using, or customize it to show ads on this site

    For Adblock Plus you can fix this by adding a filter: go to Filter Preferences and on the "Custom filters" tab add a new filter within a filter group (or create a filter group for this rule).

    Use this as a filter rule:

    @@||ads.twitter.com/stylesheets/ads-allow.css

    SNAGHTMLea2974c

    And don’t forget to Enable the rule!

    EDIT: Twitter user @Ertraeglichkeit mentioned a different method:

    (more…)

  • 0 Comments
  • Filed under: Uncategorized
  • System Center Operations Manager LogoIn a SCOM Management Pack Custom Properties can be used for Alert Description and Notification as described in this blog by Kevin Holman.

    In my case I wanted to add the Display Name and the Performance Counter Value in a Performance Threshold Monitor. In XML it would look this this:

    But how to add these parameters when using the System Center 2012 Visual Studio Authoring Extensions?

    (more…)

  • 0 Comments
  • Filed under: Uncategorized
  • Sophos UTM IconI am currently implementing Sophos UTM and I quite like this solution. It is free up for home usage and can easily be installed on a hypervisor.

    I wanted to scan encrypted traffic (ssl) as well so I activated the "Decrypt and scan" option:

    image

    When testing this on one of my iPad’s I noticed that the App Store didn’t work properly anymore.

    When I tried to update applications I got the following error: "Cannot connect to iTunes Store". Additionally when I searched for Apps the search would return no results.

    (more…)

  • 0 Comments
  • Filed under: Uncategorized
  • System Center Operations Manager LogoToday I encounterd what seems to be a bug in the System Center 2012 Visual Studio Authoring Extensions. I wanted to define a Performance Collection Rule that reads out the percentage of free memory from an SNMP device.

    Since the device returns only the percentage of used memory I needed to use the ComputedPerfProvider provider to substract the used memory percentage from 100.

    I could of course report used memory instead of free memory but I wanted the resulst to appear in the default SCOM Performance View, which only lists Free Memory:

    System Center Operations Manager | Default Performance View

    (more…)

  • 0 Comments
  • Filed under: Uncategorized
  • System Center Operations Manager LogoI am currently working on a Management Pack for SCOM and I have studies a few examples on adding processor and memory counters.

    These examples all reference a Management Pack named "System.NetworkManagement.Monitoring.mp" but this Management Pack is not bundled with the System Center 2012 Visual Studio Authoring Extensions.

    (more…)

  • 0 Comments
  • Filed under: Uncategorized
  • Aaron Parker was talking about the uninstall guid in his session “Hands off my Golden Image Redux” at Citrix Synergy.

    I remembered that I had written a small PowerShell script to read out the uninstall GUID from an MSI file. This way you do not need to actually install the software to determine the uninstall GUID.

    How does that work?

    There is a logical relation between the MSI Product Code property and the install guid. In this example I’ve taken install_flash_player_11.8.800.174_active_x.msi as an example.

    The Uninstall key is HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A2E504D3D31C0D5409F28F3FDD565AD9

    The interesting part of it is the GUID:

    A2E504D3D31C0D5409F28F3FDD565AD9

    If we look into the MSI properties with (Super)Orca we see:

    screenshot

    If we compare those GUIDS:

    Uninstal    {A2E504D3-D31C-0D54-09F2-8F3FDD565AD9}

    Product Code{3D405E2A-C13D-45D0-902F-F8F3DD65A59D}

    We can see that we need to apply the following logic:

    · First 8 bytes must be swapped right to left

    · Next 4 bytes (skipping the hyphen) also swapped right to left

    · Next 4 bytes (skipping the hyphen) also swapped right to left

    · Next 4 bytes (skipping the hyphen) also swapped right to left

    · Last 12 bytes must be byte swapped per byte (F8 -> 8F, F3 -> 3F etc).

    Knowing that we can make life easier with PowerShell:

    [posh]function Get-Property ($Object, $PropertyName, [object[]]$ArgumentList)

    {

    return $Object.GetType().InvokeMember($PropertyName, ‘Public, Instance, GetProperty’, $null, $Object, $ArgumentList)

    }

    function Invoke-Method ($Object, $MethodName, $ArgumentList)

    {

    return $Object.GetType().InvokeMember($MethodName, ‘Public, Instance, InvokeMethod’, $null, $Object, $ArgumentList)

    }

    function GetMsiProductCode([string]$path)

    {

    $msiOpenDatabaseModeReadOnly = 0

    $Installer = New-Object -ComObject WindowsInstaller.Installer

    $Database = Invoke-Method $Installer OpenDatabase @($path, $msiOpenDatabaseModeReadOnly)

    $View = Invoke-Method $Database OpenView @(“SELECT Value FROM Property WHERE Property=’ProductCode'”)

    Invoke-Method $View Execute | Out-Null

    $Record = Invoke-Method $View Fetch

    if ($Record)

    {

    Write-Output (Get-Property $Record StringData 1)

    }

    }

    cls

    $path = “c:\Users\rweijnen\Desktop\install_flash_player_11.8.800.174_active_x.msi”

    $item = “” | Select-Object Path, ProductCode, UninstallGuid, UninstallRegistry

    $item.Path = $path

    $item.ProductCode = (GetMsiProductCode $item.Path)

    $DestGuid = ([regex]::Matches($item.ProductCode.Substring(1,8),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(10,4),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(15,4),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(20,2),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring(22,2),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    for ($i=25 ; $i -lt 37 ; $i = $i + 2)

    {

    $DestGuid += ([regex]::Matches($item.ProductCode.Substring($i,2),’.’,’RightToLeft’) | ForEach {$_.value}) -join ”

    }

    $item.UninstallGuid = “{” + ([Guid]$DestGuid).ToString().ToUpper() + “}”

    $item.UninstallRegistry = “HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\{0}” -f $DestGuid

    $item | Format-List

    Sample output:

    Path              : c:\Users\rweijnen\Desktop\install_flash_player_11.8.800.174_active_x.msi

    ProductCode       : {3D405E2A-C13D-45D0-902F-F8F3DD65A59D}

    UninstallGuid     : {A2E504D3-D31C-0D54-09F2-8F3FDD565AD9}

    UninstallRegistry : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A2E504D3D31C0D5409F28F3FDD565AD9

    [/posh]

  • 0 Comments
  • Filed under: Uncategorized
  • My presentation at E2EVC in Rome

    imageI will be presenting a session at E2EVC in Rome next weekend.

    Recently I published an article on my blog that shows how to run an executable of choice when the Citrix Receiver exits.

    SNAGHTML29bc6f22In this session I will show you how to find such undocumented features in applications step by step. Using this example we will open the Citrix Receiver in Ida Pro and disassemble it.

    Using public resources such as the Citrix Public Symbol Server we can analyze, understand and finally make the code more readable.

    I will try to make this session not an “enter the matrix one” but one that could be considered as an intro into using Ida Pro for reverse engineering and app compat fixing.

    Hope to see you all in Rome, my session is scheduled Friday November 1 from 18.30 – 19.15. There will be room for questions so feel free to take your own Crapplication™ and ask about it after the session.

    See you in Rome!

  • 0 Comments
  • Filed under: Uncategorized
  • Exchange 2010 Logo

    I got the following error while installing Exchange 2010: “There are no more endpoints available from the endpoint mapper. (Exception from HRESULT: 0x800706D9)”

    I looked up HRESULT 0x800706D9 which is defined in winerror.h as EPT_S_NOT_REGISTERED with the same error text.

    I looked at the ExchangeSetup.log in C:\ExchangeSetupLogs and this indicates that the error occurs when the install-ADTopologyService cmdlet tries to add some rules to the firewall:


    Windows Firewall LogoThe Windows Firewall service was disabled, so I set it to Automatic, started it and enabled it and then the setup ran without errors

  • 0 Comments
  • Filed under: Uncategorized
  • Crack WEP Encryption

    I think everybody knows that using WEP to encrypt your WiFi network is not very safe. To demonstrate this I will show you how easy it is to crack the WEP encryption in this post.

    Note that I am using my own Access Point here so I am not actually cracking someone else’s WEP Key.

    Requirements:

  • In this post I am using the 32 bit back|track 5 VMWare image which you can use with VMWare Workstation or VMWare player.back|track downloads

    After starting the back track Virtual Machine you can login with username root and password toor

    back track 5 logon screen

    (more…)

  • 2 Comments
  • Filed under: Uncategorized
  • Profile

    Tags

    Views

    Donate


    Blogroll


    Categories


    Archives