The company where I work has asked me to get involved in the whole signing our usb devices thing. We are selling our software, together with these usbs that act as a licensing device for the software that we provide.
We need it so Windows can recognize the drivers for our USB.
For the past week I've been doing some research regarding the whole VID and PID USB Driver signing.
What I've found so far is that the best solution for us was to have a VID in the first place (a vendor ID). So we got one from USB-IF for 5000$.
Now the thing is, I do not really know what should happen next. I know that our company should 'create' (not sure if this is the right terminology) a PID (product ID).
I cannot seem to find anywhere any information about acquiring a PID that should work together with the VID. I might be wrong, but I think I read somewhere that somehow I should get involved with Microsoft. I've looked into it, but I cannot seem to find any information about this on their website.
How exactly can I get a PID? What are the steps towards getting it?
Related
I am implementing automated HL7v2.7 reporting of observations on a point of care device. The way this works is by sending an "ORU^R30 Unsolicited Point-Of-Care Observation Message without Existing Order - Place an Order" message to what I'm assuming will be a laboratory information system or an associated channel in an integration engine. I'm currently going to have the device ask for IP/port numbers to the LIS and MPI/their associated connections on first set-up - our device is going to communicate over TCP/LLP.
Is this the smart way to do all this? I've never worked with HL7 or any kind of HIS before.
I appreciate any possible insight. This isn't the stuff you can learn about in the standard, and I don't think I can just email Epic and ask them how they design EHR/HIS systems.
Thanks!
Message Content: ORU^R30 is not a commonly used message type, but the structure is close enough to R01 that most systems will be able to receive it. Focus on making sure you collect as much patient demographics and the visit number, or better yet scan both from the patient's wristband barcode. You must have patient and visit to file the observations.
Transmission: It's safest to just do MLLP over TCP, it will speed up your installs because that's what everybody else does. The alternative is having the health system write something custom to receive the data, usually via the interface engine.
Network: It sounds like you're thinking of putting the connection info on the device. This probably is a bad idea, I would build some kind of aggregator service that actually sends data to the EHR, that way you don't have to deal with multiple devices trying to get through firewalls, etc.
For a "hack it yourself" workshop I am giving I would like to show the (not to technical) audience how easy it is to hack. I'm going to use a simple W7 VM with a vulnerable application to spawn a reverse shell on my Kali machine.
I then have full system privileges on the machine, but as these are not technical people I want to show some sparkle etc. So what I want to do is either:
Open browser navigate to a youtube "you got hacked!" video (this might be difficult)
Open a video that I already put on the machine
Open calc.exe in the foreground.
So my problem here is that I don't know how to open an application that shows in the foreground of the victim machine. So that it actually shows up on the screen!
Can anyone help me with this?
So to answer the question (just for clarity instead in the comments).
Thanks to Maximilian Gerhardt who gave the answer (I will set you as best answer if you want but I can't just from the comments!).
There are two ways that are good for this:
Download psexec.exe onto the "victim" pc and use that with psexec.exe -s -d -i [here the session token "1" works for me] calc.exe
If using a meterpreter shell you can use incognito mode (offensive-security.com/metasploit-unleashed/fun-incognito). And then use the impersonate_token method. This works great, but I cannot go back to being SYSTEM (getsystem doesn't work as there are no privilege escalation vulnerabilities present). So I have to exit and reuse the exploit. But for the workshop this works beautifully!
For those interested I use SLMail 5.5 on a W7 machine to show how easy "hacking" can be and what a hacker then can do with a computer. This for an awareness workshop, which is bigger then just this "show and tell" part.
steps:
nmap scan on port 110 with version detection to see "hey what is this? SLMail?"
google SLMail to find "Oh noes a buffer overflow, hmmmmm let's look into that!"
this is metasploit a tool hackers can use to exploit know systems (I have the manually made exploit with more explanation for interested people after the workshop with buffer overflow explained)
search in metasploit for SLMail, we find it and say use
"it works how cool! What can we do with it?" show webcam capture! (that is scary stuff :D).
Go to shell and show with whoami for the tech people that we are indeed system. then go to incognito mode and steal the token from the user that we see on the screen.
open up youtube with "hackerman" video (well had to choose one :D)
explain a bit that it is that easy for a script kiddy to get in if you don't update etc. etc. etc.
let awareness kick in and next time they do something dumb they might think: "o wait let's not do that!"
Cheers!
I don't know if it sounds crazy, but here's the scenario -
I need to print a document over the internet. My pc ClientX initiates the process using the web browser to access a ServerY on the internet and the printer is connected to a ClientZ (may be yours).
1. The document is stored on ServerY.
2. ClientZ is purely a cliet; no IIS, no print server etc.
3. I have the specific details of ClientZ, IP, Port, etc.
4. It'll be completely a server side application (and no client-side on ClientZ) with ASP.NET & C#
- so, is it possible? If yes, please give some clue. Thanks advanced.
This is kind of to big of a question for SO but basically what you need to do is
upload files to the server -- trivial
do some stuff to figure out if they are allowed to print the document -- trivial to hard depending on scope
add items to a queue for printing and associate them with a user/session -- easy
render and print the document -- trivial to hard depending on scope
notify the user that the document has been printed
handling errors
the big unknowns here are scope, if this is for a school project you probably don't have to worry about billing or queue priority in step two. If its for a commercial product billing can be a significant subsystem in its self.
the difficulty in step 4 depends directly on what formats you are going to support as many formats are going to require document specific libraries or applications. There are also security considerations here if this is a commercial product since it isn't safe to try to render all types of files.
Notifications can be easy or hard depending on how you want to do it. You can post back to the html page, but depending on how long its going to take for a job to complete it might be nice to have an email option as well.
You also need to think about errors. What is going to happen when paper or toner runs out or when someone tries to print something on A4 paper? Someone has to be notified so that jobs don't just build up.
On the server I would run just the user interaction piece on the web and have a "print daemon" running as a service to manage getting the documents printed and monitoring their status. I would use WCF to do IPC between the two.
Within the print daemon you are going to need a set of components to print different kinds of documents. I would make one assembly per type (or cluster of types) and load them into your service as plugins using MEF.
sorry this is so general, but you are asking a pretty general and difficult to answer question.
Hie members! ----am Boniface M - - a beginner in android[University student]..
My question is am planning to develop an android app/middleware that will act as a grid service .i.e an app for grid computing.. the application needs to be installed in 1....n devices. in the connection, one device must act as a server for all others. communication between the devices is via the wifi under the permission of the server device.which is determined by a certain algorithm[no problem here].
The problem is should i use a database that will keep track of all the services a device is running which are accessible to other devices or is there any way that i can directly keep all this information and then retrieve them as i request them from another app installed in another device.
and also how i can share files via wifi like blutooth
Thanks....
You're asking many questions in one and I'm actually unsure what you mean overall. Here's a few links that are sure be of some use...
http://developer.android.com/reference/android/os/Build.html This library is good for finding out information about the device you're running on.
http://developer.android.com/reference/android/location/Criteria.html - Criteria might be useful, lets you know what location based services you have running
Other than that, if you're looking to see if particular things are running check out this question: How to check if a service is running on Android?
If you're looking to keep a central hub of what devices have what available etc. you're going to need a middle man for what you want to do I suspect. If it was me, I'd do HTTP requests to a server, to php scripts I have written which would then read/write from a MySQL database to get information about other devices.
If you want to share files via wifi.. you're going to need an FTP server on the phone. There's an app swiFTP which does this to some degree (phone -> PC) but the concept should be the same. Take a look at it. It's a starting point! http://www.tested.com/news/how-to-transfer-files-wirelessly-to-your-android-phone/53/
Again, I'm unsure EXACTLY what you're looking to do but hopefully all of that is of some help. If it's not leave me a comment and I'll try and assist you further.
hope it helps!
I need to run an equipment audit and to do that I need to obtain the Windows PC, monitor etc. serial numbers.
So I faced with going to each PC and manually writing down the numbers.
Is there a way I can get this programmatically so each user can run a small program and email me the results?
If this information is anywhere, it'd be in WMI (http://en.wikipedia.org/wiki/Windows_Management_Instrumentation) - you could write a VBscript script to query this information and save it to a remote share on a server for example.
Generally no. If your computers are all Dell, though, you might be able to get some information (maybe the serial number?) for the PC itself.
The monitor, if it supports VESA EDID (DDC, EDID, EEDID), may also include a 32 bit serial number - which may or may not have any relation to the serial number printed on the monitor's label. You may be able to access this through the display driver - Windows has access to portions of it (to display monitor resolution and timing) so I expect the manufacturer/model/serial number is stashed somewhere as well.
However, making such a program that would work across all systems and monitors would likely be much more work than simply going to each station and recording it, unless all the systems have the same hardware.
Good luck!
-Adam
I am not quite sure if this is exactly what you want, but there is pay software made by DameWare that allows you to easily remote connect to other machines and get lots of information. I haven't used it much yet, but I think there is a way to make batch scripts so it can go pull information like that for you, or see what apps are installed on the machines. Even worse case though, you don't have to run to each machine. (I am assuming you mean SN like the MS product ID)
WMI is definitely the way to go. You can get quite a bit of useful audit information through that API.
Michael Baird appears to have written a VBS script to read the EDID information. The script reads and parses the monitor EDID information from the registry in order to retrieve asset information.
http://cwashington.netreach.net/depo/view.asp?Index=980&ScriptType=vbscript