I have read nearly all of the material on Microsoft's MSDN site, used Google (for the limited information that is out there) and also looked at the answers on here but I'm still confused on how to develop a NDIS driver.
My aim is to create a ndis driver so I can capture the network packets and decide whether I want to drop them (possibly inject as well) or allow them to pass.
From my research it would seem that I need to create an intermediate NIDS driver and after installing WDK (I'm using Visual Studio 2015 enterprise) I don't know where to begin (do I need to start with a KMDF project?).
Also, when I did load a KMDF driver project nearly all of the header files are getting highlighted by Intellisense as having errors (expected an identifier, NTSTATUS is underefined)?
Can anyone give some assistance on how to start please?
I have recently created a packet sniffer using the WinPcap library (and also used it to send packets) but there was a lot of information out there that helped me. Unfortunately, with NDIS it doesn't seem to be the same.
I can't seem to find the samples either
Okay, so a simple clean install of Visual Studio 2015 and WDK 10 is all that is needed to set up the environment for creating a driver.....
But then comes the deployment part
Related
I am new to Lua. I have an ARM Cortex based product with an OS providing TCP stack, SD card for file storage, and lots of custom hardware. I have embedded Lua (from the standard source distribution) into the product and added an API to give Lua access to my hardware. Also have Telnet and FTP services running. Works great.
Now I would like to add the ability to debug scripts with ZeroBrane. Looks like I need to add MobDebug, and connect it to my OS thru LuaSockets. Assuming this is a valid approach, can anybody point to a tutorial or documentation that would help?
Thanks
Assuming you have access to luasocket on that platform, you can follow the instructions on remote debugging with MobDebug and ZeroBrane Studio. It should be a matter of adding require('mobdebug').start('IP-of-computer-running-ZeroBraneStudio') and making project files available in ZeroBrane Studio.
ZeroBrane Studio also does mapping between different file systems to allow debugging of scripts running on one platform from the IDE running on a (possibly) different platform. You only need to make sure you have the same project structure. For example, you may have /usr/me/myprojects/projectA/fileB.lua and start debugging of projectA/fileB.lua in /usr/me/myprojects/; then on the IDE side you may have D:\Users\Me\myprojects\projectA\fileB.lua opened in the IDE and it will attempt to map /usr/me/myprojects/ to D:\Users\Me\myprojects\. If you run into issues, you can use IRC or the maillist to get further help.
Back in the days of Delphi 7, remote debugging was mostly ok. You set up a TCP/IP connection, tweaked a few things in the linker and you could (just about) step through code running on another PC whilst keeping your Delphi IDE and its libraries on your development PC.
Today, with Delphi XE2,3,4 you have paserver which, at least at the moment can be flaky and slow. It is essential for iOS (cross platform) development, but here at Applied Relay Testing we often have to debug on embedded PC's that run recent Windows. To do this we have employed a number of strategies but the hardest situation of all is to visit a customer site and wish that one could 'drop in' a Delphi IDE + libraries and roll up ones sleeves to step through and set breakpoints in source code.
It is quite likely - hopefully - that the paserver remote debugging workflow and its incarnations will improve over time but for now I got to wondering how it might be possible to install Delphi + libraries + our source code on a USB key so that with only a minimal, perhaps automated setup, one could plug that key into a PC and be compiling, running and debugging fairly quickly.
I can see that the registry is one of the possible issues however I do remember that Embarcadero once talked about being able to run their apps from a USB key. Knowing how much of a pain it is to install my 20-odd libraries into Delphi though, it is not trivial and needs thinking about.
Has anyone done anything like this or have any ideas of how it might be done?
Delphi does not support what you are asking for. But what you could do is create a virtual machine with your OS, IDE, libraries etc installed in it, then copy the VM onto a USB drive, install the VM software on the customer system, and run your VM as-is. There are plenty of VM systems to choose from.
First, I need to get this out of the way: embedded PCs running Windows?? Sob.
Ok, now for a suggestion: if a full virtual machine isn't an option for this task, application-level virtualization may be. This intercepts registry calls and other application-level information and maps them to a local copy, allowing essentially any application to be turned into a portable version. The good news is that there are free versions of several programs that can turn Windows programs into virtualized apps.
The only one I've personally used is MojoPac, and found it delivered as promised although was very slow running off of a (old, very slow) flash drive.
http://lifehacker.com/309233/make-any-application-portable-with-mojopac-freedom
I haven't used this newer "freedom" version though.
Two other programs I've seen that appear to be popular are Cameyo:
http://www.techsupportalert.com/content/create-your-own-portable-virtual-version-any-windows-program.htm
and P-Apps,
http://dottech.org/26404/create-a-portable-version-of-any-software-with-p-apps/
but I can't vouch for the quality of either of these two.
Hope this helps.
I am a newbie to industry and as a part of my internship I have been assigned the above project.I have no experience in how to go about porting a particular application to a different OS.
So far,i have tried to understand the basic structure of a component(thats what an application is called IOS-XR) but as far as I can understand,porting wireshark will also require porting the libpcap lib to XR.
Can someone please shed some light as to how should i go about approaching it?
I know nothing about QNX;
However, I will note that Wireshark has a lot of dependencies on various libraries:
Some examples;
libgLib
libgtk
libffi-5
libfontconfig-1
libfreetype-6
libintl-8
libjasper-1
libjpeg-8
liblzma-5
libpixman-1-0
libpng15-15
libtiff-5
libxml2-2
...
Are these libraries available on QNX ?
With respect to libpcap:
libpcap is needed for capturing files. If not available, it certainly would need to be ported. I could imagine that this might be a large effort given that presumably the code is presumably quite dependent upon the exact OS capabilities to get access to the network level data.
For information about developing Wireshark (on Windows and *nix) see the
Wireshark Developer's Guide.
I hope someone could help me out.
My original task:
I want to write a c# program that silently connects local users of a remote machine (win server 2008).
technical problem
I have found a code_project article that does exactly what I need :http://www.codeproject.com/KB/cs/RemoteDesktop_CSharpNET.aspx
However after dowloading it I saw this project referenced to AxMSTSCLib.dll (which one of his memebres is AXHost)
You have to manually create this dll. It wrapps a COM object to be used in vsual studio as a .net object.
I have used the command axImp.exe to create a AxMSTSCLib.dll:
%%\aximp.exe %windir%\system32\mstscax.dll
But there is no Axhost (checked the object browser through visual studio).
so I guess I'm creating this dll the wrong way, but I could find any other way.
here is my dll compared with the one which was donloaded from code-porject
http://drop.io/hidden/eopb4tphk8qekl/asset/Z2V0b2N4LTItanBn
http://drop.io/hidden/eopb4tphk8qekl/asset/bm8tZ2V0LW9jeDItanBn
Anyone knows why? and how can I fix that? or where should i ask this ver specific question?
Regards,
==========
Found the answer. I should have referenced an RDP monitor to the ToolBox and than the dll magically appears right.
I didn't used the ToolBox because I need no GUI. but I guess it's the only way to do this right.
I have got two more questions which I couldn't find answer to
1. Does the dll generated by drugging the RDP monitor is machine-specific?
I mean does this dll differ if created on X86 machine differs from one generated on X64 machine?
same question regarding the output of axImp.exe
Thanks
Found the answer. I should have referenced an RDP monitor to the ToolBox and than the dll magically appears right. I didn't used the ToolBox because I need no GUI. but I guess it's the only way to do this right. I have got two more questions which I couldn't find answer to 1. Does the dll generated by drugging the RDP monitor is machine-specific? I mean does this dll differ if created on X86 machine differs from one generated on X64 machine? 2. same question regarding the output of axImp.exe Thanks
I'm looking for a programmatic interface to the Solaris ifconfig(1M) command.
Apparently Linux has the getifaddrs(3) command, but as far as I can tell this has not been ported to Solaris.
Short of attempting to use the code at the link above, is there any way to determine ifconfig(1M)-type data (network interface presence, state, etc.) without forking the system command and parsing the output?
I have an implementation here, IPv4-only based on SIOCGIFCONF ioctl()'s and IP family agnostic version using SIOCGLIFCONF:
http://code.google.com/p/openpgm/source/browse/trunk/openpgm/pgm/getifaddrs.c
Tested on SPARC/Solaris 10 and x86/OpenSolaris 2008.11 & 2009.06, LGPL 2.1 license.
getifaddrs() was recently integrated into the source code for future OpenSolaris & Solaris releases, but that doesn't help your code run on current releases:
6731945 need BSD getifaddrs() API
OpenSolaris source: usr/src/lib/libsocket/inet/getifaddrs.c
Until then you'll need to use the SIOCGLIFCONF ioctls, which you should find lots of examples of in open source code, including the link you posted.
Real men use ioctl ;)
Take a look at if(7P).