I'm trying to implement a simple connection saturation algorithm for a bunch of nodes running hostapd. On having max_num_sta connections, I want hostapd to move into hidden SSID mode (ignore_broadcast_ssid=0). I have updated src/ap/beacon.c to include a simple conditional statement and recompiled successfully, but my SSID still keeps showing up when the node is "saturated":
if ( hapd->num_sta >= hapd->conf->max_num_sta){
hapd->conf->ignore_broadcast_ssid = 1;
}else{
hapd->conf->ignore_broadcast_ssid = 0;
}
Am I missing something?
You need to reload the configuration of the bss once you've edited it.
Try invoking hostapd_reload_bss (in src/ap/hostapd.c) for each defined bss. Note that if you choose to invoke hostapd_reload_config, all currently connected stations shall be deauthenticated, so don't do that.
Related
I am implementing a small monitoring system to compute the error between (actual, desired) for a controller (and also recording them for quick and simple analysis). In some of my code, I've added my Systems to my DiagramBuilder and have connected everything using Connect().
I have a controller system that takes in desired input, then produces the actual as output.
Rather than try to remember the inputs connected to the desired output, I'd rather just trace it back.
How do I do that?
From quick perusal, there is both DiagramBuilder.connection_map() and Diagram.connection_map().
The following code seems to work as of v1.11.0:
def trace_to_output(diagram_or_builder, input_port):
system = input_port.get_system()
input_locator = (system, input_port.get_index())
connection_map = diagram_or_builder.connection_map()
output_system, output_index = connection_map[input_locator]
output_port = output_system.get_output_port(output_index)
return output_port
EDIT: I had dict_inverse() in there incorrectly. Fixed.
I want to know if some API/code exists to disable a specific item in the (current) network connection properties?
If yes, could you show a working code example, explain the details, and point out some limitations (if they exist) of the technique used?
The API to disable these bindings is INetCfgBindingPath::Enable. The bindview sample illustrates how to call the API.
From Windows 8 and later, you may alternatively invoke the WMI method /root/standardcimv2/MSFT_NetAdapterBindingSettingData::Disable. Here's a line of PowerShell that illustrates how to disable the bindings from a NIC named "mb-port" to the "ms_msclient" driver (aka wkssvc):
Get-CimInstance -Namespace root/standardcimv2 -Query 'SELECT * FROM MSFT_NetAdapterBindingSettingData WHERE Name = "mb-port" AND ComponentID = "ms_msclient"' | Invoke-CimMethod -MethodName Disable
Note that the GUI is being sneaky: it merges multiple bindpaths into the same checkbox. In the example you have highlighted, there are likely 2 bindpaths from ms_msclient to the NIC: one over IPv4 and one over IPv6. The GUI disables/enables all paths when you clear/tick the checkbox. If you come in through the API and want to do the same, you'll need to enumerate all bindpaths that start from ms_msclient and go to the NIC mb-port.
Hi i'm relativly new to kernel programming (i've got a lot of c++ development experience though) and have a goal that i want to achieve:
Detecting and conditionally blocking attempts from userland programs to write or read to specific memory addresses located in my own userland process. This has to be done from a driver.
I've setup a development enviorment (virtual machine running the latest windows 10 + virtualkd + windbg) and already successfully deployed a small kmdf test driver via the visual studio integration (over lan).
So my question is now:
How do i detect/intercept Read/WriteProcessMemory calls to my ring3 application? Simply blocking handles isn't enough here.
It would be nice if some one could point me into the right direction either by linking (a non outdated) example or just by telling me how to do this.
Update:
Read a lot about filter drivers and hooking Windows Apis from kernel mode, but i really dont want to mess with Patchguard and dont really know how to filter RPM calls from userland. Its not important to protect my program from drivers, only from ring3 applications.
Thank you :)
This code from here should do the trick.
OB_PREOP_CALLBACK_STATUS PreCallback(PVOID RegistrationContext,
POB_PRE_OPERATION_INFORMATION OperationInformation)
{
UNREFERENCED_PARAMETER(RegistrationContext);
PEPROCESS OpenedProcess = (PEPROCESS)OperationInformation->Object,
CurrentProcess = PsGetCurrentProcess();
PsLookupProcessByProcessId(ProtectedProcess, &ProtectedProcessProcess); // Getting the PEPROCESS using the PID
PsLookupProcessByProcessId(Lsass, &LsassProcess); // Getting the PEPROCESS using the PID
PsLookupProcessByProcessId(Csrss1, &Csrss1Process); // Getting the PEPROCESS using the PID
PsLookupProcessByProcessId(Csrss2, &Csrss2Process); // Getting the PEPROCESS using the PID
if (OpenedProcess == Csrss1Process) // Making sure to not strip csrss's Handle, will cause BSOD
return OB_PREOP_SUCCESS;
if (OpenedProcess == Csrss2Process) // Making sure to not strip csrss's Handle, will cause BSOD
return OB_PREOP_SUCCESS;
if (OpenedProcess == CurrentProcess) // make sure the driver isnt getting stripped ( even though we have a second check )
return OB_PREOP_SUCCESS;
if (OpenedProcess == ProtectedProcess) // Making sure that the game can open a process handle to itself
return OB_PREOP_SUCCESS;
if (OperationInformation->KernelHandle) // allow drivers to get a handle
return OB_PREOP_SUCCESS;
// PsGetProcessId((PEPROCESS)OperationInformation->Object) equals to the created handle's PID, so if the created Handle equals to the protected process's PID, strip
if (PsGetProcessId((PEPROCESS)OperationInformation->Object) == ProtectedProcess)
{
if (OperationInformation->Operation == OB_OPERATION_HANDLE_CREATE) // striping handle
{
OperationInformation->Parameters->CreateHandleInformation.DesiredAccess = (SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION);
}
else
{
OperationInformation->Parameters->DuplicateHandleInformation.DesiredAccess = (SYNCHRONIZE | PROCESS_QUERY_LIMITED_INFORMATION);
}
return OB_PREOP_SUCCESS;
}
}
This code, once registered with ObRegisterCallback, will detect when a new handle is created to your protected process and will kill it if it's not coming from Lsass, Csrss, or itself. This is to prevent blue screens from critical process being denied a handle to
your application.
How do I capture all the packets in radio range of a particular node in contiki?
While reading the contiki mailing lists and contiki github, I could read people saying something about making changes to core/dev/cc2420.c file. Some people spoke about setting or resetting values of CC2420_CONF_AUTOACK.
I nowhere found proper information regarding putting a node in promiscous mode. Please help.
I guess what you mean to do is to disable the hardware address filtering. There is a radio API for this in Contiki:
#include "dev/radio.h"
// ...
radio_value_t radio_rx_mode;
if(NETSTACK_RADIO.get_value(RADIO_PARAM_RX_MODE, &radio_rx_mode) == RADIO_RESULT_OK) {
radio_rx_mode &= ~RADIO_RX_MODE_ADDRESS_FILTER;
NETSTACK_RADIO.set_value(RADIO_PARAM_RX_MODE, radio_rx_mode);
}
You can also disable automatic acknowledgements by removing the RADIO_RX_MODE_AUTOACK bit of the rx_mode, but that's a different setting.
I'm new to Lua altogether, and this is my first attempt at writing a wireshark dissector.
I want to analyze SSH without cipher by Lua script. I write a script to detect the packet length and padding length for the first step.
Here is my script:
do
local p_test = Proto("test","Test.");
local f_packet_length = ProtoField.uint32("packet_length")
local f_padding_length = ProtoField.uint8("padding_length")
p_test.fields = {
f_packet_length,
f_padding_length
}
function p_test.dissector(buf,pkt,root)
local offset = 0
local buf_len = buf:len()
local t = root:add(p_test, buf:range(offset))
t:add(f_packet_length,buf:range(offset,4))
offset = offset+4
t:add(f_padding_length,buf:range(offset,1))
offset = offset+1
end
local tcp_table = DissectorTable.get("tcp.port")
tcp_table:add(22,p_test)
end
After I run the code through Evalutate Lua and applied the test filter, I find that there is an error in Packet Details:
Lua Error: [string "do..."]:19: Tree item ProtoField/Protocol handle is invalid (ProtoField/Proto not registered?)
Line 19 corresponds the t:add(f_packet_length... line.
Could anyone help to explain this error?
Thanks in advance.
Your code above will work fine if it's in a real Lua script for Wireshark... either by being in a .lua file in the personal plugins directory, or by being loaded with the "-X lua_script:<filename>" command line switch.
But you can't register a new protocol in the tools->evaluate window, because it's too late by then to register a new protocol (or new fields). Unfortunately the error Wireshark reports isn't clear about that, because it sort of half works, but really it's not working and cannot work.
The problem is new protocol registration happens in two phases internally: the first phase is when the Lua scripts are loaded and executed, which adds the protocol and fields to an internal temporary table, and then after all the lua scripts load then the second phase has new protocols and fields moved from the temporary table into their final run-time tables and registered, and then wireshark finishes loading and you see the GUI. That second phase happens once and only once, when Wireshark first starts up. But running the tools->evaluate window happens after all that, so it's too late.