I am trying to load NTUSER.DAT of logged-in local user in registry hive to read their keys from my program running as admin (it has got SeDebugPrivilege, SeBackupPrivilege, etc).
It works when the user is logged-out, and doesn't work when they are logged-in.
The error is:
Error: (32) The process cannot access the file because it is being used by another process
So, is there any Win32 API, or another way, I can copy NTUSER.DAT or read it without relying on a third-party library? I need to do this when they are logged-in.
Shadow Volume Copy copies the whole drive, hence it isn't feasible. Maybe it is possible to unmount their registry hive and then load it using RegLoadKeyA() or something?
I found a workaround,
when the user is logged-off you can load NTUSER.DAT of that user in registry, then read key.
if the user is logged-in, you can read their keys from HKU/user-sid
Related
I’m trying to build application with backend in java that allows users to create a text with images in it (something like a a personal blog). I’m planning to store these images to s3 bucket. When uploading image files to bucket i’m hashing the original name and store the hashed one in the bucket. Images are for display purpose only, no user will be able to download them. Frontend displays these images by getting a path to them from the server. So the question is, is there any need to store original name of the image file in the database? And what are the reasons, if any, of doing so?
I guess in general it is not needed because what is more important is how these resources are used or managed in the system.
Assuming your service is something like data access (similar to google drive), I don't think it's necessary to store it in DB, unless you want to make faster search queries.
Say, if I encrypt some text using CryptProtectData API without specifying the CRYPTPROTECT_LOCAL_MACHINE flag. If I understood it correctly, doing so will allow only the user that my application was running under to decrypt it.
Let's assume that I saved the resulting ciphertext data in HKCU registry key for my application. So obviously some other users (from other user accounts) will be able to read that data from registry.
My question is, will any other user on that computer be able to decrypt it without having the initial user log in to that machine?
Certainly, no other user can decrypt it. User master key is needed to decrypt the data and it is created by user password. So copying the registry info doesn't allow to decrypt the data.
Master Key, created and encrypted with user's password, is stored in a
separate file in the Master Key storage folder along with other system
data. User's Master Keys are stored in %APPDATA%/Microsoft/Protect/%SID%,
where %APPDATA% is the Application Data directory.
More info here
I am looking into running the wso2-am in openshift.
I am trying to run AM but it keeps failing because missing permission to write to the file system.
Unable to create the directory
[/opt/wso2/wso2am-2.1.0/repository/deployment/server/webapps/am#sample#calculator#v1]
Unable to create the directory
[/opt/wso2/wso2am-2.1.0/repository/deployment/server/webapps/authenticationendpoint]
All examples I see the container is running as root but we want to avoid that and run it as USER 1010.
Can you set a value to make it write to a specified location.
Running it as user with uid 1010 will not help either. You need to set up file system permissions so that directories and files you need to write to have group root and are writable by group.
This is necessary because by default under OpenShift your application will run as an assigned uid unique to your project. This is outside of the range of what would be in the /etc/passwd file and you cannot predict what it will be in advance. Because it isn't in /etc/passwd then it falls back to running as group root, thus why you need to satisfy the requirement of file system permissions being group root and writable by group.
I'm using AWS S3 in my C++ app to upload and download files. I've included the access key and secret in my code but I'm worried someone could read them from the binary. Is there any standard technique for obfuscating them?
Update: I'm not running this app on a PC, it's actually on an embedded device so I'm not worried about users reading the key and secret from a file or RAM (accessing the device is a lot harder). What I'm worried about is someone binwalking our update file and pulling the key and secret from the binary.
Storing a secret in computer is not an easy task. One thing you could do is encrypt the key using a password and store the encrypted data in a file. Then when user enters a password you can decrypt the encrypted data using the password and retrieve the key - which you can use.
But this approach will not work for scenarios where the software needs to run without user intervention.
It is better not keeping keys in code. Input when needed.
If kept in code, do not keep the key in simple string. Keep it in some pattern, and generate the key by some algorithm when needed.
I have got this issue :
WRT_8004
Writer initialization failed [Error opening session output file [/*/diff_zipcode1.out] [error=Permission denied]].
Writer terminating.
The user for informatica has the right to write in this specific folder (I tried a touch it directly and it worked) but I still get this error.
The only way for this workflow to work is to set the writing permission to everyone...
So I was wondering if informatica uses another user than the one who launchs the informatica server like my user on informatica ? And if this is the case how can I set the properties right to write on my folder.
Answer to my situation : I change the settings of the user of informatica after I launched the informatica server so the modification wasn't really done for informatica point of view. To fix this problem, I only had to reboot the informatica server.
Informatica will use whichever user has logged in to Power Center to create the file.
If you do not want to set full permissions to your folder, it would be best if you add the user into a group and provide write permissions to groups only.