Grant a single program access while blocking all other programs (WFP) - c++

Using Windows Filtering Platform i need to block all computer applications minus 1 especific aplication ?
Tried this code and does not work, it blocks all trafic :(
fwpFilter.layerKey = FWPM_LAYER_ALE_AUTH_CONNECT_V4;
fwpFilter.action.type = FWP_ACTION_BLOCK;
fwpFilter.subLayerKey = subLayerKey;
fwpFilter.weight.type = FWP_EMPTY;
fwpFilter.numFilterConditions = 0;
fwpFilter.displayData.name = GetWC("Block All APPS MINUS FIREFOX");
fwpFilter.displayData.description = GetWC("Block All APPS MINUS FIREFOX");
result = FwpmFilterAdd0(engine, &fwpFilter, NULL, NULL);
FWPM_FILTER_CONDITION0 Condition;
fwpFilter.layerKey = FWPM_LAYER_ALE_AUTH_CONNECT_V4;
fwpFilter.action.type = FWP_ACTION_PERMIT;
fwpFilter.weight.type = FWP_EMPTY;
fwpFilter.filterCondition = &Condition;
fwpFilter.numFilterConditions = 1;
PCWSTR appPath = (PCWSTR)GetWC("C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe");
FWP_BYTE_BLOB *fwpApplicationByteBlob;
fwpApplicationByteBlob = (FWP_BYTE_BLOB*)malloc(sizeof(FWP_BYTE_BLOB));
FwpmGetAppIdFromFileName0(appPath, &fwpApplicationByteBlob);
Condition.fieldKey = FWPM_CONDITION_ALE_APP_ID;
Condition.matchType = FWP_MATCH_EQUAL;
Condition.conditionValue.type = FWP_BYTE_BLOB_TYPE;
Condition.conditionValue.byteBlob = fwpApplicationByteBlob;
result = FwpmFilterAdd0(engine, &fwpFilter, NULL, NULL);
Thanks in advance

Related

C++ LDAP Checking if a user is a member of a specific group

Been trying this for a while so far with no success, so hoping someone can help out (and that I'm not far off!). I just want to return whether a user is a member of a specific group through LDAP. So far I have the below code;
int authMethod = LDAP_AUTH_SIMPLE;
LDAP* pLdapConnection = NULL;
ULONG version = LDAP_VERSION3;
ULONG getOptSuccess = 0;
ULONG connectSuccess = 0;
INT returnCode = 0;
int retSearch = 0;
LDAPMessage *res;
int num_entries = 0, num_refs = 0;
pLdapConnection = ldap_init((char*)m_Hostname.GetString(), LDAP_PORT);
returnCode = ldap_set_option(pLdapConnection,
LDAP_OPT_PROTOCOL_VERSION,
(void*)&version);
// Connect to the server.
connectSuccess = ldap_connect(pLdapConnection, NULL);
// Bind
returnCode = ldap_bind_s(pLdapConnection, (char*)m_Username.GetString(), (char*)m_Password.GetString(), authMethod);
// Attempt to search for user
retSearch = ldap_search_s(pLdapConnection, "dc=as,dc=local", LDAP_SCOPE_SUBTREE, "(&(sAMAccountName = examplename))", NULL, NULL, &res);
All of this works so far, up until the searching part, for example - I want to search for a user "username" in group "Technical". I've tried things like the below;
retSearch = ldap_search_s(pLdapConnection, "dc=as,dc=local", LDAP_SCOPE_SUBTREE, "(&(sAMAccountName=username)(memberof=CN=Technical))",
nullptr, 0, &pSearchResult);
That does not return anything, so I've tried searching more and the only thing similar I've found is - LDAP Finding Members of a group PHP but it's in PHP and I cannot seem to transfer that over to C++ so far.
Any help in the right direction would be helpful as I cannot work it out. :-)
Your filter should be something like:
(&(objectClass=user)(sAMAccountName=yourUserName)
(memberOf=CN=YourGroup,OU=Users,DC=YourDomain,DC=com))
To include membership due to group nesting:
(&(objectClass=user)(sAMAccountName=yourUserName)
(memberOf:1.2.840.113556.1.4.1941:=cn=YourGroup,ou=Users,dc=YourDomain,dc=com))
The numbers 1.2.840.113556.1.4.1941 are an extended match.

How exactly is tensorflow.control_dependecy applied?

self.solver = 'adam'
if self.solver == 'adam':
optimizer = tf.train.AdamOptimizer(self.learning_rate_init)
if self.solver == 'sgd_nestrov':
optimizer = tf.train.MomentumOptimizer(learning_rate = self.learning_rate_init, momentum = self.momentum, \
use_nesterov = True)
gradients, variables = zip(*optimizer.compute_gradients(self.loss))
clipped_gradients, self.global_norm = tf.clip_by_global_norm(gradients, self.max_grad_norm)
update_ops_ = tf.get_collection(tf.GraphKeys.UPDATE_OPS)
optimizer_op = optimizer.apply_gradients(zip(clipped_gradients, variables))
control_ops = tf.group([self.ema_op] + update_ops_)
with tf.control_dependencies([optimizer_op]):
self.optimizer = control_ops
i call self.optimizer with the session
The code above is not updating the gradients. However if i change the control dependencies part of the code to the one below it works perfectly fine except that it misses out on a final exponential moving average (self.ema_op) update, which is not desirable to me:
self.solver = 'adam'
if self.solver == 'adam':
optimizer = tf.train.AdamOptimizer(self.learning_rate_init)
if self.solver == 'sgd_nestrov':
optimizer = tf.train.MomentumOptimizer(learning_rate = self.learning_rate_init, momentum = self.momentum, \
use_nesterov = True)
gradients, variables = zip(*optimizer.compute_gradients(self.loss))
clipped_gradients, self.global_norm = tf.clip_by_global_norm(gradients, self.max_grad_norm)
update_ops_ = tf.get_collection(tf.GraphKeys.UPDATE_OPS)
optimizer_op = optimizer.apply_gradients(zip(clipped_gradients, variables))
control_ops = tf.group([self.ema_op] + update_ops_)
# with tf.control_dependencies(optimizer_op):
# self.optimizer = control_ops
with tf.control_dependencies([self.ema_op] + update_ops_):
self.optimizer = optimizer.apply_gradients(zip(clipped_gradients, variables))
Please tell me what am i missing?
You need to define the tensorflow operations under the with statement, not just set the variable. Doing self.optimizer = control_ops has no effect because you did not create any tensorflow operations.
Without fully understanding your problem I think you want something like this:
with tf.control_dependencies(optimizer_op):
control_ops = tf.group([self.ema_op] + update_ops_)
self.optimizer = control_ops
The with statement enters a block, under which any new ops you create in tensorflow will be dependent upon optimizer_op in this case.

C++: Disabling RequireCHAP and RequireMsCHAP2 in the Windows RAS API

I am writing a program that will set up a VPN on a user's computer. My sysadmin told me that the security page of the VPN must have these security settings checked, and no others.
I have used this code as a basis for my own. My version sets almost everything correctly, except that it cannot uncheck the 2 boxes titled Challenge Handshake Authentication Protocol (CHAP) and Microsoft CHAP Version 2 (MS-CHAP v2). Is it possible to programmatically uncheck those 2 checkboxes while leaving the Data Encryption dropdown list set as Require Encryption? Here is my code:
void createVPN()
{
DWORD size = 0;
RasGetEntryProperties(NULL, L"", NULL, &size, NULL, NULL);
LPRASENTRY pras = (LPRASENTRY)malloc(size);
memset(pras, 0, size);
pras->dwSize = size;
pras->dwType = RASET_Vpn;
pras->dwRedialCount = 1;
pras->dwRedialPause = 60;
pras->dwfNetProtocols = RASNP_Ip;
pras->dwEncryptionType = ET_Require;
wcscpy_s(pras->szLocalPhoneNumber, L"meraki.companyname.com");
wcscpy_s(pras->szDeviceType, RASDT_Vpn);
pras->dwfOptions = RASEO_RemoteDefaultGateway;
pras->dwVpnStrategy = VS_L2tpOnly;
pras->dwfOptions2 |= RASEO2_UsePreSharedKey;
pras->dwfOptions &= ~(RASEO_RequireCHAP | RASEO_RequireMsCHAP | RASEO_RequireMsCHAP2);//This should unset the CHAP flags, but it doesn't.
RasSetEntryProperties(NULL, L"CompanyName Meraki VPN", pras, pras->dwSize, NULL, 0);
RASCREDENTIALS ras_cre_psk = { 0 };
ras_cre_psk.dwSize = sizeof(ras_cre_psk);
ras_cre_psk.dwMask = RASCM_PreSharedKey;
wcscpy_s(ras_cre_psk.szPassword, L"redacted");
RasSetCredentials(NULL, L"CompanyName Meraki VPN", &ras_cre_psk, FALSE);
free(pras);
}
I am thinking that by setting pras->dwEncryptionType to ET_Require, that prevents RASEO_RequireCHAP and the other CHAP flags from being unset, but in the Windows GUI, it is possible to uncheck them and leave Data Encryption set to Require Encryption. My sysadmin tells me that the connection will not work if either of the CHAP checkboxes are checked, or if Data Encryption is not set to Require Encryption. What can I do?
I have finally figured it out. You have to set the RASEO_RequirePAP switch. Here is the final version of the function:
void createVPN()
{
DWORD size = 0;
RasGetEntryProperties(NULL, L"", NULL, &size, NULL, NULL);
RASENTRY rasEntry = {};
rasEntry.dwSize = sizeof(rasEntry);
rasEntry.dwType = RASET_Vpn;
rasEntry.dwRedialCount = 1;
rasEntry.dwRedialPause = 60;
rasEntry.dwfNetProtocols = RASNP_Ip;
rasEntry.dwEncryptionType = ET_Require;
wcscpy_s(rasEntry.szLocalPhoneNumber, L"meraki.enoble.com");
wcscpy_s(rasEntry.szDeviceType, RASDT_Vpn);
rasEntry.dwfOptions = RASEO_RemoteDefaultGateway;
rasEntry.dwVpnStrategy = VS_L2tpOnly;
rasEntry.dwfOptions2 |= RASEO2_UsePreSharedKey;
rasEntry.dwfOptions |= RASEO_RequirePAP;
RasSetEntryProperties(NULL, L"Enoble Meraki VPN", &rasEntry, rasEntry.dwSize, NULL, 0);
RASCREDENTIALS ras_cre_psk = { 0 };
ras_cre_psk.dwSize = sizeof(ras_cre_psk);
ras_cre_psk.dwMask = RASCM_PreSharedKey;
wcscpy_s(ras_cre_psk.szPassword, L"passport2k");
RasSetCredentials(NULL, L"Enoble Meraki VPN", &ras_cre_psk, FALSE);
}
I hope this helps somebody.

gSoap Exchange Web Services Connection

I'm trying to write an application that would work with the EWS proxy classes. To generate proxy classes I used gsoap (compiled OpenSSL).
I have implemented a library that works with EWS, but. Net.
The problem is this: I have no idea how to implement a connection to the server.
Doing the following:
ExchangeServiceBindingProxy *proxy = new ExchangeServiceBindingProxy("https://192.168.0.49/EWS/exchange.asmx");
soap *pSoap = proxy->soap;
pSoap->userid = "user1";
pSoap->passwd = "password1";
pSoap->recv_timeout = 300;
pSoap->send_timeout = 300;
SOAP_ENV__Header *header = new SOAP_ENV__Header();
header->ns3__RequestServerVersion = new _ns3__RequestServerVersion();
header->ns3__RequestServerVersion->soap = pSoap;
header->ns3__RequestServerVersion->Version = ns3__ExchangeVersionType__Exchange2010;
pSoap->header = header;
//get root folder ID
ns3__DistinguishedFolderIdType *dfit = new ns3__DistinguishedFolderIdType();
dfit->Id = ns3__DistinguishedFolderIdNameType__inbox;
//set the props that we want to retrieve
ns3__FolderResponseShapeType *frst = new ns3__FolderResponseShapeType();
frst->BaseShape = ns3__DefaultShapeNamesType__AllProperties;
//get folder
ns1__GetFolderType *gftRoot = new ns1__GetFolderType();
gftRoot->FolderIds = new ns3__NonEmptyArrayOfBaseFolderIdsType();
gftRoot->FolderIds->__union_NonEmptyArrayOfBaseFolderIdsType = new __ns3__union_NonEmptyArrayOfBaseFolderIdsType();
gftRoot->FolderIds->__union_NonEmptyArrayOfBaseFolderIdsType->union_NonEmptyArrayOfBaseFolderIdsType.DistinguishedFolderId = dfit;
gftRoot->FolderShape = frst;
__ns1__GetFolderResponse response;
int error = proxy->GetFolder(gftRoot, response);
As a result, getting the error: SLL_ERROR.
I know, that i`m doing something wrong. But what? What i should to do, to use proxy classes functions?
I resolved it by myself:
Added to project LibNTLM and added to preprocessor WITH_NTLM.
Also changed code, a little bit:
ExchangeServiceBindingProxy *proxy = new ExchangeServiceBindingProxy(endpoint.c_str());
soap *pSoap = proxy->soap;
pSoap->userid = "Ivan1";
pSoap->passwd = "1";
pSoap->ntlm_challenge = "";
pSoap->authrealm = "Ursa-Minor";
pSoap->ssl_flags = SOAP_SSL_NO_AUTHENTICATION;
//pSoap->keep_alive = true;
pSoap->mode = SOAP_IO_KEEPALIVE;
//get root folder ID
ns3__DistinguishedFolderIdType *dfit = new ns3__DistinguishedFolderIdType();
dfit->Id = ns3__DistinguishedFolderIdNameType__inbox;
//set the props that we want to retrieve
ns3__FolderResponseShapeType *frst = new ns3__FolderResponseShapeType();
frst->BaseShape = ns3__DefaultShapeNamesType__AllProperties;
//get folder
ns1__GetFolderType *gftRoot = new ns1__GetFolderType();
gftRoot->FolderIds = new ns3__NonEmptyArrayOfBaseFolderIdsType();
gftRoot->FolderIds->__size_NonEmptyArrayOfBaseFolderIdsType = 1;
gftRoot->FolderIds->__union_NonEmptyArrayOfBaseFolderIdsType = new __ns3__union_NonEmptyArrayOfBaseFolderIdsType();
gftRoot->FolderIds->__union_NonEmptyArrayOfBaseFolderIdsType->union_NonEmptyArrayOfBaseFolderIdsType.DistinguishedFolderId = dfit;
gftRoot->FolderIds = (ns3__NonEmptyArrayOfBaseFolderIdsType*)dfit;
gftRoot->FolderShape = frst;
__ns1__GetFolderResponse response;
int qq = proxy->GetFolder(gftRoot, response);
return true;
But now i have enother problems: Error 500: Internal Server Error

How to create service which restarts on crash

I am creating a service using CreateService. The service will run again fine if it happens to crash and I would like to have Windows restart the service if it crashes. I know it is possible to set this up from the services msc see below.
How can I programatically configure the service to always restart if it happens to crash.
Used Deltanine's approach, but modified it a bit to be able to control each failure action:
SERVICE_FAILURE_ACTIONS servFailActions;
SC_ACTION failActions[3];
failActions[0].Type = SC_ACTION_RESTART; //Failure action: Restart Service
failActions[0].Delay = 120000; //number of milliseconds to wait before performing failure action = 2minutes
failActions[1].Type = SC_ACTION_RESTART;
failActions[1].Delay = 120000;
failActions[2].Type = SC_ACTION_NONE;
failActions[2].Delay = 120000;
servFailActions.dwResetPeriod = 86400; // Reset Failures Counter, in Seconds = 1day
servFailActions.lpCommand = NULL; //Command to perform due to service failure, not used
servFailActions.lpRebootMsg = NULL; //Message during rebooting computer due to service failure, not used
servFailActions.cActions = 3; // Number of failure action to manage
servFailActions.lpsaActions = failActions;
ChangeServiceConfig2(sc_service, SERVICE_CONFIG_FAILURE_ACTIONS, &servFailActions); //Apply above settings
You want to call ChangeServiceConfig2 after you've installed the service. Set the second parameter to SERVICE_CONFIG_FAILURE_ACTIONS and pass in an instance of SERVICE_FAILURE_ACTIONS as the third parameter, something like this:
int numBytes = sizeof(SERVICE_FAILURE_ACTIONS) + sizeof(SC_ACTION);
std::vector<char> buffer(numBytes);
SERVICE_FAILURE_ACTIONS *sfa = reinterpret_cast<SERVICE_FAILURE_ACTIONS *>(&buffer[0]);
sfa.dwResetPeriod = INFINITE;
sfa.cActions = 1;
sfa.lpsaActions[0].Type = SC_ACTION_RESTART;
sfa.lpsaActions[0].Delay = 5000; // wait 5 seconds before restarting
ChangeServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, sfa);
The answer above will give you the gist... but it wont compile.
try:
SERVICE_FAILURE_ACTIONS sfa;
SC_ACTION actions;
sfa.dwResetPeriod = INFINITE;
sfa.lpCommand = NULL;
sfa.lpRebootMsg = NULL;
sfa.cActions = 1;
sfa.lpsaActions = &actions;
sfa.lpsaActions[0].Type = SC_ACTION_RESTART;
sfa.lpsaActions[0].Delay = 5000;
ChangeServiceConfig2(hService, SERVICE_CONFIG_FAILURE_ACTIONS, &sfa)