You may not know this but when you use PSEXEC to start a process on another persons computer the process belongs to you.  This has some interesting side effects as well as a few concerns.  First off the big concern is that since now the user has, in their control, a window of say Internet Explorer with your permissions attached to it, they can now browse to any network share you have access to with that window.  As a domain admin that is kinda scary.  So what we need is a way to run a process remotely as the user that is logged in locally.  I spent a bunch of time a few months back researching this and had built a solution for an application I wrote and then I promptly forgot about it.

However yesterday someone came across this site by searching “psexec run under currently logged in account” which got me thinking about it again, I figured if other people out there are interested I should take the code I have and make it useful for others, so I did.  I went ahead and wrote a PSEXEC like program that I lovingly called OWExec that allows you to start a process on a remote system in the context of one of the users logged in currently.

This program bears some explaining so I went ahead and made it its own page here, follow the link to download and for instructions on use.

I recently picked back up the amusing art of spidering, something I had played with some years ago but decided to revisit with the intention of improving my methods.  One thing that always bothered me about spidering, at least the way I did it, is downloading pictures for the pages you spider even though they may already be cached in the temporary internet files folder.

So I finally decided to brave the temporary internet files folder on my computer and write a little code to go with it.  Here is what I found.

Read more

So yesterday we talked about the event log, you could were you so inclined, just keep the event log open and periodically refresh it thereby keeping an ‘eye’ on the event log.  However, in the end this is impractical.  So what you do is access the event log in code and monitor the events you are interested in, then when one of them fires off you notify yourself via some mechanism that suits you.  So how, you ask, might I monitor the event log in code?  Well I am glad you asked, lets look at the code after the break. Read more

So several of the applications I have written these last two weeks have involved monitoring the keyboard for key presses in one way or another.  There are a couple of ways to go about this sort of thing, one easy way and one hard (but less resource intense).  The first way is to loop (using a timer) checking the state of the keyboard every so often.  The second way is to use a global keyboard hook, which is a little bit difficult to implement since you have to have an outside dll do some of the work. 

So obviously I am going to show you the lazy easy way since that is what I have been using.  The easy way is the only way to really do it when you are knocking out code quickly for small amusing apps. 

Lets look at the code Read more

Welcome back today we are going to talk about a hole left in yeasterdays protection of executables.  That hole lies in the fact that if you rename an executable then kill it, there is no way for a watcher processes to restart it.  So what we do to solve that problem is watch the executables to make sure their names dont change, and if they do, you just change them back.  Lets look at the code. Read more