tinyapps.org / blog


Change the Windows 7 interface language #

Vistalizator is a portable app that helps you change the display language in any version of Windows Vista or 7 (inexplicably, Microsoft normally restricts this ability to Ultimate or Enterprise editions). Links to necessary MUI (Multilingual User Interface) files hosted at Microsoft and steps for creating a multi-language Windows DVD are also provided.

/windows | Aug 25, 2015

Sniffing encrypted traffic #

Fiddler Screenshot ("The free web debugging proxy for any browser, system or platform") has long been used for sniffing encrypted web traffic, but it requires full administrator access to install an untrusted root certificate for decryption to work (Tools > Fiddler Options... > HTTPS > etc) and the .NET Framework to run.

NetRipper ("Smart traffic sniffing for penetration testers") requires neither. It is "a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption." Further, "NetRipper should be able to capture network traffic from: Putty, WinSCP, SQL Server Management Studio, Lync (Skype for Business), Microsoft Outlook, Google Chrome, Mozilla Firefox. The list is not limited to these applications but other tools may require special support."

Here's a simple example of it in action:
  1. Launch Google Chrome
  2. Open cmd.exe (no need for elevated command prompt), cd to the NetRipper directory and run:
    C:\Release>NetRipper.exe DLL.dll chrome.exe
    Trying to inject DLL.dll in chrome.exe
    Reflective injected in: 2880
    Reflective injected in: 2992
    Reflective injected in: 3096
  3. Login to GMail account in Chrome
  4. NetRipper saves data to %temp%\NetRipper by default (on most systems, this will be C:\Users\username\AppData\Local\Temp\NetRipper):
    C:\Release>dir %temp%\NetRipper /B
    2880_chrome.exe_recv.txt
    2880_chrome.exe_SSL_Read.txt
    2880_chrome.exe_SSL_Write.txt
    2880_chrome.exe_StringFinder.txt
    2880_chrome.exe_WSASend.txt
    NetRipperLog.txt
  5. Search for the string "Passwd":
    C:\Release>findstr Passwd %temp%\NetRipper\2880_chrome.exe_SSL_Write.txt
    ...Email=tinyapps%40gmail.com&Passwd=PASSWORD_IN_PLAIN_TEXT_SHOWN_HERE&PersistentCookie=yes&signIn=...
Fiddler: NetRipper:

/windows | Aug 15, 2015

Migrating email from Windows Live Mail (eml) to Apple Mail (mbox) #

  1. Install Thunderbird
  2. Open Thunderbird and cancel the automatic setup
  3. Install ImportExportTools
  4. File > Offline > Work Offline
  5. Tools > Account Settings > Account Actions > Add Mail Account... > enter any name, address, and password > Continue > Advanced config > OK
  6. Select the Inbox folder in the left-hand pane
  7. Tools > ImportExportTools > Import all messages from a directory > also from its subdirectories > browse to Windows Live Mail top folder (e.g., C:\Users\user\AppData\Local\Microsoft\Windows Live Mail) > Select Folder
  8. The import process will begin and progress will be displayed in the status bar at bottom
  9. Tools > ImportExportTools > Options > Export directories > check "Export folders as MBOX file" and select a destination directory > OK
  10. Select the desired top mail folder in Thunderbird
  11. Tools > ImportExportTools > Export folder with subfolders (with structure)
  12. The export process will begin. Unlike the import process, progress is not displayed.
  13. When the export is complete, copy the exported data to the Mac and import into Mail (File > Import Mailboxes... > Thunderbird > etc.)
Related:

/windows | Aug 12, 2015

Windows 10: Privacy nightmare #

July 29 - the big Windows 10 release day. Rather than trying an unreliable workaround that was making the rounds, I followed RiotShielder's advice and downloaded an ISO from Microsoft, installing over a Windows 8.1 virtual machine (because you must upgrade your existing Windows OS to get a valid Windows 10 key before doing a clean install (recover the key with Nir's ProduKey)).

When installation completes, be sure to click the tiny "Customize" link on the "Get going fast" screen; you may (not) be surprised at how invasive Microsoft has become. Here's a taste (these are all enabled by default):

  1. "Personalize your speech, typing, and inking input by sending contacts and calendar details, along with other associated input data to Microsoft."
  2. "Send typing and inking data to Microsoft to improve the recognition and suggestion platform."
  3. "Use pge prediction to improve reading, speed up browsing, and make your overall experience better in Windows browsers. Your browsing data will be sent to Microsoft."
  4. "Automatically connect to suggested open hotspots. Not all networks are secure."
  5. "Automatically connect to networks shared by your contacts."
  6. "Send error and diagnostic information to Microsoft." (The toggle switch to enable or disable was hidden below the screen; a near-invisible scroll bar was required to view it.)

Number five apparently refers to Wi-Fi (Non)Sense, which Claus covered in some detail.

Much more about the mounting privacy problems in Windows 10 from Heini Järvinen:

By default, when signing into Windows with a Microsoft account, Windows syncs some of your settings and data with Microsoft servers, for example "web browser history, favorites, and websites you have open" as well as "saved app, website, mobile hotspot, and Wi-Fi network names and passwords". Users can however deactivate this transfer to the Microsoft servers by changing their settings.

More problematic from a data protection perspective is however the fact that Windows generates a unique advertising ID for each user on a device. This advertising ID can be used by third parties, such as app developers and advertising networks for profiling purposes.

Also, when device encryption is on, Windows automatically encrypts the drive Windows is installed on and generates a recovery key. The BitLocker recovery key for the user’s device is automatically backed up online in the Microsoft OneDrive account.

Microsoft’s updated terms also state that they collect basic information "from you and your devices, including for example "app use data for apps that run on Windows" and "data about the networks you connect to."

Users who chose to enable Microsoft’s personal assistant software "Cortana" have to live with the following invasion to their privacy: "To enable Cortana to provide personalized experiences and relevant suggestions, Microsoft collects and uses various types of data, such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device. Cortana also learns about you by collecting data about how you use your device and other Microsoft services, such as your music, alarm settings, whether the lock screen is on, what you view and purchase, your browse and Bing search history, and more." But this is not all, as this piece of software also analyses undefined "speech data": "we collect your voice input, as well your name and nickname, your recent calendar events and the names of the people in your appointments, and information about your contacts including names and nicknames."

But Microsoft’s updated privacy policy is not only bad news for privacy. Your free speech rights can also be violated on an ad hoc basis as the company warns:

"We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to", for example, "protect their customers" or "enforce the terms governing the use of the services".

At the very least, be sure to create a local account and customize the privacy settings after installation. Better yet, migrate to a truly free operating system; Richard Stallman was right all along.

/windows | Jul 29, 2015

Mount USB drives as read-only in Windows #

via a quick registry edit (no reboot required - tested in XP SP2, 7 SP1, and 8.1). Simply save the following text as an .reg file and double click to merge:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies]
"WriteProtect"=dword:00000001
To restore mounting removable disks as read-write, just change "00000001" to "00000000", resave the file, and double click to merge. Not as sound as a hardware write blocker like the Forensic UltraDock, but might come in handy for less sensitive work.

More:

/windows | Feb 17, 2015

Tiny freeware apps from Sector Seven #

Jonathan Gallant kindly informs us of Sector Seven's tiny freeware offerings:

/windows | Dec 23, 2014

Batch encrypt existing ZIP files #

zipcloak encrypts all unencrypted entries in a ZIP file, but it does not support wildcards in filenames (e.g., *.zip) for batch processing, nor does it allow passing the password in an argument; one must enter and reenter the password manually:
C:\>zipcloak.exe foo.zip
Enter password:
Verify password:
encrypting: baz.txt
encrypting: bar.txt
or jury-rig something like expect.

Happily, T. Furukawa crafted a patch for zipcloak that adds a password option, so batch processing is much easier:
C:\>for %f in (*.zip) do zipcloak -p password %f
Download the patch and/or binary from the above link or this local cache.

Batch password-protecting existing ZIP files can also be done with WinRAR (Select ZIP files > Tools > Convert archives > Compression... > Set password...) or PeaZip (Select ZIP files > Convert > Enter password / keyfile (optionally set algorithm to ZipCrypto under the Advanced tab for compatibility with Windows' built-in ZIP handling)). Note that filenames within ZIP archives are not encrypted; see Filenames display without entering the password when an encrypted Zip file is opened for more information and a workaround. Further note that the encryption algorithm used by zipcloak and ZipCrypto is very weak.

/windows | Nov 22, 2014

Find and optionally rename very long file names and paths #

Green Award Cut Long Names 1.9 [322k] + Find and optionally shorten / rename filepaths exceeding 255, 260, or any number of characters. Screenshot

/windows | Nov 15, 2014

Download emcopy.exe directly from EMC (rather than some random FTP site) #

I just learned about emcopy.exe, a file copy utility from EMC similar (and superior in some ways) to xcopy, robocopy, xxcopy, etc. Finding and downloading it is not as straightforward as it should be; here's what worked for me:
  1. Signup for a free account at https://support.emc.com.
  2. Click link in activation email to complete signup process and then sign in.
  3. (Before continuing to step 4, I clicked "Download Center Registration" on the https://support.emc.com/downloads page and registered; not sure if that was required, as the form output was rather ambiguous.)
  4. The direct download link for the archive containing emcopy.exe (https://download.emc.com/downloads/DL32449_CIFS-Tools.zip.zip (yes, there are two .zip file extensions), which I originally found mentioned here, did not initially work for me even after signing in (though a bit later it did start working - not sure if this had anything to do with the Download Center Registration). I had to go to https://support.emc.com/downloads/82_Celerra, click the Title column, search the page for "CIFS Tools.zip", and click the link there to download (MD5: c5e480a84e6dd7d8d3b2f2186a549d0c | October 30, 2013 | 8.5 MB).
  5. Once unzipped, you'll find 32 and 64 bit versions of emcopy.exe 04.14 in disk3/apps_7.1.72.1/CifsTools/emcopy/nt/ as well as a readme.txt file in the directory just above.

/windows | Oct 26, 2014

Ad Muncher #

Great story from developer Murray Hurps: Ad Muncher's 15 Year History. Here are a few excerpts:
"I loved low-level code, doing a lot of x86 assembly coding on a 386DX-40. When Windows 95 came along, I stayed at the low level and loved finding ways to do novel things on the new platform ... Our first installer was 29kb in size, which included the filter list ... Popups started to become more common around this time (X10's popunder ads were a notable source of complaints from users, wonder why?), so I implemented a rudimentary JavaScript processor, which traced script execution paths and tried to determine which paths to popup functions were automatic (bad popups) and which needed user input (good ones). Ad Muncher was still 100% x86 assembly at this point."

After 15 years as shareware, Murray is generously releasing Ad Muncher for free.

/windows | Oct 19, 2014


Subscribe or visit the archives