Hackszine.com: Windows Archives

Archive: Windows

Page 1 of 6 1 2 3 4 5 6 >>

October 8, 2008

HOW-TO Request Microsoft hotfixes quickly

Getting a Hot Fix

Hotfixes are patches that Microsoft makes available before they've been fully tested and integrated into a service pack or official patch. But if you're one of those people who's been affected by a bug, you might not hesitate to give the hotfix a try. However, getting a hotfix can be tricky: in some cases, you'll see an option to request it online, in other cases, you'll have to contact support directly.

Aaron Tiensivu has posted information about a technique that generates the online request even when it doesn't appear by default:

I don't know if this is considered a 'backdoor' or not, but it has worked with every KB article I have tried it on so far.

Most of the time, if a KB article is available to the public, there will be a "Hotfix Download Available - View and request hotfix downloads" message on the top of the screen like this:

If you have a particular KB article that you want to download, and the image above seems to be missing, try this link in your web browser:

http://support.microsoft.com/hotfix/KBHotfix.aspx?kbnum=[KBnumber]&kbln=[KB language]

Requesting MS hotfixes online has changed slightly - new way of generating a request

Also, the How-To Geek has an article up about Hotfixr, which will generate URLs of this format for you.

October 4, 2008

Making Windows XP play a little better with solid state drives

disable prefetcher

I tried getting Windows XP running on my 20GB EEE PC 900, but out of the box, it's pretty sluggish. The problem may be that Windows XP is not being optimized for solid state drives (SSDs). Posting on the OCZ (maker of SATA SSD drives) forums, Tony has written up a HOWTO on making Windows XP play quite a bit better with SSD drives:

Cheaper SSD drives like our Core V1 and Core V2 series have limitations with random writes filling up the write buffer on the drive and causing the SATA controller to pause while this is flushed. The reason for this is Nand MLC drives at present have to erase before they write...hence you get added latency. So every bit written to the drive has to be preceded by a bit erased, the drive can not write over the top of pre written data.
What we are trying to do here is limit how much XP writes to cache/database. many apps within XP do this, apps you add also do this (such as outlook)
The tweaks you will see listed may help with this, SSD's do not take well to lots of tiny random writes.

I gave these a try on my EEE PC today, and they made things quite a bit faster. I'm still getting the occasional freeze, but that only started happening after I put some files on the 16GB secondary drive in my EEE PC. As long as I stuck with the faster 4GB C: drive, these tips made a world of difference in performance. My next step is to try formatting the D: drive as FAT32 to see if that makes any difference at all.

Making XP pro SSD friendly

September 10, 2008

HOWTO - make a serial port IR receiver

Alessio Sangalli has been maintaining a guide for a few years that shows you how to create a serial port IR receiver from scratch and use it in both Windows and Linux. Her design is pretty slick since, as you can see from her photo above, the whole package fits neatly inside a standard 9 pin serial connector. There are still plenty of machines that don't have built-in IR support, so this could be handy if you're thinking of turning an old box into a media player or DVR.

How To Build A Simple But Cool IR (Infra Red) Receiver

July 23, 2008

NTFS Alternate Data Streams - hide files inside other files

The NTFS file system has support for additional data, called Alternate Data Streams (ADS), to be attached to any file. Normally this is used by the operating system and file explorer to bind extra data to a file, such as the file's access control information, searchable file meta-data like keywords, comments and revision history, and even information that can mark a file as having been downloaded from the internet. Because this extra information is bound to the file at the filesystem level, you can move the file from one folder to another and all of the various meta-information and permission data stays with the file.

The interesting thing is that a file can have 0 to many ADS forks attached to any file or directory. While some of the ADS identifiers are use by the OS, there's nothing stopping you from adding other ADS forks to a file. You can do this directly from the command line, using a simple colon ":" notation.

Let's say you have a file called test.txt. You can store a secret message in the file like this:
echo "This is a secret" > test.txt:secretdata

If you view the contents of the file, you won't see anything peculiar. If you know about the existence of the secretdata ADS entry, however, you can easily extract the hidden information with the following command:
more < test.txt:secretdata > output.txt

When you now open output.txt, you'll find your secret data inside.

Because it's a lower level OS feature, you can even trick most programs into loading the data. In the scenario above, you could actually load and edit the secretdata stream inside of notepad by running "notepad test.txt:secretdata".You can even store and execute binary data of any particular size in an ADS fork. For instance, maybe you want to shove solitaire inside one of your text file's ADS entries:

type c:\winnt\system32\sol.exe > test.txt:timewaster.exe

Running the file is as simple as "start .\test.txt:timewaster.exe". Wild, no?

So the odd thing is that all these hidden streams are floating about your filesystem and until Vista's /R flag on the DIR command, there hasn't really been a very good built-in way of detecting them. To solve this, Frank Heyne created an application called LADS which is an excellent command line utility that will scan a directory and print out stream names and sizes for files within it.

There's was also a tool released in an MSDN article about file streams that will at an extra tab to the file properties in Windows Explorer. I've linked to a FAQ that Frank maintains about ADS that walks you through setting up the dll and registry entries to make this work. When it's activated, the Streams tab in the properties panel will let you create, view, edit or delete the stream data that's attached to any file, right in Explorer.

I can see how this file system feature could be useful, but it's a little odd that it's so hidden from the user and there seem to be a few problems with the concept. Obviously, because of ADS's hidden nature, there are a number of malicious uses that can be employed by jerk-o's who write virii and that sort of thing. Even ignoring that, there are also data interchange issues—moving a file between NTFS and another file system causes the loss of all this attached information. Call me old fashioned, but I like my files the way they used to be, with a start, an end, and some bytes in between.

Frank Heyne - Alternate Data Streams in NTFS FAQ
LADS - NTFS alternate data stream list utility
The Dark Side of NTFS
MSDN: A Programmer's Perspective on NTFS Streams and Hard Links

May 29, 2008

Wii Balance Board hacks

A few days ago, this video appeared with Matthieu Deru and Simon Bergweiler showing off a hack that allows them to surf Google Earth using a Wii. Unfortunately, there weren't too many details about how it was accomplished and I couldn't track down any source for the C# application that talks to the bluetooth device.

What I did find was this other clip from almost a month ago (?!?) in which Daniel Schneider demonstrates using the Wii Balance Board to navigate the web in Firefox.

That's right. You can actually surf the web:

He's using the latest version of GlovePIE (v0.3) to accomplish this. As far as I can tell, it's still very alpha, and the WiiLi wiki claims it's buggy, but it does appear to work. Daniel has some pointers to how he's configured things, including the Greasemonkey script that allows you to surf without clicking.

For more information on coding GlovePIE scripts that use the Balance Board, peek at the documentation.rtf file that's packaged with the GlovePIE download. There's information around page 70 that describes how the board functions and how to pull the 4 sensor values from each of its feet.

Using GlovePIE and Firefox with the Nintendo Wii Balance Board
GlovePIE

April 6, 2008

Windows Mobile del.icio.us plugin

If you're a del.icio.us power user and you use Windows Mobile, you've probably missed the del.icio.us plugin that's available in desktop browsers like IE and Firefox. Dale Lane took this problem as a challenge and coded a nice little Pocket IE plugin that adds a del.icio.us submittal form to the browser's menu.

This is not as trivial as I expected - it took hundreds and hundreds of lines of code just to get a new entry in the Internet Explorer's menu that gets me access to the web browser object as an IWebBrowser2. And (perhaps especially so for someone who has been getting a little lazy with Java and C#! ), some of it is a little intricate and complex.
Still, once done I could use my access to the browser to launch my "post to del.icio.us" form and prefill it with the URL and page name of PIE's current page. From there, the form uses the public del.icio.us API to send all the info off to my del.icio.us list.

It's written in C++ and he's zipped up the full Visual Studio project. Based on the difficulty and lack of great documentation for doing something like this, this is actually a pretty solid find. If you want to make a PIE plugin, this would be a good place to start.

A del.icio.us plugin for Windows Mobile (or C++ is a pain)
Pocket IE del.icio.us plugin and source

March 31, 2008

Faster Windows shutdown

It pretty typical for Windows to take a minute or two to shutdown. Most of this wait is due to the OS being extra patient, waiting for all of your applications to safely close. So when an application hangs during shutdown, you are forced to twiddle your thumbs until Windows decides that enough time has elapsed to force-kill the application.

It turns out that most of these arbitrary timeout periods are configurable through the registry and Dennis O'Reilly has posted some easy tweaks that will force Windows to shut down a lot faster.

The registry keys in question are "HKEY_CURRENT_USER/Control Panel/desktop/WaitToKillAppTimeout" and
"HKEY_CURRENT_USER/Control Panel/desktop/HungAppTimeout". The first controls the amount of time, in milliseconds, to wait before killing applications at shutdown, and the second is the amount of time to wait before killing a hung application.

There are some other registry adjustments that can be made which will automatically end running tasks and speed up killing hung services. Check the link below for the nitty gritty.

Shut Down Windows in an Instant

March 30, 2008

Assign USB drives to a folder

When a drive is mounted in Windows, it's normally assigned the next available drive letter, and using the disk management tool, you can force a disk to use a specific drive letter. It turns out you can even take this one step further and map a drive to a directory/folder path on another disk.

With this hack, you can have your external USB disk show up on "c:\usb", or anywhere else you like. Here's how:

Open the disk management utility: Start->Run>diskmgmt.msc
With the USB disk inserted, select the drive from the list.
Right-click and select "Change Drive Letter and Paths"
Click add and select the "Mount in the following empty NTFS folder"
Browse to the folder you want the disk to mount beneath

Now when the disk is inserted, it will always show up mounted beneath the directory of your choosing.

This could come in handy if you have a folder that's filling up your disk. Normally if you move it to another disk, it affects a bunch of paths (especially if it's your program files or something on your desktop). With this tip, you could add another drive, move the contents of the directory to it, and then mount it beneath the former directory.

Assign USB Drives to a Folder [via Lifehacker]

March 11, 2008

N64 emulation: better than the real thing

Racketboy has a great article showing off some of the capabilities of the modern N64 emulator. If your machine is fast enough, most of the available emulators will really give you a noticeable resolution boost and better looking anti-aliased models. Using the Rice Video plugin with the Project64 emulator, you can even swap out the textures for some games with user-created texture packs.

I still use the real hardware (is the N64 considered "retro" now?), so before seeing this, I hadn't even considered emulation for this platform. That all changed when I saw the Mario64 mod shown above. The selection of available emulators is impressive, and there are open source emulators available for just about every platform. I'm currently playing a game under Mupen64 on my iMac and it's pretty flawless. My only wish is that all computers came, by default, with a nice joystick like they did back in the 80s.

Enhance N64 Graphics With Emulation Plugins & Texture Packs - Link
Project64 Emulator - Link
Rice Video Plugin - Link
Mupen64 Emulator (cross-platform, open source) - Link

March 9, 2008

Command line Twitter

You can easily update your Twitter status from the command line using cURL. The Tech-Recipes blog posted this handy command line hack:

With cURL installed, you can post to Twitter from the terminal window by using the following syntax:

curl -u yourusername:yourpassword -d status="Your Message Here" http://twitter.com/statuses/update.xml

You will receive a response containing the XML coding for your post which acts as a confirmation that your post was submitted.

Consider this: instant messaging is the new talk (phone for my VMS peeps) and Twitter is the new finger. It's nice to see at least one of these handy communication tools make its way back to the command line.

Posting to Twitter from the Terminal Window - Link
cURL downloads - Link

March 7, 2008

Run Linux apps in Windows with andLinux

andLinux is a Ubuntu distribution that used the coLinux kernel, a Windows port of the Linux kernel which allows andLinux to run natively inside Windows without any virtualization software. After downloading, you basically just run the install Wizard. When your machine reboots, an extra taskbar icon will be waiting for you to launch and install pretty much any standard Linux application.

The coLinux kernel can be launched as a service and it runs in the background with a dedicated amount of RAM allotted to it. During the install, you create a folder to house the andLinux Ubuntu installation's root directory. If you need to access the full C drive from Linux applications, it's just a quick entry in the /etc/fstab.

When you've got everything running, the end result is really seamless. The Linux applications each run in a standard window, just like your Windows apps. There's no switching between operating system windows. Xterm, Konquerer, Amarok, whatever—It basically just works.

The installation is pretty simple, and there's also a nice tutorial at Tinkernut that runs you through the installer and shows you how to use Synaptec to easily install other Linux applications. If you're primarily a Windows user, but you miss all the great open source apps and command line tools that are available in Linux, this is worth the 700MB download.

andLinux - Link
Using andLinux (video) - Link

March 4, 2008

Ram dump over Firewire

Unlike USB2, the Firewire spec allows devices to have full DMA access. By impersonating the appropriate device, a PC can essentially obtain full read/write access to another machine's RAM, just by connecting the two machines with a Firewire cable. Adding to the recent discussion about the insecurities of physical access and Princeton's cold-boot RAM dump demonstration, Adam Boileau released a Linux Firewire utility that will give you immediate Administrator to an XP machine:

It's two years later, and I think anyone who was going to get the message about Firewire has already got it, and anyone who was going to be upset about it has got over it. Besides, according to Microsoft's definition, it never was a Security Vulnerability anyway - screensavers and login prompts are - as Bruce says - about the Feeling of Security. Anyway, today's release day for Winlockpwn, the tool I demoed at Ruxcon for bypassing windows auth, or popping an admin shell at the login window.
...

Yes, you can read and write main memory over firewire on windows.
Yes, this means you can completely own any box who's firewire port you can plug into in seconds.
Yes, it requires physical access. People with physical access win in lots of ways. Sure, this is fast and easy, but it's just one of many.
Yes, it's a FEATURE, not a bug. It's the Fire in Firewire. Yes, I know this, Microsoft know this. The OHCI-1394 spec knows this. People with firewire ports generally dont.

Adam's tools include a few Python apps that can copy and impersonate Firewire device signatures, dump RAM on a remote machine, bypass Windows authentication, and extract BIOS passwords. It's not exactly comforting, but I've got a new appreciation for Firewire now. This is the sort of access that used to only be possible by creating hardware that physically connects to the PCI bus. Now all you need is a cable and a laptop.

Firewire, DMA & Windows - direct memory access over Firewire - [via] Link

February 25, 2008

Make a remote connections to Windows Home Server

Windows Home Server may seem like an unusual piece of software, but it's worth playing around with if you are considering a home server for your Windows systems. You can get a 120-day evaluation version from Microsoft, and OEM versions are available from retailers like Newegg.com. Here's a Windows Home Server hack from Preston Gralla's Big Book of Windows Hacks. This one shows you how to connect remotely to your home server so you can keep an eye on things back at home. Hack #129 - Link

Related:

Big Book of Windows Hacks @ the Maker Store - Link
Big Book of Windows Hacks--New from Make: Tips & Tricks for Unlocking the Power of Your Windows PC - Link
Hack #156 from Big Book of Windows Hacks: strip down your Windows installation - Link
Big Book of Windows Hacks #16: a grab bag of Vista interface hacks - Link

February 23, 2008

Remote file access through email

Shantanu Goel put a proof-of-concept Outlook macro together that will send you files in response to a specially formatted email. The idea is that you can activate this and leave Outlook running on your computer at work and if you are offsite and need to grab a document it's only an email away.

This project came into being after reading this post at lifehacker (original post and solution here). It listed a method to retrieve mails on your home/office PC by sending a "magic email" to it, but it was only for mac's. Seeing that people wanted it for windows as well, I thought of making something up during lunch time at office.

If you think about it, this is kind of a clever way to get around a corporate firewall. It'd be funny to add some directory listing functionality to it and formalize an email file transfer protocol.

Remote File Access Through E-Mail -Link

February 21, 2008

SIXAXIS hacks

Hackszine reader IraqiGeek writes:

I made an application that uses libusb-Win32 and PPJoy to map the Sony Sixaxis into a windows joystick with the accelerometers working and mapped.
Unfortunately, the gyro on my sixaxis seems to be faulty. So, while the code is already there to read the gyro data, it can't be used for anything.

The installation process is not exactly the shortest, but I've made a step-by-step how-to describing it.

I did a little digging and there are a couple of other noteworthy SIXAXIS hacks. In addition to IraqiGeek's driver, there is another Windows SIXAXIS driver that people are using with some success. I also was able to find a third Windows driver which contains full source, in case you want to do something more interesting than play games.

Speaking of more interesting, there also exists an open source library for Linux. If you check out the above video, you can see that a gumstix embedded computer is using the SIXAXIS input to control a number of servos.

The six R/C servos are connected to a Gumstix board with built-in Bluetooth module. Inertial measurements from the SIXAXIS are received directly through a PF_BLUETOOTH socket (not through the joystick API, due to HID descriptor issues). Heuristics explicitly discriminate between two types of motion (rotation or translation).

The author was even able to use this setup to control a small helicopter. Pretty cool stuff, I must say.

Anyone know if the SIXAXIS sensor data can be easily polled with an Arduino? Maybe this could be a be a cheap option for a 6DOF IMU.

Using the PlayStation 3 controller in Bluetooth mode with Linux - Link
SixAxis source driver for Windows - Link
Use your SIXAXIS on Windows (ps3sixaxis_en.exe)- Link
WinSIXAXIS (IraqiGeek's libusb/PPJoy driver) - Link