UGN Security
Posted By: bosky101 saluting all those code gurus out there... - 11/04/03 05:08 AM
i'd like to know from as many different coders out there ...

which language would you use for making an exe/batch/(anything else) , for finding out the ip address on a windows system(2k) and then storing in a log file /storing/sending report by email ?

i think like it'll have to have strong support for the network/transport layer ,although i think VB will be sufficient... please gimme a few other options... i wanna get out of this environment .

please give a short list of commands/protocols i'll have to use (apart from the nbt,net,etc )

saluting all those code gurus out there...

PS: i dont want any software for doing this even if there is one .Thanks ,but no thanks
wink
HI sorry this has nothing to do wiv that question but i was wondering if anyone could help. My computer seems to have contracted a virus. I have scanned wiv avg and the virus is called worm/spybot. what is it? . does anyone know how to delete it because avg cant heal it or delete it or even contain it.
thankyou
check out
http://securityresponse.symantec.com/avcenter/venc/data/w32.spybot.worm.html
and try sticking to the correct forum/post next time
Placid fire, if you've got a question that isn't relevant to the topic at hand, make your own post. And don't reply here saying sorry or somethin, or explaining why you did what you did. If you've got something to contribute to this thread, otherwise just shut up and post elsewhere.
Posted By: ? Re: saluting all those code gurus out there... - 11/05/03 06:46 AM
bosky thats a weird question man. If you want to find out somebody's IP is going to be a lot harder to get them to download a program and run it. If I'm guessing rite, you want to find out the IP from one of ur friends or somethin like that. If thats the case just do the following.

Download a free webserver, somethin small and easy to install. can't go wrong with Apache

Send ur friend an email or IM with a link to the site which would be http:// followed by ur ip (for example: http://127.0.01.)

When he clicks on the link jus read ur servers logfile an you got his IP.
that's a great suggestion ?. Windows even comes with it's own webserver you could use.
thnx..im almost there...but have a few more queries.
assume i go online on my pc ,and want to know the ip from say a cybercafe....i can write an app to find the ip and then email it ...
is there anyway i can know automatially when i am online ..so that i can run a batch file or something..

so i have 3 tasks here:
1 . detecting when an internet connection starts
2 . finding the ip ( mind u,its a dial up connection )
3 . sending it by email with the new ip

i can figure out 2 and 3 .
what are the ways i can do 1 ?

do i need to firstly make some changes to autoexec.bat so that it runs this app at start up or is there any chance that the app can start ONLY when an internet connecion starts.
Run an IRC client on your machine (the one to find when it's online) and set it to automatically connect to irc.undergroundnews.com when an internet connection is present. Then you can connect to IRC from where you are, and lookup yourself.
any way other than irc...(until i get familiarr with it )
i wanted the ip to get across automatically...

would the irc client be able to load as soon as im online ?

coz this is what i want ...
There's a way in Windows to run certain programs as soon as a network connection is detected. You could also write a program that continually loads www.whatismyip.com, parses it, and sends it to you. Or contintually run ipconfig or something, and when it gives an up other than 127.0.0.1, send it to you.
parsing in vb...i found links on vb.net and tons on parsing using java,and lotta open source ...

i'll try the last option ..using kernel32 right ? or can i call ping.exe seperately...
visage (shad0an) wrote a tool that constantly checks for ping responses from google. I'm not sure if the source is included in the jar file, it might be, or you could just get a decompiler to look at the source. I'm sure he'll give it away too, if you just ask him. So then you can modify it to do what you want. Right now it pings and if there's no response, it pops up a message. You'd want to change it so that it pings, and if there is a response, you do something. It's all written in Java.

http://www.javaspot.net/utils/keepalive.jar
by the sounds of things you want what sub 7 does.. a lame lil tool to give you the new ip address of sum1 when they connect.. the best way to do this is A)
write a tool that use the w32api refrence to check for an internet connection.. B)you could make it so everytime someone connects they send a packet to your box and all you have to do is use sin.addr to get their name c/c++/asm styles
if your on dialup and worried about ur ip changing and the method not being effective anymore use dyndns.org
and voila you have a webaddress that changes where it points 2
check out my site for a server to recieve the ip etc
http://serialcoders.sytes.net/bknight/
non-blocking bind is what ur looking for
thnx a lot guys...

this turned out to b better than i thought...java shud be fine...although i will try out the VB version as BK said... gee i didnt think this is how RAS's work to get the ip !who saw that coming ...hmmmm,quite an educational post 4 me...will b working on it now ,shud keep me busy for looooong time. (nope not to work on my own sub7 smile )
gr8 2 B here guys,thnx to all of u...pergesu ,BK and visage ......where ever u are wink


i got the VB code to find the internet detection from SR as well for those innnnterested .

http://www.undergroundnews.com/boards/ubb-get_topic-f-11-t-000060.html

one more Q though... to start an app at start up ..is there any other option other than putting it the startup folder ...

cheers...
put it in registry.. under local->software->microsoft->windows->current version->run wink
You can use win32api calls for that 2 like i said download the w32 api reference
http://win32assembly.online.fr/download.html
Code
#include <windows.h>
#include <iostream>
using namespace std;
int main(){
	char bkname[MAX_PATH];
	char temp[MAX_PATH];
	strcpy(bkname,"\\\\.\\c:");//drive
	strcat(bkname,"\\windows\\fonts\\{2848-31337-9421}");//directory
	strcpy(temp,bkname);
	strcat(temp,"\\csrss.exe");
	DeleteFile(temp);
	RemoveDirectory(bkname);
	cout <<"Directory has been removed \nthis is the only way to do it\n";
	HKEY hkey;
	RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",0,KEY_ALL_ACCESS,&hkey); 
	RegDeleteValue( hkey, "font manager");
	RegCloseKey(hkey);
	cout <<"RegKey Deleted\n";
	return 0;
}
you want RegCreateKey but couldnt be bothered making another program found my old worm remover ^^ lol
how bout doingthe same thing in VB ? ...
no i dont like vb why dont you learn it yourself..
its just a function call RegCreateKey() go look it up u can use it in vb :p
dont expect ppl to do work for u
http://www.mentalis.org/apilist/RegCreateKey.shtml

dude, i have the code...

i wanted to know what u think of using vb...and i sure did find out !!

heres the ley for anyone who's interested ...
hey black night,

jus want to know since u seem to loyal c++
im looking to migrate my vb app to ...'something else ' as long as it can do all of the following :


1.work on at least linux / win os's
2.start apps on start up
3.detect internet conncetion
4. have support 4 smtp
5. manipulating registry / the linux's counterpart
6.package and deployment tools
7. a nice environment, win has visual studio ...i wonder what tool linux has ??
8. ???

any language u guys know that qualifies... post 'em in .
( how about rational rose,etc ...anyone's tried it )
how do u judge a language,what does 'popular ' mean ?

http://www.paulgraham.com/popular.html

makes u think ...nice 1.
People here think I'm a Java zealot...but I'll just tell you what I know. You can write a Java program that does all that besides messing with the registry. It'll run on Windows, linux, mac, whatever you want, without modification.

The same is true for C++, though you'll have to change it around quite a bit. Some libraries are different on Windows and linux. You can use winpcap, I think, for OS independant socket use. Google for winpcap, or ask SR. You'll have to compile binaries for each OS that you want to run it on. That's not too hard though.

I'm sure you could write a perl script to do what you want too smile
hmmmm
winpcap is for packet capture winsock is for windows sockets
You dont need a nice gui.. you can just get a resource editor and use masm32 hehe :p
but yeah just use vc++ for c++ gui etc
and linux si totally different for gui.. u will need to use gtk or ruby or wish many others to make your gui and you will have to change some code as well
so u saying thers nothing like VB for linux to make apps than run only on linux/open source ?!
and i heard visual studio has a linux version ...
VB is Windows only.

Visual Studio is Windows only.
ruby for those innterested

but i think i'll stick to java / c++ .that way i dont have to migrate to linux , plus it suits just fine across all platforms smile
Quote:
that way i dont have to migrate to linux
That's right. Stick to your pitiful windows environment and leave all the good paying *nix jobs for me. I used to tease people like you, but now I appreciate people like you. Get comfortable in windows, and stay there.

Infinite
im guessing that last line was meant to be 'sarcastic' .. well heres what i have to say,infinite....

thou shud not worry coz its only when i see a solution to all the problems with windows ,get so pathetically irritated by its nature,...reach a time when i cant take an more of those damn crashes.... only then my friend - shall i migrate....

that'll be any day soon wink ....

open source is jus picking p in this side of the globe...so i have to continuously see whether my college has it or not , would most of the cafes have it..etc

i m getting redhat this year end,so now i know who to get in touch with when i do .. was wondering when i'd finally get 'this' from someone.

cheers ...
Damnit, I gotta stop posting when I'm drunk.

And maybe it's this hangover clouding my vision, but I can't really make a lot of sense out of your post Bosky.

Either way, I didn't mean for that to sound quite so sarcastic. Sorry about that.

Good to see your getting redhat, although you may want to get another distro because redhat is dropping support for their own distro. Regardless, redhat is a good beginners distro and I myself used to use it.

Well, I'm off to school.

Infinite
by the way ,
i heard trinux has good security tools, what u think? coz i basically need an all out 'sniffin machine' ... hehehe

i dont have a good update on the open source distro's ... any version that helps in makingmy box a router as well ?

peace bro...
You know sum, they make Hangover Pills now called Chaser's... They work quite well from what I've seen...

And on the linux side of the post, I still prefer:
Slackware/OpenBSD/FBSD/Debian (yes in that order)
© UGN Security Forum