Injecting code - why?
-
Is there a real need for the ability to inject code into a remote process and execute it? I've been reading articles on CP lately concerning hooks and other ways to get information from another process (mostly passwords and things like that) - and it's got me wondering. Is there a reason why people would need to do this other than snooping about for "private" information? Will future OS's by MS allow this? I don't think this is the same thing as the NX bit in SP2, or am I wrong about that?
-
Is there a real need for the ability to inject code into a remote process and execute it? I've been reading articles on CP lately concerning hooks and other ways to get information from another process (mostly passwords and things like that) - and it's got me wondering. Is there a reason why people would need to do this other than snooping about for "private" information? Will future OS's by MS allow this? I don't think this is the same thing as the NX bit in SP2, or am I wrong about that?
lynchspawn wrote: Is there a reason why people would need to do this other than snooping about for "private" information? Gridded computing is one specific use. I can easily write a client for processing on a shared network. Network computing has been around for a while. But that client is specific to one particular use (seti, folding are big internet based network clients for this; I could do some on weather or particle dynamics in atmosphere, etc.). But there is a growing desire in "closed networks" (not on the internet or otherwise available to the outside world, to have a single client that allows remote computation of any algorithm and any problem solving. This means it must have a generic ability to process functionality thus code injection. One client, all problems (theoretically). lynchspawn wrote: Will future OS's by MS allow this? Definately, though hopefully someone would allow this to be disabled. _________________________ Asu no koto o ieba, tenjo de nezumi ga warau. Talk about things of tomorrow and the mice in the ceiling laugh. (Japanese Proverb)
-
Is there a real need for the ability to inject code into a remote process and execute it? I've been reading articles on CP lately concerning hooks and other ways to get information from another process (mostly passwords and things like that) - and it's got me wondering. Is there a reason why people would need to do this other than snooping about for "private" information? Will future OS's by MS allow this? I don't think this is the same thing as the NX bit in SP2, or am I wrong about that?
There are plenty of bad (read: evil) reasons to do it. There are even a few good ones. One of my applications supports a feature that goes into a remote process and iterates over its open
HANDLEs so that you can see what files/directories it has open. This is used to help resolve errors like "The process cannot access the file because it is being used by another process." (error code32,ERROR_SHARING_VIOLATION). Peace! -=- James
If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Tip for new SUV drivers: Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
DeleteFXPFiles & CheckFavorites (Please rate this post!) -
There are plenty of bad (read: evil) reasons to do it. There are even a few good ones. One of my applications supports a feature that goes into a remote process and iterates over its open
HANDLEs so that you can see what files/directories it has open. This is used to help resolve errors like "The process cannot access the file because it is being used by another process." (error code32,ERROR_SHARING_VIOLATION). Peace! -=- James
If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Tip for new SUV drivers: Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
DeleteFXPFiles & CheckFavorites (Please rate this post!)James R. Twine wrote: This is used to help resolve errors like "The process cannot access the file because it is being used by another process." (error code 32, ERROR_SHARING_VIOLATION). Having this feature as a sample would be very useful :)
Fold with us!
All murderers are punished unless they kill in large numbers and to the sound of trumpets - Voltaire, 1694-1778 -
Is there a real need for the ability to inject code into a remote process and execute it? I've been reading articles on CP lately concerning hooks and other ways to get information from another process (mostly passwords and things like that) - and it's got me wondering. Is there a reason why people would need to do this other than snooping about for "private" information? Will future OS's by MS allow this? I don't think this is the same thing as the NX bit in SP2, or am I wrong about that?
-
Is there a real need for the ability to inject code into a remote process and execute it? I've been reading articles on CP lately concerning hooks and other ways to get information from another process (mostly passwords and things like that) - and it's got me wondering. Is there a reason why people would need to do this other than snooping about for "private" information? Will future OS's by MS allow this? I don't think this is the same thing as the NX bit in SP2, or am I wrong about that?
Some people actually think that MS programmers intentionally create features on the OS to make viruses/spywares. I see dead pixels Yes, even I am blogging now!
-
James R. Twine wrote: This is used to help resolve errors like "The process cannot access the file because it is being used by another process." (error code 32, ERROR_SHARING_VIOLATION). Having this feature as a sample would be very useful :)
Fold with us!
All murderers are punished unless they kill in large numbers and to the sound of trumpets - Voltaire, 1694-1778K(arl) wrote: Having this feature as a sample would be very useful Yes, but then how would I make money with the product?!? :) Seriously, there are many things that I have done that I think would make interesting and useful articles (resolving file handles to filepaths, creation of a "pop-in bar", like the little bar that appears at the top of the IE rendering area when a popup or an ActiveX control is blocked, a collection of console utilities that makes creation of more powerful batch files simple, objects that expose much more power to scripts, etc.) The problem I have is with the lack of a consistent usage terms here on CP, so they will only ever see the light of day on my server, under my usage terms. Peace! -=- James
If you think it costs a lot to do it right, just wait until you find out how much it costs to do it wrong!
Tip for new SUV drivers: Professional Driver on Closed Course does not mean your Dumb Ass on a Public Road!
DeleteFXPFiles & CheckFavorites (Please rate this post!) -
Some people actually think that MS programmers intentionally create features on the OS to make viruses/spywares. I see dead pixels Yes, even I am blogging now!
Daniel Turini wrote: Some people actually think that MS programmers intentionally create features on the OS to make viruses/spywares. That is why my comment earlier about those features that sound really really good at first glance, but later turn out to be liabilities. _________________________ Asu no koto o ieba, tenjo de nezumi ga warau. Talk about things of tomorrow and the mice in the ceiling laugh. (Japanese Proverb)
-
Is there a real need for the ability to inject code into a remote process and execute it? I've been reading articles on CP lately concerning hooks and other ways to get information from another process (mostly passwords and things like that) - and it's got me wondering. Is there a reason why people would need to do this other than snooping about for "private" information? Will future OS's by MS allow this? I don't think this is the same thing as the NX bit in SP2, or am I wrong about that?
Do you like programs that do things not originally envisioned when the system was designed? Like, adding spell checkers to ordinary textboxes? Or detecting when you're not interacting with the system, in order to do background processing or mark your IM session as "idle"? There are plenty of good reasons. There are also plenty of bad ones. We're getting better about not running untrusted code (death to IE+ActiveX!) easily though, so if you're careful about what you install, things aren't so bad.
You must be careful in the forest Broken glass and rusty nails If you're to bring back something for us I have bullets for sale...