How to read file properties in Go [closed] - windows

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 3 years ago.
Improve this question
I'm looking for a way to read the properties of a file so that I can programmatically verify a file came from a specific company. I just want to perform the basic checks such as 'is it signed' and 'who signed it' - the information that you can get when you right-click the file and select 'Digital Signatures'. I can't call any OS specific tool (e.g. signtool --verify) and ideally want to avoid any third party libraries as we have a super strict policy in regards to using them.
This will be initially on windows using GoLang and will be used to verify some signed msi files. I was thinking I could load one of the OS dlls to help out but not sure what one would be able to provide that information. If someone can point me in the right direction I should be taking in order to solve this problem or provide a short example of something similiar that would be great.

It sounds like you want to call WinVerifyTrust, WinVerifyTrustEx, or some similar functionality. Searching for golang WinVerifyTrust, it looks like there exists some example go code you could reference for invoking the system's wintrust.dll. Assuming you're willing to write code that only works on Windows, that's probably the direction I would recommend.
From a more cross-platform perspective, you could instead look for OpenSSL wrappers or implementations. Reportedly, Windows PE digital signatures are based on PKCS#7, which OpenSSL should be able to support with enough glue code.

Related

Working with monkey patches [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 4 years ago.
Improve this question
Is monkey patching possible in Go as in Ruby?
If so, I have a third party library build, which contains one function called encrypt. Now i want to overwrite the behaviour of the function. Is that possible?
Golang is a compiled language, you'll have to edit the code, recompile and deploy all over again. "monkey patching" isn't possible as if you're talking about changing the software after it is already deployed like ruby. (which is an interpreted language).
But if your concerns are beyond an hotfix and involve adding new code at runtime from external source, you might want to have a look at go plugins.
here's a nice medium post about it.
I'm not big on ruby so to make sure we are on the same page: my understanding is that monkey patching allows you to change the underlying behaviours (methods) attached to a given type at runtime.
In go this would be a big fat no no, probably should be in ruby too for the most part :)
Types are concrete in go, everything has to know what it is dealing with at compile time. It's difficult to propose a solution without a clearer understanding of the end goal, can you provide a more concrete example?

Analysis of hostile code. How to deal with packer and how to figure out the language it is written on? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I received a tailored email with an infected attachment from a public email. I would like to more about the payload. What is the right way to study this? I would like to use a debugger. Easier, but riskier option is to run it on Windows guest/Linux host on a sacrificial box without wifi card and comparing disk images before and after infection.
If I go the debugger way, how should I unpack the code?
How to tell in what language the malware was written?
Can any code be debugged by changing defensive conditional jumps (like "if debugger present" jump, or there are other pitfalls?
How likely is it for malware jailbreak vmware and infect Linux host?
This is a time consuming project. You should familiarize yourself with several tools:
You will need to identify packer. PEID is a good start.
Unpacking tools (GUNPacker).
Debuggers (OllyDbg or WinDbg).
Code analysis tool (LordPE).
Dissasembler.
Binary Analysis Tools (PE Explorer).
At least get confident using these tools on your own code. Otherwise, it might be better to contact professionals.

What is the code within the choice command [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
That title may be a bit confusing, so let me elaborate. I want to know what the code is behind the choice command. There is not really much reason other than curiosity and the fact that it might help me one day. I've searched everywhere but can't find it.
I don't know much about open source projects and the like, but may it be because Windows doesn't want people to know (or for it to be easily accessible)?
Any information will be appreciated.
Windows is not open source. The code for any Windows command-line utilities is not routinely released. This has nothing to do with Microsoft especially not wanting you to know how choice in particular is implemented!
That said, it looks to be very straight-forward. Implementation would be a dozen lines or so at most.. what part of it is giving you trouble?
As Mahmoud Al-Qudsi pointed out, Windows is not open source. FreeDOS however is, and the choice command is available here.

Projects handler program [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
In our company we need a project handler so we decided to write our own.
We use CMake and bazaar and we still don't know if to store the informations of the
projects in XML format or in a database.
We are locked at this point: we would like to use as less languages/tools as possible
but we cannot find a way to interface CMake with XML files or databases.
An idea could be Python but it would be really annoying to use a new language just for an interface. We've seen that there's a Python framework (Waf) but we have already used CMake for all our projects and it would take a lot of time to convert all.
We work with Ubuntu and Windows.
Suggestions ?
thanks in advance
Rather than make your own tool, use an off-the-shelf product like something from the Jira suite, or BuildMaster. Many of these have great integration with most build software and don't require you to write and maintain your own stack just to manage projects.
Focus your developer time on solving your business problems, not on reinventing the wheel. Their time is MUCH more valuable than the cost of using a ready-made solution.

Buy or build tool for Data Reporting? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
We have been asked to provide a data reporting solution. The followng are the requirements:
i. The client has a lot of data which is generated everyday as an outcome of the tests they run. These tests are run at several sites and they get automatically backed up into a central server.
ii. They already have perl scripts which post process them and generates excel based reports.
iii. They need a web based interface for comparing those reports and they need to mark and track issues which might be present in those data.
I am confused if we should build our own tool for this or we should go for already exiting tool(any suggestions?). Can you please provide supportive arguments for the decision that you would suggest?
You need to narrow down your requirements (what kind of data needs to be compared, and in which format?). Then check if there is already a software available (commercial or free) that fulfills your needs. Based on that, decide if its better (i.e. cheaper) to implement the functionality yourself, or use the other software.
Don't reinvent the wheel.
There are quite a few tools out there that specialise in this sort of thing, my gut feeling is that you can find something ready made that does what you need.
As a side note, that tool may also be a better solution for creating those excel reports than the perl scripts.

Resources