Limit access to an Excel file database - windows

I'm using some Excel files like databases.
Those files are read by a VBA code that extract data from it.
For example I've created an Excel file containing logins and password to build an authentification system.
What I would like to do now is to limit access to those files so that only my code can access/modify them.

Safeguards:
Hide the window when reading, at the end of the sub close the workbook.
Password protect the workbook, its VBE with a separate password.
Password protect the sub that calls the workbook (containing the password as plain text).
Events to every possible occasion to close the workbook if accessed manually.
If someone only needs to read it, a query can be set up on the fly then disconnected ASAP.
Make sure you double- and triplecheck whether you can use alternatives, Excel is not safe.

Instead of using Excel to store passwords, you can test who is currently logged in to windows via curr_user=Environ("USERNAME") in VBA.
This pushes the authentication to Windows and you don't have to store passwords. Then you just need to look up the curr_user on a list of authorized users, which is better than storing a list of users and passwords. #user3819867 's suggestions would still apply to this 'user list', just as it would to a 'user and password' list.
Only trade-off is that you couldn't run the Excel database on someone else's computer, but that might be a reasonable compromise compared to the alternative.

Related

Save application settings in vb6

I wanted someone to help me decide which is the best option to save the settings of an application on vb6. I understand that this can be done with an INI file and/or modifying the registry. I need you to move the directory if one computer to another, the application stops working.
What you think is the best option?
If someone has an interesting link that can help me thank you very much!
Thank you for readme and sorry for my English!
We don't use the registry but follow these steps which has worked well for us even when crossing platforms and new versions of a language:
Save all parameters in a table in a database associated with the application. We normally call this "Code" with the fields "Type", "Code", "Description", and "Control". For example, the name of the company would be stored in the table as "PARM","CONAME","My Company Name","". If you have a dynamic list of transaction types, store them as "TRNS","01","My 1st Type","" and "TRNS", "02", "My 2nd Type", "" and so forth. The Control field is used for anything you want that's hidden from the user but possibly controls how the program responds based upon the users selection of that type...as an example. To get the list of types, just use a SELECT statement like "SELECT * FROM [Code] WHERE [Type]='TRNS' ORDER BY [Code];".
Save the connection to the database in an encrypted ini file. We wrote the encryption and decryption functions ourselves. There are various out of the box ways to do this on various blogs.
Installing the application on another system demands access to the database and copying the ini file.

How can i count currently connected users in my lotus application (nsf)?

I have an xpage application and i simply want to count open sessions (anonymous users) or logged in users or both, and display this info on a page.
This question http://bit.ly/1sUMt8m is still open without solution.
Any ideas how to do that?
You can obtain this information from the console. show users will give you all users and their open databases. show opendatabases shows the databases and reads. See the documentation for details.
So you could use sessionAsSigner and issue the console command from your code. Add -xml to get the response in a format you can parse with certainty.
The measure is slightly crude since a user could have closed a window while the session is still valid.
Short of that you would need some JS trickery

How To Write Your Own FTP Uploader with Automator

Is it possible to write your own application/command that will allow you to automatically upload your files to your ftp server?
Basically the flow I want to achieve is this
My app/action/whatever is scheduled to upload at a certain time
When the certain time arrives, the files in my specified folder will be uploaded
Of course, to upload, some data must be set like the username, password, ftp server etc...
After my files have been uploaded, the local files will be wiped-out.
I don't exactly know where to start. Can someone help me with this. Thank you.
Take a look at http://editkid.com/upload_to_ftp/. It comes with the source code so you can modify it to fit your needs. You can combine it with an Automator action to delete the files after upload.
To schedule it, http://smallbusiness.chron.com/schedule-automator-tasks-mac-os-x-39132.html.

Writing VB script under HP's QTP-11

I'm still a novice at QTP (still learning even the GUI) and I need to write this VB script under it:
Write a QTP script that:
Browse to Yahoo mailbox
Perform registration process to Yahoo if this is a new user
Perform log in to yahoo mailbox if it is existing user
Send new mail to valid Mailbox
Use English version for the yahoo mailbox.
Use only one action and Implement the code with public sub
procedure and unique Data table
for the test (don't use default
QTP Data table)
Any directions and/or suggestions will be gladley accepted.
Thanks
Well simple Record action did the trick, but there is no use of public sub procedure and unique Data table.
Is that called a valid test ? Is the only VBS code of this action is the code in the Expert view ?
THNX

Is there a quick and easy way to dump the contents of a MacOS X keychain?

I'm looking for a way to dump (export) the contents of an OS X keychain into a file that I can easily process elsewhere, such as tab-delimited plaintext or something of the sort.
The Keychain Access app does not offer any such functionality, and getting a key's data involves opening each in turn, and having to type in the keychain's password to see the password stored with the key, every time.
After a bit of digging, I found somebody's solution by using AppleScript and the Keychain Scripting app to access keychains (can't link to individual post; scroll down about two thirds to the end of the page):
http://discussions.apple.com/thread.jspa?threadID=1398759
Using Keychain scripting, you can access all data fields of all the keys – including the plaintext password! – and it's fairly easy to dump this data into a text file etc. I've tested it and it works well.
However, this solution still involves having to confirm access to each key by clicking OK on a dialog. This is much better than having to type in the keychain's password every time, but it's still irritating. Furthermore, you have to confirm access twice for each key; once for Script Editor (or the script itself if it's running as an app) and once for Keychain Scripting. So, if you're processing a keychain with 100 keys, you have to manually click OK on 200 dialogs.
I'm now looking for a solution to get around this. I realize that as it's the purpose of keychains to safeguard the sensitive data and prevent precisely the kind of thing I'm trying to do, any such solution would probably involve some kind of hack.
I'd be very interested in your ideas!
Allright, I'm stupid. There's a command-line tool called security that does just this (and lots of other actions on keychains).
An example usage:
security dump-keychain -d login.keychain
This will dump all the data in the login.keychain (the default keychain for a user) as plaintext, including the passwords. You still have to confirm access , but only once for each key, and it's much faster than (and doesn't throw weird errors when trying to access certain fields) using AppleScript. And it's no hack.
Without the -d option, it will dump all the fields except for the password.
The dumped data for a key looks like this (for an internet key; program keys and certificates have other fields, but the format is the same):
keychain: "/Users/<username>/Library/Keychains/login.keychain"
class: "inet"
attributes:
0x00000007 <blob>="tech.slashdot.org (<username for this web login>)"
0x00000008 <blob>=<NULL>
"acct"<blob>="<username for this web login>"
"atyp"<blob>="form"
"cdat"<timedate>=0x32303038303432333038323730355A00 "20080423082705Z\000"
"crtr"<uint32>=<NULL>
"cusi"<sint32>=<NULL>
"desc"<blob>="Kennwort des Web-Formulars"
"icmt"<blob>="default"
"invi"<sint32>=<NULL>
"mdat"<timedate>=0x32303038303432333038323730355A00 "20080423082705Z\000"
"nega"<sint32>=<NULL>
"path"<blob>=<NULL>
"port"<uint32>=0x00000000
"prot"<blob>=<NULL>
"ptcl"<uint32>="http"
"scrp"<sint32>=<NULL>
"sdmn"<blob>=<NULL>
"srvr"<blob>="tech.slashdot.org"
"type"<uint32>=<NULL>
data:
"<the plaintext password for this key>"
Please read this: https://gist.github.com/rmondello/b933231b1fcc83a7db0b
Ignore:-----
I found a sollution to the "Always Allow" dialog in each key!
Just run the previous command with sudo.
sudo security dump-keychain -d login.keychain
This way you'll only need to enter your password two times. One on the Terminal to sudo and another to unlock the keychain! ;)
Have a nice day!
Update, there is now a tool that does this nicely:
Keychaindump is a proof-of-concept tool for reading OS X keychain passwords as root. It hunts for unlocked keychain master keys located in the memory space of the securityd process, and uses them to decrypt keychain files.
Source: https://github.com/juuso/keychaindump
Actually I was just looking for the same:
Modified applescript from github somebody posted. To be run in ScriptEditor and must be allowed in Preferences & Security.
set keychainPassword to "yourpasswordgoeshere"
tell application "System Events"
repeat while exists (processes where name is "SecurityAgent")
tell process "SecurityAgent"
delay 0.1
try
set value of text field 1 of window 1 to keychainPassword
click button "Allow" of window 1
end try
end tell
end repeat
end tell
You must click each window separetly in order to activate them. For that I used tool "murgaa auto clicker" I had known from runescape many years ago (http://www.murgaa.com/auto-clicker-mac/ seems still active). You just set shortcut for autoclicking (eg. Command+R) and set timer to 10ms and it works like charm.
Keysafe
Keysafe reads and decrypts Apple Keychain files. Use Keysafe to securely access your passwords and credentials without a Mac.
I wrote a tool called Keysafe to extract the contents of Keychain files. The tool is available on Mac, Windows, and Linux.
Keysafe is not free; a licence is required to fully decrypt a Keychain. Without a licence the contents are still extracted but the decrypted values are partially redacted and secure notes are not post-processed into RTFD files.
If you have a Keychain that does not "just work" with Keysafe, please get in touch. The Keychain format is expansive and finding edge cases is always interesting.
I found solution for not clicking "Allow" multiple times
sudo su
security dump-keychain -d /Users/YourUsername/Library/Keychains/login.keychain

Resources