Winsock LSP vs API hooking - windows

I need your advices what to use - Layered Service Provider or just load mine DLL in all
process and hook necessary functions using, NCodeHook or EasyHook library.
This is needed for inspection of HTTP traffic.
P.S. This need to be done for commercial application
Thanks!

Before making a decision you need to consider the following:
Code hooking:
AV doesn't like code hooking, if you're using a library that has external DLLs, run a check with AV total before committing to it.
Make sure the library's license works for you, for example, for LGPL you won't be able to embed the library as static without becoming GPL yourself.
I heard people managed to hook Metro apps, it's something to investigate.
If you have another code hooking app, it may conflict.
LSP:
The default MS sample/installer is broken.
You may get something working on a VM or fresh install, but to get LSP working properly across all OS and browsers, will take 6-12 months.
Will not work with Metro apps.
In Komodia we use a combo of LSP/WFP for our SDK, knowing what I know now, if I'd go back 4 years, I'd use LSP all over again.
Good luck.

Using Easyhook will be a nice way to do it check the following http://www.sghaida.com/easyhook-for-systemcall-hooking/

Related

Canonical approach to display mgmt in Windows: User32 or DXGI?

We publish an app for Windows 10, and part of what it does is display management; the kind of thing you normally go to Display Settings for. We add/remove displays from the desktop, arrange them, change size and orientation, etc.
Currently I'm using APIs from User32.dll for all of the above (ChangeDisplaySettingsEx, EnumDisplayDevices, DEVMODE, DISPLAY_DEVICE, etc).
Recently I was looking over a display management .NET library project on GitHub. I particularly noticed that the author(s) were using a lot of Direct3D/DXGI APIs. I've worked in Windows for decades, but I never had occasion to use Direct3D at all.
Much of the information and reference material I consulted before writing the User32-based code has been around since the early days of Windows. My current version works fine, but I'd like to feel confident that I'm not using an outdated or inferior approach.
If the standard Display Settings app in Windows 10 were written today, would the display-management functionality be done with Direct3D/DXGI API calls, or is User32 still considered the canonical approach?

NativeScript limitations

I´m evaluating differents mobile frameworks, and I think that nativescript is a good option. But I don't know if exists limitations on the development process. For example I had limitations on the styling (and that's not so important), but I want to know if in the future I can have a limitation and can´t use some native feature or external library.
Thanks!
I have been using NativeScript since v0.90. I have written multiple apps and over 40 plugins for NativeScript, so I am very familiar with the ins and outs of the platforms.
This post is features as of v6.50.
I can think of only a couple limitations;
Tooling sometimes leaves a lot to be desired, however using the IDE's supported make this better than the Native CLI in a lot of cases.
Sometimes errors aren't always propagated back from the app to the screen/ide -- so you have to do things like "adb logcat" to see the full error log to see the error that got filtered out by the CLI.
Native Services (i.e. background services) --- This is much better written as native code. The NS runtimes take memory while running; so a service you typically want as small of a memory footprint as possible -- I would not use anything but Java/ObjC for a background service.
OpenGL on android needs to run in a separate thread, NS by default switches you back to the main thread when returning from any native calls; this basically kills direct NS opengl calls. However, it is actually better to create any OpenGL stuff in Java or Kotlin anyways; and then have NS call into your native code that handles all the rendering, so this is more of a minor annoyance.
Beyond that I can't think of any "real" limitations; you have full access to the native platform and can actually style any control as long as you know how to do it via native calls; if for some reason the control doesn't support the normal css styling. I & others have used many Android and iOS libraries in our apps. You can easily reuse native android/ios components you have full access to anything out there that is available to a native iOS or Android app.
You can look at https://plugins.nativescript.rocks for a list of all the plugins in the NativeScript community.
I have been developing with Nativescript for some time now, and while finished product (application) is more than decent, the process of development is really painful. The primary reason for that are frequent bugs in Nativescript platform itself, and it's official plugin for VSCode.
I am currently working on Nativescript 2.0.0 and have been trying to update to newer versions since they came out, but there were always some errors, ether with Node, or with Gradle for Android, and that is just one of many problem examples I face with the platform. I wish they improve it in the near future.
For now native apis are fully accessible from JS but if you want you can do some library in native languages and call them from JS code too, about external libraries it depends if you mean native libraries or JS ones, but there quite many options/plugins done in JS code using some native libraries but in case not as JS plugin you can do it yourself with native libraries
Community support is low compared to other frameworks available in the market. This should improve as people adopt the framework. I see that as a limitation for now.
And Yes, Debugging is indeed a limitation.
Nativescript is the best cross-platform solution in my opinion, but like the others stated there can be limitations. Besides background services, accessing the hardware CAN be a bit tricky. I have been using it to work with BLE devices though, and once you understand how to interact with native APIs, it isn't so bad.
I've written one NS app (core).
Some of the cons are:
performance - loading and also run-time. I'm replacing an Android native app with a NS app (because it's cross platform) and few customers have complained that the new app is slower and jerky...I agree.
bugs in NS core. I think that they've spreading themselves too thin. They need to get their core product stable and improve it (i.e. make it faster).
plug-ins varying quality with minimal support. Here NS could curate a few important plug-ins and make people pay for it.
Yes it's free - but that's not a huge issue for me - I'd prefer to pay for a more polished product.
At the end of the day - the product works - have my app in the app-store and look forward to future improvements.

Azure running native win32 code?

From this post i see we can run un-managed code in azure.
Running Native Code
My question is do we have access to all Win32 API's in azure, or are there any limitations. In general are there any limitations (which some of you may have come across) in running un-managed code in azure.
Thanks
Nakago...
Most Win32 APIs will work fine. But please note Windows Azure is a service environment, so in general it doesn’t make sense to call APIs like CreateWindowsEx.
In addition, by default, only core OS components are installed. Please install libraries like ATL yourself, if you wish to use them (via startup task or custom VM image). Please also manually enable Desktop Experience to use certain OS features. From my experience, I’ve tried to use Direct2D (to process images, but not render them) and Media Foundation, it doesn't encounter any issues.
Best Regards,
Ming Xu.

How to hide the code of firefox extension

I made an IE toolbar by BHO with C#. And now I want to make a firefox version.
I planned to use xul but it will show the source code to the user.
Seems DLL is not a good way in firefox.
I tried some toolbar like yahoo, google which will not create files in extension folder.
How can I make something like that?
(please see my note about obfuscation below)
It might not be the optimal way to develop a Firefox extension, but you can absolutely build them using an external DLL.
Before Gecko 2.0 you had to use the rather esoteric Mozilla build toolchain to include compiled code in your extensions.
js-ctypes to the rescue:
https://developer.mozilla.org/en/js-ctypes/Using_js-ctypes
https://developer.mozilla.org/en/js-ctypes/js-ctypes_reference
js-ctypes makes very easy work of loading external DLLs and binding their APIs to JavaScript functions.
You'll need to compile a few different versions of your DLL, and have your JavaScript correctly detect the platform and load the appropriate DLL, but it basically works the same for all platforms once you're back in JavaScript land.
ctypes.libraryName helps you determine the extension the DLL has on the current platform (e.g: .dll for windows, .so for Unix).
You can use other information (e.g: navigator.userAgent) to more concretely determine which sub-platform (e.g: Windows 7 64bit, or Vista 32bit).
Update:
There are a whole bunch of good reasons to included compiled DLLs in your extensions/applications (e.g: speed, special capabilities, 3rd party libraries), but if your sole purpose is obfuscation (hiding source code), then...
I wouldn't worry about it were I you. Technological means of anti-piracy won't get you very far in this modern world - if your software is good enough to get attention, someone will crack it.
I'd simply forget about it, and spend a little money on lawyers instead. (Copyright: yay! Patents: nay!)

Fastest/easiest way to build a WebKit based Windows application?

I am a web developer. I don't know how to build native Windows applications. I recently built a Mac desktop application (using MacRuby) which is a WebKit wrapper around one of my web applications. I'd like to do the same thing for Windows (preferably in Ruby, but whatever is easiest).
Since this is not the core of the application, I'd rather not spend a lot of time trying to build and maintain it. I just need a Windows application that can:
Open a specific website on application launch using an embedded WebKit WebView
Trigger Growl notifications via JavaScript (with some sort of named bridge)
What is the easiest, fastest, cleanest way to do this?
Update: So far I've come across some frameworks like Qt and Awesomium. I don't know how these frameworks compare to other options available, so if you have any opinions or advice, I would appreciate it.
Check out http://appjs.org/ it's built with NodeJS at its core! And it uses chromium webkit at it's core :D
Well, this is a very old question, but if you are still interested...
I'd recommend Qt. There are some very good books available with a lot of boilerplate code and wizard-type tools. You will be able to find example code demonstrating the embedded Webkit that you can modify to suit your needs. It is free and redistribution is free (last I knew). You won't have to know anything about native Windows development, nor even use any native Windows dev tools.
Good luck!

Resources