I'm currently working on laptops that go in Police Cars. They run an app called IMobile which is an extension of our CAD system, and allows them to do vehicle lookups, get more info on a call, etc.
The IMobile app is basically an IE overlay and it uses htm files that are on the local laptop. We've added in some simple VBScripts that do various tasks. Some common functions that are required for these tasks are in a VBscript called PoliceFunctions.vbs which is included in the same directory as all the other scripts. This method worked fine in previous versions of IE and Windows, however we're getting scripting errors in Windows 7 with IE8, specifically, 'ActiveX component can't create object: "Scripting.FileSystemObject"' and it references the functions script mentioned above.
If I set IE's settings to allow it to run ActiveX controls not marked as safe, the script runs fine, however I don't want do open a large security hole. I've tried adding localhost and the directory to the Trusted Sites list with no effect. I've tried re-registering SCRRUN.dll as mentioned in another post as well as wscript -regserver. And I've changed IE's settings to allow local Active Content with no success.
Anyone have any other ideas of how I can allow this script to run without opening a large security hole or having it nag the end user that his IE settings are going to bring about the apocolypse?
The explanation is long but explains how IE uses security zones to make trust decisions.
The URLAction of interest in this case is:
1201 Initialize and script ActiveX controls not marked as safe(URLACTION_ACTIVEX_OVERRIDE_OBJECT_SAFETY)
The default setting for this URLAction in the Local Machine zone is Prompt, and in all other zones it is Disable. Only if you change that setting to Enable will you bypass the prompt. You cannot use the Internet Control Panel to adjust the security settings for the Local Machine zone because only the other four zones are shown in this UI. To change the setting for the Local Machine zone, you can edit the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0
Change the value for entry 1201 from 1 to 0
Write an ActiveX, implement IObejctSafety and wrap FSO methods in it. Note this is lying about the ActiveX's scripting safety but it is better than open to every unsafe ActiveX.
As the app "uses htm files that are on the local laptop" you could try to switch to a .hta application. For a quick test, just rename the *.html to .hta; if it 'works' add a suitable hta:application tag. To start
Related
We're launching our new company intranet soon and to ensure that everyone uses it (or at least see's it), we'd like to create an automated procedure for changing the default browser's (IE11, FF, Chrome) homepage to the new URL for the intranet. We'd also like to make the browser load on computer startup.
Is there a way to do this via a batch or VB script, executable or GPO?
I had a feeling that GPO's would be the easiest way to enforce the home/start page change.
One small problem though - not all of our offices are running Server 2012 or above and some aren't even running a DC. Those few only have 3-4 staff and are just running standalone desktops.
So I was hoping to create a compressed package for them to download with a few shortcuts (.lnk), registry fixes, VB scripts and the like all to run from a single batch file.
I have the shortcut, the icon, a registry tweak for IE, a batch script for FF and I was going to create a batch file to automate the procedure. But I'm missing a start page modifier for Chrome.
And maybe there's a better way to do all of it... because the batch file will need to be run with administrative privileges.
I'd like to make it as seamless and easy as possible for those staff that are not very computer literate.
Also - one of our offices uses Macs... Is there a Mac equivalent to this? They mostly use Safari or Chrome.
When I access C:\Users\shan\AppData\Local\Microsoft\Windows\INetCache using Windows explorer, it shows following folder structure:
But when I access the same using IE11 browser, Tools->Internet Options->General->Browsing history-> Settings(click)->View files(click), I get different folder structure as follows:
Why folder structure differing in above 2 cases, even though both are referring to the same physical location on Windows 8.1, IE11 Browser ?
I need to write a script which clears this INetCache folder contents(Cache). But not able to get the exact content of this folder. Because it always refers to Folder which contains Low(folder), Virtualized(folder) and counters.dat(file). In my script I want to refer the folder which contains favicon.ico files.
The same behavior is observed on IE10-win7 and IE11-win7 as well, while referencing Temporary Internet Files.
There is an internal api in the IE libraries that controls clearing of the 'Internet Cache'....
there are two... one for 'normal' integrity processes (64 bit tab processes and ActiveX (flash)), another for low integrity processes (32 bit tab processes and ActiveX (flash))
Use GPO (Start>Run>gpedit.msc) to configure user profiles on a domain network to empty the TIF(s) on exit from the browser.
For computers on a public access network (library workstations), you can default to inPrivate Mode from a desktop or Taskbar link
iexplore.exe -private
which does not retain any personally identifiable data of the user in history, or cookies or flash cookies.....
questions about GPO management of IE should be posted to the TechNet support forum for IE.
https://social.technet.microsoft.com/Forums/ie/en-US/home?forum=ieitprocurrentver
I have a lot of different servers that I connect to. Each time I connect to a new machine I go through the several mouse clicks to setup basic options for cmd.exe, such as QuickEdit mode and expanding the screen display and buffers. This article describes what I do pretty well (with my own settings, of course): http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/commandpromptoptions.mspx?mfr=true
This is annoying. I would like to run a quick configureCmd.cmd script upon login that will update all of these settings automatically such that when I open the cmd.exe it is already configured without any additional work on my part. Running the script on login is easy, but I do not know where these settings are stored. I figured the Registry, but my experiments do not show any difference in HKLM | HKCU \Software\Microsoft\Command Processor.
Console Windows are not part of the command processor, so it follows that their settings are separate. Take a look at
HKEY_CURRENT_USER\Console.
I'm looking for a "right-click upload" application like RightLoad - an application that can upload media files to a remote FTP server from the Windows Explorer's context menu. I want to customize the application to serve as a customized image uploading tool to a PHP-based CMS.
The user would upload images and other media files to a defined FTP account (I'm also very open for other methods of transport, as long as they are supported by run-off-the-mill web hosting stacks) that they could then use in the CMS they log in to.
For me to be able to do these customizations, the application would have to be Open Source - RightLoad is "only" Freeware. Alternatively, I'm open for closed-source and commercial suggestions as long as they allow "pre-packaged" server settings that can easily be deployed to the user.
Does anybody know such a tool compatible with at least the most current versions of Windows (XP, Vista, 7)?
Bounty
Thanks all for the great input. In the case at hand, I decided it's easiest for me to stick with RightLoad and create a workflow in which the URL presented by RightLoad after the upload is copy+pasted into the CMS. I am putting a bounty on this because I think it's a worthy question for future generations, and I want to be the first one to put up a 500 bounty under the new bounty system :)
You could just use the send to menu using window's My network Places like this http://techie-buzz.com/how-to/right-click-and-send-to-ftp.html
I think WinSCP might have everything you want:
Open Source under GNU GPL
Windows Explorer's 'Send To' Context Menu
Drag 'n Drop Shell Extension
lots of additional features
and it can be scripted and is more secure than FTP due to using SSH
If you insist on open source, why not create a custom context menu handler and send it using some open source FTP client?
I would have to check the details, if it's really viable, but I would start with it.
I just had an idea, tested and working:
use regedit to edit HKEY_CLASSES_ROOT/*/Shell
add a key in shell called FTP to Mysite, in the default value set it to FTP to Mysite.
then add a key to the FTP key you just created called command, in the command default value use:
C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mysite.com?file=%1
what this will do is open IE and the address www.mysite.com?file=C:\path\to\file.jpg
now using $_GET you can get the file address, upload it via php to where ever, even add an interface...
now when the user right clicks on any file, they can upload it via your web site by clicking FTP
1) another software is RightLoad , i use it that this moment!
2) The nice software I used over years, was FLING. It adds Right Click menu in windows explorer... However, I have left the software, because till today (version 2.35) fling DOESNT support SFTP (And nowadays on all sites I use SFTP!!)
3) I DONT like SEND-TO menu! (because I think passwords saved in WINDOWS can be easily stolen by virus..)
Last few days i have been working on building an application to hide folders(thanks to the paid versions of such softwares). After a heavy googling I zeroed into some shell script that would first create a folder and then rename the folder to "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}". It would then hide this folder by using the command attrib -s -h Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}. The funda behind this is to make it a system folder and hide it. But if you would uncheck the Hide sytem folders in Folder option the control panel becomes visible. I would like to make this folder completely invisible as how the other folder protecting softwares do.
Can somebody throw some more light on this?
Thanks a ton...
Most folder hiding software works by implementing either an extension for Windows Explorer or a file system filter driver.
The first method means that certain items will not be visible when browsing folders in Windows via the UI, but will still be visible to other software and via the command prompt. For example, the Recycle Bin and Temporary Internet Files folders work this way.
The file system filter driver method proxies calls between Windows and the underlying file system and only allows certain requests through. This is similar to how virus scanners prevent access to infected files.
The general idea is that you hook the file system API's and filter out the file system entries you want to hide.
But JelloMonkey is right - this is rootkit behavior and you will get flagged as malicious by rootkit detectors for this kind of behavior. That's likely to get your entire directory quarantined or deleted.