Re: Win Explorer wants to connect to sa.windows.co

Author	All Replies
andy_c join:2001-01-31 Louisville, CO ·ViaTalk	reply to ClmsnTgrFan Re: Win Explorer wants to connect to sa.windows.co Thanks for that article reference. It covers what I was seeing with Media Player as well. This all came about when I started thinking about an issue that came up at work. I work for a company that makes a very expensive (5 figures) piece of software. It uses a third-party protection scheme which is known to have been defeated by crackers. Our code actually uses the IWebBrowser COM interface to Internet Explorer to connect to a web site, and upload and log IP address and registration key information in an attempt to identify known cracked license keys. Even people who have personal firewall software will usually still allow Internet Explorer full access, so this process will typically go undetected. I realized that this whole IWebBrowser interface issue represented what I consider to be a significant risk, if not to security, then at least to privacy. So I decided that connecting through Internet Explorer was something I didn't want my system to do at all. Getting back to these MS programs connecting without my consent, there's another thing that's still bugging me: I wasn't getting these messages when I allowed Proxomitron (and thus IE through HTTP) full access. So this says these programs are trying to connect in two different ways - first through the back door of IE (probably using the IWebBrowser interface), then using code within the program itself. This sure looks to me like "Try the least easily detected technique first, and if that doesn't work, try the more efficient but more easily detected approach of using code that's within the program itself". As a developer myself, I can't think of a good explanation for attempting a less efficient approach first, other than just being sneaky. Andy C [text was edited by author 2002-11-25 12:41:06]
andy_c join:2001-01-31 Louisville, CO ·ViaTalk	to forum · permalink · · 2002-11-25 12:40:06 ·
ClmsnTgrFan Thrifty, Not Cheap Premium join:2001-06-02 Crestview, FL clubs:	Glad the article was useful. Do you have any references for the IWebBrowser thing? I haven't heard of it before, but it sounds like a huge security hole. I did a few quick web searches, but found nothing that really explains it. Thanks.
	to forum · permalink · · 2002-11-25 13:12:55 ·
andy_c join:2001-01-31 Louisville, CO ·ViaTalk	Here's the MSDN info: http://msdn.microsoft.com/library/default.asp?url=/workshop/browser/prog_browser_node_entry.asp The method for sending data to a web server is the IWebBrowser2::Navigate() method described here: http://msdn.microsoft.com/workshop/browser/webbrowser/reference/IFaces/IWebBrowser2/Navigate.asp Notice the fourth argument, "PostData". That's the data to send to the server. Here's the description: "PostData [in] Pointer to data to send with the HTTP POST transaction. For example, the POST transaction is used to send data gathered by an HTML form." Andy C [text was edited by author 2002-11-25 13:46:57]
andy_c join:2001-01-31 Louisville, CO ·ViaTalk	to forum · permalink · · 2002-11-25 13:31:41 ·


Wednesday, 02-Dec 20:01:06	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF