Overclockers Australia Forums

OCAU News - Wiki - QuickLinks - Pix - Sponsors  

Go Back   Overclockers Australia Forums > Specific Hardware Topics > Business & Enterprise Computing

Notices


Sign up for a free OCAU account and this ad will go away!
Search our forums with Google:
Reply
 
Thread Tools
Old Today, 11:53 AM   #24001
person
Member
 
person's Avatar
 
Join Date: Mar 2003
Location: Brisbane
Posts: 280
Default

Quote:
Originally Posted by elvis View Post
This. We just got a CommBank security token that requires a USB stick to be inserted, and "securitything.exe" to be run from it. You'd think CommBank OF ALL FUCKING COMPANIES would get why a business doesn't want our users running .exe's from untrusted media? But no.

Another day in paradise.
Yep same here - luckily that Commbank "NetLock.exe" is at least static and signed, so i was able to whitelist it based on a combination of Name + digital signature AND hash value....

Still feels really dodgy though - it just launches an outdated version of portable firefox
person is offline   Reply With Quote

Join OCAU to remove this ad!
Old Today, 12:03 PM   #24002
looktall
Working Class Hero
 
looktall's Avatar
 
Join Date: Sep 2001
Location: brabham.wa.au
Posts: 22,803
Default

Quote:
Originally Posted by itsmydamnation View Post
Did I miss something? what happened to [redacted] ?
he has asked for all of his posts to be removed from the forums and his account removed.


Quote:
Originally Posted by PabloEscobar View Post
Bartender
the app from seagull?

never used it but we get copies of it with the label printers we buy.
looktall is online now   Reply With Quote
Old Today, 12:07 PM   #24003
freaky_beeky
Member
 
freaky_beeky's Avatar
 
Join Date: Dec 2004
Location: Brisbane
Posts: 903
Default

Quote:
Originally Posted by PabloEscobar View Post
ShittyApp.exe

-> Extracting ShittyApp.msi.

Great, grab ShittyApp.msi from %temp% and run it.

ShittyApp.msi
-> This program must be installed by ShittyApp.exe


/RageFace

If you open the MSI in Orca (or your preferred MSI authoring software), you should be able to find the value in the PROPERTIES table that says "launched from exe". You could then call the msi with EXE_PROPERTY=VALUE to make it think it was launched from the exe anyway. If it's more than just the property you could generate an MST to configure the property and the remaining components...
__________________
i own a pc
freaky_beeky is offline   Reply With Quote
Old Today, 12:16 PM   #24004
Luke212
Member
 
Join Date: Feb 2003
Location: Sydney
Posts: 8,863
Default

not just banks. telstra have shitty apps too

shitapp.exe encasing sftp transfer, requires manual 20 step setup process over the phone to get going

its like some cowboy/uni grad in telstra got their hands on visual studio and somehow this made it in to critical production services...
__________________
Democracy's greatest trick was convincing man he was informed.

Last edited by Luke212; Today at 12:20 PM.
Luke212 is offline   Reply With Quote
Old Today, 12:17 PM   #24005
PabloEscobar
Member
 
Join Date: Jan 2008
Posts: 9,117
Default

Quote:
Originally Posted by freaky_beeky View Post
If you open the MSI in Orca (or your preferred MSI authoring software), you should be able to find the value in the PROPERTIES table that says "launched from exe". You could then call the msi with EXE_PROPERTY=VALUE to make it think it was launched from the exe anyway. If it's more than just the property you could generate an MST to configure the property and the remaining components...
Yeah, It's a dead end anyway because of the "security" model the new software uses.

Hopefully AppVolumes will deal with it when we move.
PabloEscobar is online now   Reply With Quote
Old Today, 12:28 PM   #24006
looktall
Working Class Hero
 
looktall's Avatar
 
Join Date: Sep 2001
Location: brabham.wa.au
Posts: 22,803
Default

Quote:
Originally Posted by PabloEscobar View Post
Yeah, It's a dead end anyway because of the "security" model the new software uses.
looks like you can just deploy it using the exe file anyway.
https://www.seagullscientific.com/me...all-201511.pdf
looktall is online now   Reply With Quote
Old Today, 12:34 PM   #24007
EvilGenius
Member
 
EvilGenius's Avatar
 
Join Date: Apr 2005
Location: _Rocky Status:_Folding!
Posts: 8,925
Default

Where I work we have a central office that has the majority of the staff, and then there's 4 of us that work as site support in remote regions. Currently everyone from the main office is off to an 'important meeting'. Where they're actually going is a 'teambuilding' bbq and scenic walk.

I'm not really annoyed that we aren't included in this sort of thing, it'd be ridiculously expensive and inconvenient to arrange for us to all attend, flights + wasted time in general. What annoys me is them trying to hide it, like somehow we can't handle the truth of them going on an activity that we can't participate in. Although there is the fact that they have this sort of shindig every few months and have never once offered us other guys anything as a 'sorry you miss out'. Just continue trying to hide it from us.

__________________
i7-4820k @ 4.6 | X79-Deluxe | 64GB GsKill Ares PC-14900 | EVGA GTX 970 | Corsair HX-850 | CM690II
Once more unto the breach dear friends, once more
Cry fold for Team24, OCAU and all the world!
Wanted - N64 console - decent controller/s
EvilGenius is online now   Reply With Quote
Old Today, 1:33 PM   #24008
millsy_c
Member
 
millsy_c's Avatar
 
Join Date: Mar 2007
Location: Brisbane
Posts: 10,886
Default

Quote:
Originally Posted by PabloEscobar View Post
Bartender

The app itself isn't actually that bad, but the install process is balls.

why the fuck does a userland printing app need to create a local user.
What the fuckkkk, is it at least unprivileged?

Quote:
Originally Posted by Luke212 View Post
not just banks. telstra have shitty apps too

shitapp.exe encasing sftp transfer, requires manual 20 step setup process over the phone to get going

its like some cowboy/uni grad in telstra got their hands on visual studio and somehow this made it in to critical production services...
I mean that's probably exactly what happened
__________________
Quote:
Originally Posted by Luke212 View Post
You are talking like an expert beginner. Talk less and listen more.
Quote:
Originally Posted by Mitch01 View Post
Missing the point as usual.
millsy_c is online now   Reply With Quote
Old Today, 1:41 PM   #24009
PabloEscobar
Member
 
Join Date: Jan 2008
Posts: 9,117
Default

Quote:
Originally Posted by looktall View Post
looks like you can just deploy it using the exe file anyway.
https://www.seagullscientific.com/me...all-201511.pdf
It's not for deployment, Thinapp works by comparing a pre and post install snapshot, and making a sandbox that contains the changes... Its much less of a clusterfuck cleaning it out if I don't have to go and undo all the files shittyapp.exe writes, just so shittyapp.msi can do the software install.



Quote:
Originally Posted by millsy_c View Post
What the fuckkkk, is it at least unprivileged?
I'm not sure. It does bundle and "elevateaccess.exe" into the user profile though, so I'd imagine this is their creative way of getting around UAC and administrator privs... because fuck writing software properly.

Quote:
Originally Posted by millsy_c View Post
I mean that's probably exactly what happened
Someone probably thought they could do it better, because they read somewhere that thats how facebook and google were doing... and then they ended up with a fucked process using SFTP and 18 other steps,on whiteboxes, connected by 10G Wifi Token Ring
PabloEscobar is online now   Reply With Quote
Reply

Bookmarks

Sign up for a free OCAU account and this ad will go away!

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +10. The time now is 1:45 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
OCAU is not responsible for the content of individual messages posted by others.
Other content copyright Overclockers Australia.
OCAU is hosted by Micron21!