Popular apps on Google Play linked to old remote code execution bugs

"Vulnerabilities dating back to 2014 were linked to the latest versions of high-profile mobile applications, potentially unpatched." -- ZDNet

Found: remote code execution vulnerabilities dating back years in numerous popular applications. Some of these are common libraries utilized in countless applications. This means these vulnerable libraries will continue to leave countless applications vulnerable for years to come. First, each product utilizing the vulnerable library must update their code to make use of the patched library. Second, an update to the product with the new library must be made available. by the vendor. Third, people making use products which include a vulnerable library must update the product with the patch.

A company with proper security measures in place should already have tools in place to mitigate unknown exploits, tools in place to virtually patch the software, and tools in place which report on vulnerable installations allowing one to further harden against attacks as new attack vectors become public knowledge. Multi-layered security is a must.  -- Edwin Davidson

https://www.zdnet.com/article/popular-apps-on-google-play-linked-to-old-remote-code-execution-bugs/

Computer Magic - Fuzz (Official Video)

How to map a network drive using NEW-PSDRIVE in PowerShell and have the drive persist in Windows

#STORED CREDENTIAL CODE
#This code is by Edwin A Davidson
#This code is a fork of  Michael Lubinski's code
#located here: http://www.techrepublic.com/blog/data-center/powershell-code-to-store-user-credentials-encrypted-for-re-use/
###$AdminName = Read-Host "Enter your Admin AD username"
$AdminName = "username@domain.local"
$CredsFile = "$env:USERPROFILE\$AdminName-PowershellCreds.txt"
$FileExists = Test-Path $CredsFile
if  ($FileExists -eq $false) {
    Write-Host 'Credential file not found. Enter your password:' -ForegroundColor Red
    Read-Host -AsSecureString | ConvertFrom-SecureString | Out-File $CredsFile
    $password = get-content $CredsFile | convertto-securestring
    $Cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $AdminName,$password}
else
    {Write-Host 'Using your stored credential file' -ForegroundColor Green
    $password = get-content $CredsFile | convertto-securestring
    $Cred = new-object -typename System.Management.Automation.PSCredential -argumentlist $AdminName,$password}
sleep 2

Write-Host 'Connecting...'

echo $adminname
remove-psdrive -name bob > null
New-PSDrive -Name bob  -PSProvider FileSystem -Root \\192.168.224.31\d$ -Credential $Cred  
#even with -persist, this drive is gone once this PS1 completes, so...
#map the drive using the credentials we just used in NEW-PSDrive
net use b: /del
net use b: \\192.168.224.31\d$ /user:$AdminName
#END OF STORED CREDENTIAL CODE

Hello Moto

No one knows my moto like emailsupport@pedigreetrucks.com  knows my moto.

Why Microsoft Window gets in the way, why it sucks.

Example #1: I want to go home for the night so I right click CLOSE on the group of Notepads I have open, as well as paintbrush, etc. Windows just blinks the icon in the tray. Nothing else. WTF? How lame. I have to then go to each and every instance of Notepad and Paintbrush I have open and pull up the "SAVE?" option. But can I see what I am saying Yes or No to? Of course not, who in their right mind would want to be able to SEE what they are selecting to save or discard. I have to cancel out of every single one of them and then pull them up. This means that to close down I have to spend a lot of time saying YES I AM SURE I WANT TO CLOSE DOWN! If I have a lot of notepad and paintbrush scratch pads up, it can take 10 minutes just to close them all.

Example #2: Program blows up. Dr Watson fires off. Locks up the program for 10 minutes. Dr Watson locks up in doing dumprep, launches anothe Dr Watson and performs a dump prep of the first Dr. Watson. This goes on until the NIC become unresponsive and the PC drops off the network.

WTF? How can an OS be so lame? Switch to Mac software writers. Those of us in the enterprise are ready to ditch Windows XP, Vista, and 7 for OS X. We want your software to work on OS X. Just look at the Apple Stores!

Optimize Citrix Web Client for WAN caching

Ok, so this like really sucks because it's a catch 22. Citrix web client by default disables caching of everything except for 8MB of RAM cache.

The fix is to go into your default.ica files and add these lines;

[WFClient]
PersistentCacheEnabled=On
PersistentCacheMinBitmap=2048
PersistentCacheSize=64424508
PersistentCachePath=%appdata%
Compress=On
MaximumCompression=On
OutBufCountHost=118
OutBufCountClient=118
OutBufLength=512
OutBufCountHost2=118
OutBufCountClient2=118
MouseTimer=200
KeyboardTimer=50

[Application]
PersistentCacheEnabled=On
PersistentCacheMinBitmap=2048
PersistentCacheSize=64424508
MaximumCompression=On
PersistentCachePath=%appdata%
Compress=On



The problem is that persistentcachepath does not allow variables such as %userprofile% until the 11.2 client, and users do not have access to the default paths.



If you don't specify PersistentPathCache, then PersistentCache is disabled.  If you stick the cache in c:\temp and grant everyone full rights, it's a security issue.



The 11.2 client also removes PNAgent and program neighborhood. So it's a catch22. If you upgrade to 11.2, you can't connect to old farms.   If you don't upgrade then Webclient bitmap caching doesn't work right.



If you have bandwidth detection enabled, then the ICA settings will be different. In our setup, we have only low bandwidth users. The low bandwidth ica is not combined with default.ica. Only settings in the specific ICA are used, they are not merged.

Using IrfanView to make major image modifications.

This is posted mainly for my future reference, but it probably is helpful to others.

What I am doing is taking single page TIF Files of various sizes and DPI and creating a multi page PDF with proper formatting and aspect ratios. Below is the settings and code to do this using IrfranView. What I'm actually doing is much more complex than this, but this is enough of the code to figure it out without trial and error like I did. Ifranview has a lot more power than is documented.



The source files are single page TIF files of varying sizes at 200DPI. The destination is a PDF of same sized images which view and print nicely.

The INI file i_view32.ini has the following added to it to make these transitions;
[Batch]
AdvCrop=0
AdvCropX=0
AdvCropY=0
AdvCropW=0
AdvCropH=0
AdvCropC=0
AdvResize=0
AdvResizeOpt=0
AdvResizeW=966.00
AdvResizeH=1020.00
AdvResizeL=0.00
AdvResizeS=0.00
AdvResample=1
AdvResizePerc=0
AdvResizePercW=0
AdvResizePercH=0
AdvDPI=120
AdvResizeUnit=0
AdvResizeRatio=0
AdvNoEnlarge=0
AdvCanvas=1
AdvAddText=1
AdvUseBPP=0
AdvBPP=0
AdvUseFSDither=1
AdvAutoRGB=0
AdvHFlip=0
AdvVFlip=0
AdvRLeft=0
AdvRRight=0
AdvGray=0
AdvInvert=0
AdvSharpen=0
AdvGamma=0
AdvContrast=0
AdvBrightness=0
AdvSaturation=0
AdvColR=0
AdvColG=0
AdvColB=0
AdvSharpenVal=1
AdvGammaVal=0.00
AdvContrastVal=0
AdvBrightnessVal=0
AdvSaturationVal=0
AdvColRVal=0
AdvColGVal=0
AdvColBVal=0
AdvDelOrg=0
AdvOverwrite=1
AdvSubdirs=0
AdvSaveOldDate=0
AdvAllPages=1
AdvFineR=0
AdvFineRVal=0.00
AdvBlur=0
AdvBlurVal=1
AdvMedian=0
AdvMedianVal=3
AdvRbg=0
AdvBgr=0
AdvBrg=0
AdvGrb=0
AdvGbr=0
AdvAutoCrop=0
SaveExtension=tif
Work=0
RenamePattern=image###
UseAdvanced=1
OpenIndex=1
UseAdvanced=1
OpenIndex=1
[Effects]
UseResample=0
CanvB=1110
CanvW=1110
CanvColor=16777215
OilPaint=0
RotateDegrees=0
CanvL=0
CanvR=966
CanvT=0
[BatchText]
AddText=www.YourWebsite.com
TextCoord=830;1050;960;1100;
Corner=0
Orientation=2
TranspText=0
FontColor=0
TxtBgkr=16777215
FontParam=-13|0|0|0|400|0|0|0|0|3|2|1|34|
Font=Arial


The code below is VBScript for applications which makes this change.

This is a subsection of code.


for looper = 1 to cnt2
WriteInfo "mailfile:" & PDFFileName, TIFFilename
'Convert all the TIFs in the owerns folder to 120 DPI for printing to look right;
Shellto = "C:\Progra~1\IrfanView\i_view32.exe " + chr(34) + "c:\temp\stm\" & OWNERCLEAN & "\" & Cstr(looper) & ".tif" + chr(34) + " /advancedbatch /silent /dpi=(120,120) /crop=(0,0,966,1110) /append=" + chr(34) + "c:\temp\stm\" & OWNERCLEAN & "aaaa.tif" + chr(34) & " /convert"
WriteInfo "Shellto:" & Shellto
Set oShell = CreateObject("WScript.Shell")
rc = oShell.Run(ShellTo,4,false)
'need to add code to wait until shell is complete
set svc=getobject("winmgmts:root\cimv2")
sQuery="select * from win32_process where name='i_view32.exe'"
set cproc=svc.execquery(sQuery)
iniproc=cproc.count 'it can be more than 1
Do While iniproc <> 0

set svc=getobject("winmgmts:root\cimv2")
sQuery="select * from win32_process where name='i_view32.exe'"
set cproc=svc.execquery(sQuery)
iniproc=cproc.count
Loop
set cproc=nothing
set svc=nothing
next

'Take the TIF
'Shellto = "C:\Progra~1\IrfanView\i_view32.exe " + chr(34) + TIFFileName + chr(34) + " /silent /dpi=(120,120) /convert=" + chr(34) + PDFFileName + chr(34)
Shellto = "C:\Progra~1\IrfanView\i_view32.exe " + chr(34) + "c:\temp\stm\" & OWNERCLEAN & "aaaa.tif" + chr(34) + " /silent /dpi=(120,120) /convert=" + chr(34) + PDFFileName + chr(34) & " /convert"
WriteInfo "Shellto:" & Shellto
'Dim oShell
Set oShell = CreateObject("WScript.Shell")
rc = oShell.Run(ShellTo,4,false)
'need to add code to wait until shell is complete
set svc=getobject("winmgmts:root\cimv2")
sQuery="select * from win32_process where name='i_view32.exe'"
set cproc=svc.execquery(sQuery)
iniproc=cproc.count 'it can be more than 1
Do While iniproc <> 0

set svc=getobject("winmgmts:root\cimv2")
sQuery="select * from win32_process where name='i_view32.exe'"
set cproc=svc.execquery(sQuery)
iniproc=cproc.count
Loop
set cproc=nothing
set svc=nothing



Understanding it. The INI addes a white border to the right at bottom of the image. It is X and Y are the page width and lenght of the largest page. Think of it this way. If you get a TIF image which is 1x1 then this will add a border to make it a full page. If it's already a full page, you have a huge image. But that is ok at this point. I specify white for this border as this is a text image. This is the settings CanvR CanvW CanvH.

The INI also puts a watermark in an X Y position which in this case will be the lower right corner of the page. www.Yourwebsite.com.

i_view32.exe " + chr(34) + "c:\temp\stm\" & OWNERCLEAN & "\" & Cstr(looper) & ".tif" + chr(34) + " /advancedbatch /silent /dpi=(120,120) /crop=(0,0,966,1110) /append=" + chr(34) + "c:\temp\stm\" & OWNERCLEAN & "aaaa.tif" + chr(34) & " /convert"

So this says take a source TIF, run it through the advanced batch conversion settings explained above, do this silently if there is an error (don't stop), modify the print DPI to 120x120, then crop that result down to 966x1110 and append that to a multipage TIF. /convert at the end tells Irfanview to close after all of this is done.

C:\Progra~1\IrfanView\i_view32.exe " + chr(34) + TIFFileName + chr(34) + " /silent /dpi=(120,120) /convert=" + chr(34) + PDFFileName + chr(34)
Shellto = "C:\Progra~1\IrfanView\i_view32.exe " + chr(34) + "c:\temp\stm\" & OWNERCLEAN & "aaaa.tif" + chr(34) + " /silent /dpi=(120,120) /convert=" + chr(34) + PDFFileName + chr(34) & " /convert"

This takes the resulting multipage TIF file and converts it to a multipage PDF using the Alternatif PDF Pluging (You have to have the addon plugins.)

This is the result of several weeks of discovery. Many of these features of Irfanview seem poorly documented. Once you discover the true power of the program, it is an amazing piece of software.