Tag: windows

Security

Delete shared folders from terminal

> Run a command line instance with administrative privileges > Execute the following command to list all non-hidden shared folders: net sharenet share > Execute the following command to delete a shared folder: net share shared_folder_name /deletenet share shared_folder_name /delete How to delete all default hidden shared folders: https://gist.github.com/maldevel/4f550f85d2ec147bf49e @echo off   net share /delete …

Forensics, Malware Analysis

Scan running processes for unsigned dlls

> Download Sysinternals Suite. > Run command line tool(cmd) with administrative privileges. > To scan all running processes for using unverified DLLs, execute: x:\path\to\sysinternals_suite\listdlls.exe -ux:\path\to\sysinternals_suite\listdlls.exe -u -u Only list unsigned DLLs. > To scan a specific process for using unverified DLLs, execute: x:\path\to\sysinternals_suite\listdlls.exe -u process_namex:\path\to\sysinternals_suite\listdlls.exe -u process_name or x:\path\to\sysinternals_suite\listdlls.exe -u process_idx:\path\to\sysinternals_suite\listdlls.exe -u process_id > To …

C

How to get the UTC offset in C

#include <stdio.h> #include <stdlib.h> #include <time.h>   int GetUTC(){ time_t now = time(NULL); struct tm *lcl = localtime(&now); time_t local = mktime( lcl ); struct tm *gmt = gmtime(&now); time_t utc = mktime( gmt ); return (int)(difftime(local, utc) / 3600); }   int main(void) { printf("UTC offset: %d\n", GetUTC()); return EXIT_SUCCESS; }#include <stdio.h> #include <stdlib.h> …

C

Get installed firewall in C

You will need to include the libraries ole32.lib, oleaut32.lib and wbemuuid.lib into your project. The following code can be compiled in Code::Blocks and Eclipse, no need for Visual Studio. Includes and Definitions: #include <stdio.h> #include <stdlib.h> #include <windows.h> #include <stdbool.h> #include <wbemidl.h>   #define WIN_VISTA 0x0600   CLSID CLSID_WbemLocator2 = {0x4590F811, 0x1D3A, 0x11D0, {0x89, 0x1F, …

C

Get installed antivirus in C

You will need to include the libraries ole32.lib, oleaut32.lib and wbemuuid.lib into your project. The following code can be compiled in Code::Blocks and Eclipse, no need for Visual Studio. Includes and Definitions: #include <stdio.h> #include <stdlib.h> #include <windows.h> #include <stdbool.h> #include <wbemidl.h>   #define WIN_VISTA 0x0600   CLSID CLSID_WbemLocator2 = {0x4590F811, 0x1D3A, 0x11D0, {0x89, 0x1F, …

C

Getting information from WMI in C

You will need to include the libraries ole32.lib, oleaut32.lib and wbemuuid.lib into your project. The following code can be compiled in Code::Blocks and Eclipse, no need for Visual Studio. Includes and Definitions: #include <stdio.h> #include <stdlib.h> #include <windows.h> #include <stdbool.h> #include <wbemidl.h>   #define WIN_VISTA 0x0600   CLSID CLSID_WbemLocator2 = {0x4590F811, 0x1D3A, 0x11D0, {0x89, 0x1F, …

C

How to get total amount of RAM in C

GlobalMemoryStatusEx – retrieves information about the system’s current usage of both physical and virtual memory. MEMORYSTATUSEX – contains information about the current state of both physical and virtual memory, including extended memory. #include <stdio.h> #include <stdlib.h> #include <windows.h> #include <math.h>   int GetTotalRamInGB(){ MEMORYSTATUSEX mstatusex; mstatusex.dwLength = sizeof (mstatusex); GlobalMemoryStatusEx (&mstatusex); return floor(mstatusex.ullTotalPhys/1024.0/1024.0/1024.0 + 0.5); …