'As a developer'에 해당되는 글 44건

  1. 2012.07.16 모니터 정보 얻기 - EDID
  2. 2012.05.07 Visual C++ Redistributable / vcredist_x86.exe 배포 - NSIS Script
  3. 2012.03.29 Reverse shell through DLL Injection using undocumented API function
  4. 2012.03.27 com 빌드 및 적용
  5. 2012.03.26 Installed Update Apps
  6. 2012.03.26 IDL
  7. 2012.03.06 ADO Windows7 SP1 호환성 문제 1
  8. 2011.11.03 Detours 빌드 참조
  9. 2011.10.17 WMI 샘플
  10. 2011.02.22 Binary배열 DB 저장 / 불러오기

모니터 정보 얻기 - EDID

Visual C++ Redistributable / vcredist_x86.exe 배포 - NSIS Script



NSIS Sample Script – Visual C++ 2008 Redistributable 9.0.30729.17


!define TIMEDOT "vcredist_x86.exe"
Function .onInstSuccess
  Call CheckVCRedist
   Pop $R0 
   StrCmp $R0 "-1" 0 +3
   MessageBox MB_OK|MB_ICONSTOP "프로그램 실행을 위해 Visual C++ 2008 Redistributable를 설치합니다."
   ExecWait "$INSTDIR\${TIMEDOT}"   
Function CheckVCRedist
   Push $R0
   ReadRegDword $R0 HKLM "SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}" "Version"
   ; if VS 2005+ redist SP1 not installed, install it
   IfErrors 0 VSRedistInstalled
   StrCpy $R0 "-1"
   Exch $R0


Reverse shell through DLL Injection using undocumented API function

com 빌드 및 적용

1. xxxx.idl 파일 제작

2. idl 파일 프로젝트에 추가 (별도의 프로젝트로 작성할 필요 없이 사용할 프로젝트에 idl 파일만 추가),

3. 빌드 후 생성되는 xxxx.h 파일 프로젝트에 추가, 사용할 파일에서 include

4. xxxx.idl 파일 - 속성 - MDIL - 일반 메뉴에서 MkTypLib 호환 "아니오" 로 수정 이거 안하면

오류 1 error MIDL2311 : statements outside library block are illegal in mktyplib compatability mode :

위와 같은 오류 발생

5. xxxx_i.c 파일에서 아래 정의를 사용할 파일에 정의

#define MIDL_DEFINE_GUID(type, name, .................)\

const type name = {...............}

MIDL_DEFINE_GUID(IID, ..................)


Installed Update Apps

Then to test or skip Updates for IInstalledApp (pApp like you named
it) =>
IInstalledAppsUpdate *pIAU;
BOOL bIsAppUpdate = FALSE;
hr = pApp->QueryInterface(IID_IInstalledAppsUpdate, (void**)&pIAU);
if (SUCCEEDED(hr))
auid.cbSize = sizeof(auid);
hr = pIAU->GetAppInfo(&auid);
if (SUCCEEDED(hr))
bIsAppUpdate = auid.lpwszProduct[0];

import "ocidl.idl";
import "objidl.idl";

typedef enum
IAU_UPDATE_NUMBER = 0x00000001,
IAU_UPDATE_PRODUCT = 0x00000002,
IAU_UPDATE_TYPE = 0x00000008

typedef struct _AppUpdateInfoData
unsigned long cbSize;
unsigned long dwMask;
LPWSTR lpwszNumber;
LPWSTR lpwszProduct;
LPWSTR lpwszProductDisplayName;
LPWSTR lpwszType;
int foo1;
int foo2;

helpstring("Installed Applications Update Interface")
interface IInstalledAppsUpdate : IUnknown
HRESULT GetAppInfo([in, out] APPUPDATEINFODATA *pauid);



ADO Windows7 SP1 호환성 문제

An ADO application does not run on down-level operating systems after you recompile it on a computer that is running Windows 7 SP 1 or Windows Server 2008 R2 SP 1 or that has KB983246 installed

Caution ADO and ADO MD have not been fully tested in a Microsoft .NET Framework environment. They may cause intermittent issues, especially in service-based applications or in multithreaded applications. The techniques that are discussed in this article should only be used as a temporary measure during migration to ADO.NET. You should only use these techniques after you have conducted complete testing to make sure that there are no compatibility issues. Any issues that are caused by using ADO or ADO MD in this manner are unsupported. For more information, see the following article in the Microsoft Knowledge Base:
840667   (http://support.microsoft.com/kb/840667/ ) You receive unexpected errors when using ADO and ADO MD in a .NET Framework application

On This Page

Consider the following scenario. On a computer that is running Windows 7 Service...

Consider the following scenario. On a computer that is running Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP 1 or that has KB9823246 installed, you recompile a Microsoft ActiveX Data Objects (ADO) application by using one of the following applications:
  • Microsoft Visual C++
  • Microsoft Visual Basic for Applications (VBA)
  • Microsoft Visual Basic 6
  • Microsoft .NET applications
In this scenario, you find that the application does not run on down-level operating systems. For example, it does not run on the release version of Windows 7, on Windows Vista, and on other earlier versions of Windows. Depending on your implementation, you also receive an error message that resembles one of the following. (You may receive other error messages.)

Error message 1
Error message 2
E_POINTER (0x80004003)
Error message 3
E_NOINTERFACE (0x80004002)
Error message 4
Unable to cast COM object of type 'System.__ComObject' to interface type 'ADODB.Connection'. This operation failed because the QueryInterface call on the COM component for the interface with IID '{00001550-0000-0010-8000-00AA006D2EA4}' failed due to the following error: No such interface supported (Exception from HRESULT: 0x80004002 (E_NOINTERFACE)).”
The following Visual C++ code segment replicates this issue.
#import " msado15.dll" no_namespace rename("EOF","EndOfFile")
int main()
  _ConnectionPtr pConnection = NULL;
     HRESULT hr = pConnection.CreateInstance(__uuidof(Connection)); //hr gets E_NOINTERFACE here
The following Visual Basic for Applications code segment replicates this issue.
Private Sub Form_Load()
 Dim Conn As New ADODB.Connection ‘Runtime error here: Class does not support Automation or does not support expected interface
End Sub
VBA Error:Run-time error '430': Class does not support Automation or does not support expected interface

Note Microsoft no longer supports the primary interop assembly for ADO and no longer supports Visual Basic 6. For more information about Visual Basic 6 supportability, visit the following MSDN webpage: For more information about the primary interop assembly for ADO supportability, click the following article number to view the article in the Microsoft Knowledge Base:
318559  (http://support.microsoft.com/kb/318559/ ) Using the primary interop assembly for ADO (ADODB) in Visual Studio .NET

This issue occurs because some ADO interfaces were changed in Windows 7 SP1 to b...

This issue occurs because some ADO interfaces were changed in Windows 7 SP1 to be associated with new instance identifiers (IIDs). The older IID interfaces were assigned the following suffix:
For example, the interface _Connection was updated as follows:
  • In Windows 7 and in earlier versions of Windows, the _Connection IID is 00000550-0000-0010-8000-00AA006D2EA4.
  • In Windows 7 SP1, the _Connection IID is 00001550-0000-0010-8000-00AA006D2EA4, and the IID for _Connection_Deprecated is 00000550-0000-0010-8000-00AA006D2EA4.
If your application uses early binding to _Connection, the new IID is stored in the application binary during compilation. This causes an error when the application runs on a down-level operating system because the IID does not exist.

Some ADO APIs are platform-dependent in ADO 2.7 and in later versions. On 64-bit versions of Windows, these ADO APIs process arguments by using a 64-bit data type (such as the LONGLONG data type). However, applications that use these APIs still use the LONG data type. Therefore, you receive a "Type Mismatch" error message when you try to run the macro.

To work around this issue, use one of the following methods. Method 1To work aro...

To work around this issue, use one of the following methods.

Method 1

To work around this issue for Visual C++ applications, for Visual Basic 6 applications, and for Microsoft .NET applications, follow these steps.

  • Method 2 does not apply VBA to applications. The compiled Access file (*.mde or *.accde) has to read the downloaded typelib (.tlb) file at runtime, and it is unlikely that the downloaded .tlb file will be present on end-user computers.
  • To download files, go to the "Downloads" subsection of this section.
  • Running the CMD prompt as an Administrator during the registration process for the type library may be necessary on the Windows 7 machines.

For 32-bit computers

  1. Download Msado60_Backcompat_i386.tlb to a local directory (e.g. C:\temp).
  2. Copy the downloaded file to a deployed directory. For example:
    C:\temp\Msado60_Backcompat_i386.tlb "%CommonProgramFiles%\System\ado\Msado60_Backcompat.tlb"
  3. Register the downloaded file on the system. For example:
    %windir%\Microsoft.NET\Framework\v4.0.30319\regtlibv12 "%CommonProgramFiles%\System\ado\msado60_Backcompat.tlb"

    Note Adjust the path for regtlbv12.exe if the .NET Framework 4.0 was not installed on the system.
  4. Verify that the following registry key was created:
  5. Verify that the following registry value is pointing to "%CommonProgramFiles%\System\ado\Msado60_Backcompat.tlb" (the path in the registry may be expanded into an absolute path):

For AMD 64 computers

  1. Download Msado60_Backcompat_i386.tlb to a local directory (e.g. C:\temp).
  2. Download Msado60_Backcompat_x64.tlb to a local directory (e.g. C:\temp).
  3. Copy the downloaded files to a deployed directory. For example:

    C:\Temp\Msado60_Backcompat_i386.tlb "%CommonProgramFiles(x86)%\System\ado\Msado60_Backcompat.tlb"
    C:\Temp\Msado60_Backcompat_x64.tlb "%CommonProgramFiles%\System\ado\msado60_Backcompat.tlb"
  4. Register the downloaded files on the system. For example:

    %windir%\Microsoft.NET\Framework\v4.0.30319\regtlibv12 "%CommonProgramFiles%\System\ado\Msado60_Backcompat.tlb"
    %windir%\Microsoft.NET\Framework\v4.0.30319\regtlibv12 "%CommonProgramFiles(x86)%\System\ado\Msado60_Backcompat.tlb"

    Note Adjust the path for regtlbv12.exe if the .NET Framework 4.0 was not installed on the system.
  5. Verify that the following registry key was created:
  6. Verify that the following registry value is pointing to "%CommonProgramFiles(x86)%\System\ado\msado60_Backcompat.tlb" (the path in the registry may be expanded into an absolute path):
  7. Verify that the following registry value is pointing to "%CommonProgramFiles%\System\ado\msado60_Backcompat.tlb" (the path in the registry may be expanded into an absolute path):

For IA64 computers

Use the same procedure as for AMD64 computers, but download Msado60_Backcompat_ia64.tlb instead of Msado60_Backcompat_x64.tlb.


  • Msado60_Backcompat_i386.tlb (http://download.microsoft.com/download/6/4/3/64318ED2-7E18-4A5C-80E2-9BDA0DF02DB3/msado60_Backcompat_i386.tlb)
  • Msado60_Backcompat_x64.tlb (http://download.microsoft.com/download/6/4/3/64318ED2-7E18-4A5C-80E2-9BDA0DF02DB3/msado60_Backcompat_x64.tlb)
  • Msado60_Backcompat_ia64.tlb (http://download.microsoft.com/download/6/4/3/64318ED2-7E18-4A5C-80E2-9BDA0DF02DB3/msado60_Backcompat_ia64.tlb)

For C++ developers

  1. Replace line 1 with line 2:
    1. #import "msado15.dll" no_namespace rename("EOF","EndOfFile")
    2. #import "msado60_Backcompat.tlb" no_namespace rename("EOF","EndOfFile")
  2. Recompile the application.

For Visual Basic 6 developers

  1. On the Project menu, click References.
  2. Click to clear the Microsoft ActiveX Data Objects * Library and Microsoft ActiveX Data Objects Recordset * Library entries.
  3. Click to select the Microsoft ActiveX Data Objects 6.0 BackCompat Library entry.
  4. Recompile the application.

Method 2

You can change your application so that it uses late binding. For example, you would call the ADO APIs through the IDispatch interface in C++.

Note This workaround does not apply to Visual Basic for Applications applications.

The following is a complete list of interfaces that have the old IID together wi...

The following is a complete list of interfaces that have the old IID together with the suffix "_Deprecated" that is added to the interface name:
  • Interface: ADORecordsetConstruction
  • Interface: ConnectionEventsVt
  • Interface: _Connection
  • Interface: Connection15
  • DispInterface: ConnectionEvents
  • Interface: _Command
  • Interface: Command25
  • Interface: Command15
  • Interface: Fields
  • Interface: Fields20
  • Interface: Fields15
  • Interface: Field
  • Interface: Field15
  • Interface: Field20
  • Interface: _Parameter
  • Interface: Parameters
  • Interface: _Record
  • Interface: _Recordset
  • Interface: Recordset21
  • Interface: Recordset20
  • Interface: Recordset15
  • DispInterface: RecordsetEvents
  • Interface: RecordsetEventsVt
  • Interface: _Stream
A better solution for the Windows 7 SP1 ADO GUID changes

Detours 빌드 참조

WMI 샘플

#define _WIN32_DCOM

#include <iostream>
using namespace std;

#include <comdef.h>
#include <Wbemidl.h>

#pragma comment(lib, "wbemuuid.lib")

class WMIQuery
   IWbemLocator* m_pLocator;
   IWbemServices* m_pServices;


   bool Initialize()
      // Obtain the initial locator to WMI
      HRESULT hr = ::CoCreateInstance(
         IID_IWbemLocator, (LPVOID *) &m_pLocator);

      if (FAILED(hr))
         cerr << "Failed to create IWbemLocator object. Err code = 0x" << hex << hr << endl;
         return false;

      // Connect to WMI through the IWbemLocator::ConnectServer method
      // Connect to the root\cimv2 namespace with the current user
      hr = m_pLocator->ConnectServer(
         _bstr_t(L"ROOT\\CIMV2"), // Object path of WMI namespace
         NULL,                    // User name. NULL = current user
         NULL,                    // User password. NULL = current
         0,                       // Locale. NULL indicates current
         NULL,                    // Security flags.
         0,                       // Authority (e.g. Kerberos)
         0,                       // Context object
         &m_pServices             // pointer to IWbemServices proxy

      if (FAILED(hr))
         cerr << "Could not connect. Error code = 0x" << hex << hr << endl;
         m_pLocator = NULL;
         return false;

      // Set security levels on the proxy
      hr = ::CoSetProxyBlanket(
         m_pServices,                 // Indicates the proxy to set
         RPC_C_AUTHN_WINNT,           // RPC_C_AUTHN_xxx
         RPC_C_AUTHZ_NONE,            // RPC_C_AUTHZ_xxx
         NULL,                        // Server principal name
         NULL,                        // client identity
         EOAC_NONE                    // proxy capabilities

      if (FAILED(hr))
         cerr << "Could not set proxy blanket. Error code = 0x" << hex << hr << endl;
         m_pServices = NULL;
         m_pLocator = NULL;
         return false;

      return true;

   IEnumWbemClassObject* Query(LPCTSTR strquery)
      IEnumWbemClassObject* pEnumerator = NULL;
      HRESULT hr = m_pServices->ExecQuery(

      if (FAILED(hr))
         cerr << "Query for operating system name failed. Error code = 0x" << hex << hr << endl;
         return NULL;

      return pEnumerator;

      if(m_pServices != NULL)
         m_pServices = NULL;

      if(m_pLocator != NULL)
         m_pLocator = NULL;

int _tmain(int argc, _TCHAR* argv[])
   HRESULT hres;

   // Initialize COM.
   hres =  ::CoInitializeEx(0, COINIT_MULTITHREADED);
   if (FAILED(hres))
      cout << "Failed to initialize COM library. Error code = 0x" << hex << hres << endl;
      return 1;

   // Set general COM security levels
   hres =  ::CoInitializeSecurity(
      -1,                          // COM authentication
      NULL,                        // Authentication services
      NULL,                        // Reserved
      RPC_C_AUTHN_LEVEL_DEFAULT,   // Default authentication
      RPC_C_IMP_LEVEL_IMPERSONATE, // Default Impersonation
      NULL,                        // Authentication info
      EOAC_NONE,                   // Additional capabilities
      NULL                         // Reserved

   if (FAILED(hres))
      cout << "Failed to initialize security. Error code = 0x" << hex << hres << endl;
      return 1;
      WMIQuery query;
         IEnumWbemClassObject* pEnumerator = query.Query(_T("SELECT * FROM Win32_SystemEnclosure"));

         if(pEnumerator != NULL)
            // Get the data from the query
            IWbemClassObject *pclsObj;
            ULONG uReturn = 0;

            while (pEnumerator)
               HRESULT hr = pEnumerator->Next(WBEM_INFINITE, 1, &pclsObj, &uReturn);

               if(0 == uReturn)

               VARIANT vtProp;

               hr = pclsObj->Get(L"Name", 0, &vtProp, 0, 0);
               wcout << "Name:    " << vtProp.bstrVal << endl;

               hr = pclsObj->Get(L"ChassisTypes", 0, &vtProp, 0, 0);
               wcout << "Chassis: ";
               SAFEARRAY* parrValues = NULL;

               if (vtProp.vt & VT_ARRAY)
                  if (VT_BYREF & vtProp.vt)
                     parrValues = *vtProp.pparray;
                     parrValues = vtProp.parray;

               if (parrValues != NULL)
                  SAFEARRAYBOUND arrayBounds[1];
                  arrayBounds[0].lLbound = 0;
                  arrayBounds[0].cElements = 0;

                  SafeArrayGetLBound(parrValues, 1, &arrayBounds[0].lLbound);
                  SafeArrayGetUBound(parrValues, 1, (long*)&arrayBounds[0].cElements);
                  arrayBounds[0].cElements -= arrayBounds[0].lLbound;
                  arrayBounds[0].cElements += 1;

                  if (arrayBounds[0].cElements > 0)
                     for (ULONG i = 0; i < arrayBounds[0].cElements; i++)
                        LONG lIndex = (LONG)i;
                        INT item;

                        HRESULT hr = ::SafeArrayGetElement(parrValues, &lIndex, &item);

                           LPCTSTR szType = NULL;
                           case 1: szType = _T("Other"); break;
                           case 2: szType = _T("Unknown"); break;
                           case 3: szType = _T("Desktop"); break;
                           case 4: szType = _T("Low Profile Desktop"); break;
                           case 5: szType = _T("Pizza Box"); break;
                           case 6: szType = _T("Mini Tower"); break;
                           case 7: szType = _T("Tower"); break;
                           case 8: szType = _T("Portable"); break;
                           case 9: szType = _T("Laptop"); break;
                           case 10:szType = _T("Notebook"); break;
                           case 11:szType = _T("Hand Held"); break;
                           case 12:szType = _T("Docking Station"); break;
                           case 13:szType = _T("All in One"); break;
                           case 14:szType = _T("Sub Notebook"); break;
                           case 15:szType = _T("Space-Saving"); break;
                           case 16:szType = _T("Lunch Box"); break;
                           case 17:szType = _T("Main System Chassis"); break;
                           case 18:szType = _T("Expansion Chassis"); break;
                           case 19:szType = _T("SubChassis"); break;
                           case 20:szType = _T("Bus Expansion Chassis"); break;
                           case 21:szType = _T("Peripheral Chassis"); break;
                           case 22:szType = _T("Storage Chassis"); break;
                           case 23:szType = _T("Rack Mount Chassis"); break;
                           case 24:szType = _T("Sealed-Case PC"); break;
                           wcout << szType;
                           if(i+1 < arrayBounds[0].cElements)
                              wcout << ", ";

                     wcout << endl;





   return 0;


Binary배열 DB 저장 / 불러오기


SAFEARRAYBOUND rgsabound[1];
rgsabound[0].lLbound = 0;
rgsabound[0].cElements = 8;
psa = SafeArrayCreate(VT_UI1, 1, rgsabound);

SafeArrayAccessData(psa, (void**)&pV);
for(int i = 0; i < rgsabound[0].cElements; i++)
pV[i] = pstData->m_btCamTable[i];

_variant_t v;
v.parray = psa;
v.vt = VT_ARRAY | VT_UI1;

adVarBinary, sizeof(pstData->m_btCamTable), adParamInput, v);



template <class T>
void GetRSMem(_variant_t x, T& ret)
int nLen = sizeof(ret);
_variant_t v = m_RS->Fields->Item[x]->Value;
BYTE* pArr = NULL;
SafeArrayAccessData(v.parray, (void**)&pArr);
memcpy(ret, pArr, nLen);

참조 : http://blog.naver.com/c9soft/120056226301

prev 1 2 3 4 5 next