

Kas Ob.
Members-
Content Count
521 -
Joined
-
Last visited
-
Days Won
9
Kas Ob. last won the day on April 13
Kas Ob. had the most liked content!
Community Reputation
138 ExcellentAbout Kas Ob.
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
The picture still not clear for me, If i understand it right, then you have a server running IIS and you installed software (SDK) from Global Payment, right ? If the answer is yes then it has nothing to do with Global Payment, the TCP connection is blocked between me (not only me many others) and your server, it is on your Windows and the host that is hosting your IIS, Also you said cloud, what you mean by cloud is it VPS or dedicated, what is the host company ? this one who you need their support to diagnose the blocked connections. I am confirming again the connections are not established, so not TCP handshake, nothing, it has nothing to do with software that is running on IIS, It can be IIS failure or a filter but this is very unlikely, or a firewall, that firewall can either be on your Windows (your server) or running by the host company of your server.
-
I tried these links and nothing is no one answer the connection timed out. Using WireShark also showed the connection didn't establish and no answer or anything came back, acted like black hole. Using SSLabs.com as you did shows result and successful server response, using two other similar services also shows online server. The problem is not in your IIS at all, it is fine and responding, but when it get connections, there is firewall or monitoring service blocking IP(s), in case my ISP is blocked, find out what is monitoring/protecting your server traffic and reconfigure it, it could be missed/updated configuration on the host part, or simply you did select wrong or tight security template or something there. In short that is not IIS problem at all, and most likely your host security software/hardware, test with disabled Windows Firewall to make sure, beyond that it is not IIS or Windows problem.
-
Absolute directive with record and array
Kas Ob. replied to DelphiUdIT's topic in Algorithms, Data Structures and Class Design
Here a faster suggestion procedure FooBar(const X1, Y1, X2, Y2: Single); var Y1bin: Cardinal absolute Y1; Y2bin: Cardinal absolute Y2; begin // Check if both Y1 and Y2 are zero using a single bitwise operation if (Y1bin or Y2bin) shl 1 = 0 then Exit; ... end; Or using AND instead of bit shifting procedure FooBar(const X1, Y1, X2, Y2: Single); var Y1bin: Cardinal absolute Y1; Y2bin: Cardinal absolute Y2; begin if (Y1bin or Y2bin) and $7FFFFFFF = 0 then Exit; ... end; -
Shadow underneath Form does not always appear (CS_DROPSHADOW)
Kas Ob. replied to PeaShooter_OMO's topic in Windows API
If only it was this simple ! The idea is right, but the complications can be huge. 1) The code is not handling the failure of UnregisterClass. 2) UnregisterClass will fail if there is a Window still online associated with that class, by online i mean created and/or visible, simply a window with that class exists, from https://learn.microsoft.com/en-us/windows/win32/api/winuser/nf-winuser-unregisterclassa Before calling this function, an application must destroy all windows created with the specified class. 3) even if did pass and succeeded then there is the other caching software that might already read and copied the Class and its information and might fail, like live translation software or the one for accessibility that read the content of the screen or the ones that completely redraw them in different way (out of the OS theming), such software will behave erratically if performed something at that moment and Windows reported an error with the associated WindowClass. So, i don't recommend such approach, if UnregisterClass should be called then it should put at lower level (deep) in the VCL in appropriated place, and it must recreate all the already created Forms, dialogs, controls... it is huge adjustment. -
Shadow underneath Form does not always appear (CS_DROPSHADOW)
Kas Ob. replied to PeaShooter_OMO's topic in Windows API
Found the culprit of this discrepancy, but don't have a solution, or lets say nice solution, on top of that my old VCL is irrelevant to the most , so , someone else should have a deeper look into this. There is two different RegisterClass functions, one belong to Delphi RTL and the other is an OS API, Delphi Forms like other controls do register them selves with RegisterClass with unique name, on both API and RTL, the one is causing this problem is API how Windows store the style, Delphi RTL doesn't handle UnregisterClass (API) correctly or not calling it at all, hence CreateParams and the following creating the control (and setting its modern and advanced style) stay short from performing as intended. As a workaround a suggest to refactor your popup into base and two inherited ones hence forcing the class name used by RegisterClass to be different, one with shadow and the other without, this will be the most clean way, though it must be tested. ps: @PeaShooter_OMO don't call "FreeAndNil(FormPopup);" on Self, this is problematic and dangerous, just use "Release;" and it will be released in orderly form, and you can skip the var usage altogether by using with TFormPopup.Create(True) do Show; // or with TFormPopup.Create(False) do Show; -
Shadow underneath Form does not always appear (CS_DROPSHADOW)
Kas Ob. replied to PeaShooter_OMO's topic in Windows API
Testing the real project and now i see even with RecreateWnd it is not reliable, and acting as there is something is not initialized. On XE8, the same code with RecreateWnd, act differently with or without debug dcu included in project settings !, and if there is a break point that halted the code execution then the shadow might appear more frequently. -
Shadow underneath Form does not always appear (CS_DROPSHADOW)
Kas Ob. replied to PeaShooter_OMO's topic in Windows API
It is beyond me why it is needed, short coming in CM_RECREATEWND that used to trigger the recreation and when it is received, (i think ) It could be made better but will break things, also may be things changed in newer VCLs but in the older ones RecreateWnd is needed, even it means the recreation will happen twice. -
Shadow underneath Form does not always appear (CS_DROPSHADOW)
Kas Ob. replied to PeaShooter_OMO's topic in Windows API
Nothing wrong, just missed "RecreateWnd;" after setting the Params. -
I see undefined behaviour, this can go beyond degraded performance and go into literally corrupting the memory or the the worse the stack, triggering very hard to diagnose behavior, see.. calling ".classname" might land on an arbitrary method, and who knows what have been changed in that method/procedure/function... , literally nightmare stuff, and reproducing it is near impossible ! And of course the exception doesn't have to be silent, it could be triggered but after altering memory/stack, disguise the expected behavior and hide what have being changed somewhere.
-
Winapi.Windows.PROCESS_QUERY_LIMITED_INFORMATION not found
Kas Ob. replied to PeterPanettone's topic in Windows API
No, that is misuse between declaration and definition, use what Remy suggested. IFDEF/IFNDEF about definition, literally defined, these are not for the code but for the compiler variables. DECLARED()/NOT DECLARED() these about your code, namely anything that can be declared like consts, records, classes .... It compile in your case because there is no defined directives (compiler directive) under that name. Example: var i: Integer; B: Integer; // comment this and the compilation will fail {$IF NOT DECLARED(B)} This should cause an error only if you comment or remove B from variables {$IFEND} -
Capture as soon as file paste is selected
Kas Ob. replied to Mustafa E. Korkmaz's topic in Windows API
Hi Anders, I want to list some facts 1) Windows Explorer is an application like any other, and it is not essential to the OS itself, so when RDP application run it will interact between two application, hence the need to capture and handle the clipboard, when i copy a file/dir form my own desktop and try to paste it on remote using RDP, then i am pasting the on my application (or RDP), and this should trigger RDP or on the remote to paste, so it should simulate clipboard is filled then send data. 2) CFSTR_TARGETCLSID is irrelevant here as it used internally by Explorer itself. 3) Microsoft RDP does send file in two different ways, one capturing clipboard and its content then simulate on the other hand, well usually it does that, unless Local resources being shared per setting in the RDP connection, this initiate completely different path to share files and synchronize them between host and guest. 4) SHChangeNotifyRegister can capture files changes and many others like copy and paste or rename, initiated by keyboard and/or by mouse. ( might not be useful or needed after all) 5) Th trick is to capture the event then using IShellExplorer to emulate pasting file in the specified directory, (also might be not needed at all) So in short the solution is not to circumvent any thing, not really, because , as example, i built a RDP application, then on the remote part capture the copy event from clipboard (yes using clipboard APIs), then trigger filling the clipboard on my local PC, then on paste on my local i will initiate the sending file after locking the directory same as RDP (this locking will need shell APIs), same can happen in the other way around. Now sounding this loud, i don't understand the need for monitoring the shell operation using SHChangeNotifyRegister ! may be i lost it there or over complicate things, but the copy and paste is happening into different applications, either my remote RDP with the remote Explorer, or local RDP viewer and local Explorer, sending data is handled by the RDP two parts not involving any Explorer. ps: I spent near 3 hours trying to make SHChangeNotification_Lock work, but i think it is working at last ! -
Capture as soon as file paste is selected
Kas Ob. replied to Mustafa E. Korkmaz's topic in Windows API
Yes. Yes. In two different way, one when to upload and one to download, but this is somehow irrelevant to your usage, as like Windows RDP it comes baked with special integration with for Windows Explorer aka Windows Shell, these are undocumented API and COM objects. How to do it ? You must understand and use these : 1) IFileOperation https://learn.microsoft.com/en-us/windows/win32/api/shobjidl_core/nn-shobjidl_core-ifileoperation this will capture (and monitor) copying files, moving ,renaming .... 2) IFolderView https://learn.microsoft.com/en-us/windows/win32/api/shobjidl_core/nn-shobjidl_core-ifolderview to find the focused folder in Windows Explorer 3) SHChangeNotifyRegister for hooking shell operation https://learn.microsoft.com/en-us/windows/win32/api/shlobj_core/nf-shlobj_core-shchangenotifyregister 4) IShellWindows https://learn.microsoft.com/en-us/windows/win32/api/exdisp/nn-exdisp-ishellwindows this is the core one to start with and needed to find opened folders ..etc Using these will remove the need for key logger and mouse tracking event, yet in case it failed or and because i can't remember how the hooking was triggered as only reporting or intercepting, meaning you can block, in case that the case and you need to prevent the operation, then you will need key and mouse logger, there is few methods to intercept then cancel if you want. Hope that help, as for all the above, there is many questions on the internet and resources on how to do it, but you specific case need to understand and mix and match an approach. -
First you missing few details about the problem at hand, 1) You are using Client and the client doesn't need a certificate, to be more accurate the default usage for validation on the client side is to check and validate the path of certificate(s) from the server against trusted root or trusted CA. 2) What certificate is on the server, is it valid ? not revoked ? not expired ?.... 3) What is this certificate you mentioned, is it the root or the CA or the end point that server has used to establish the connection ? Now, what you can do or what you should do 1) By default like any TLS connection, the client must have a trusted root store, to resolve the server certificate to, this include any CA in-between them (i mean the end point one aka server and its root), generally either you have a store (punch of certificates) included with in (shipped) your own application, or depend on the OS provided store. 2) Your client doesn't have a store, then it is OK, you can have one root and resolve the path to like above. 3) You are binning the certificate, meaning you will included one certificate, no store, no validation, not best practice at all !, yet it is OK, will work , and fail later ! , but should work (highly not recommended as it is bad and fragile and can render you communication useless any time when the server lose its private key or the certificate leak and you have to replace it...etc), in this exact case and if this is what you are trying to do , then just compare the server certificate against the one in the pem Hope that help, ps: though you had searched the internet, so i will assume you are loading the pem right and you know to validate or compare, but in case you still missing the point and how it should done, then i recommend to use ICS demos, even if you are not going to use that library, but you can study and understand how to validate a certificate ( or try to shoot your self in the foot by comparing against end point only, against all recommendations )
-
Is this VM a developing machine or daily driver for browsing internet and download everything you being offered by an advertisement ? 1) developing machine, then you don't need security scanning for everything all the time, right ? 2) daily driver and testing everything you can download, then leave the defender and install like ten more anti viruses, and make sure to uninstall Delphi for your own security and integrity of your code and generated binaries. It is simple, my developing machine is not allowed to see Internet or access anything outside my home network, i don't download anything suspicious from unknown providers on that machine, heck, i even don't allow Windows to update or to contact Microsoft, so i don't need an virus scanner at all. Anyway, it is up to you keep Windows Defender running or just remove most of this useless scanning each time, in worst case scenario let it scan once, and then disable behavior control and live protection or what ever called, by each AV, also make sure to disable sending samples to laboratories to any AV home, also don't even allow any AV to scan your traffic, this compromise you and your data the most,... i am sure i forgot to mention tens of thing to not do, so the most critical advise of them all think of everything they offer in the settings and use logic, and remember if a malicious code is on your device then it only be detected if it is in the AV database, in other words already known !, so all of this crap of detecting illegal behavior in real time is useless crap, if it is know then cold scan will detect it, if it is unknown then it will run unless real time monitoring is kicking it hence will ask you about everything running on your device, the only good thing from a good scanner if that question happen once only.
-
MsMpEng.exe is Windows Defender scanner and smart locker, and it will repeat the above or similar report for each file or library that bds.exe will load, in that report it is only for one bindcompfmx290.bpl trying to load. So yes disable Defender.