Connection String Section still not protected after publishing and installing the app - vb.net

-I have the Connection Strings defined for System.Data.SQLite.SQLiteConnection
-I never configured the RsaProtectedConfigurationProvider so I guess this is the default provider and the code
'Declaration
<PermissionSetAttribute(SecurityAction.Demand, Name := "FullTrust")> _
Public NotInheritable Class RsaProtectedConfigurationProvider _
Inherits ProtectedConfigurationProvider
is not needed
-Instead of using the classic code of
ToggleConfigEncryption
https://msdn.microsoft.com/es-es/library/ms254494(v=vs.110).aspx
I'm using this code when I load the form to encrypt the ConnectionString section:
Dim appconfig As Configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None)
Dim constringsec As ConnectionStringsSection = appconfig.ConnectionStrings
constringsec.SectionInformation.ProtectSection("DataProtectionConfigurationProvider")
Taken from https://juan-cuenca.blogspot.com.uy/2015/01/encriptar-archivos-de-configuracion.html
When I run my app from Visual Studio the program works and I can find on my Debug folder the file
myApp.exe.xml and also the file myApp.vshost.exe.xml are both with
<connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sB....
</CipherData>
</EncryptedData>
So I think the encryption is working fine at Debugging time.
The problem:
-When I publish my app on my web server and then install the app like any Windows app the program still works, but on my C:\Users\MyUserName\AppData\Local\Apps\2.0\
the file myApp.exe.xml is still with plain text on the ConnectionString section.
(And the other file myApp.vshost.exe.xml is not there)
Do I need to do something more on the code or Publish configuration?? (Maybe one "after install" code?)
Or is something about Windows permissions?
Update info
Well now It's working but with a extrange behavior. After the installation and execution of the program on another computer I have two folders on AppData\Local\Apps.... one of this folder with the APP.Config encrypted and the other one with no encryption at all. I proved deleting this second file and the application still run fine. But why this file exist with plain text after running the program?

Related

Update SQL Server connection string on VB.NET EXE without source code

I have a really old application that was created using VB.NET. The original source code has since been deleted and unrecoverable. I have to change the database location and need to update this in the application. I changed the connection string in the .config file, but it seems to be getting it from the exe itself. If I open the exe file in Notepad++ I can see the original connection string. If I edit the file and save it, it no longer works. I get an error saying: "This app cannot run on your PC".
I tried opening the app with Resource Hacker, but don't see the connection string to update. I have Visual Studio 2019 and tried opening the exe file, but also don't see anywhere to edit the connection string.

Launch IIS Express to run ASP.NET Core Apps

I wish to run my ASP.NET Core App by launching it from IIS Express using command line.
I stumbled across this article which says
So in fact Visual Studio silently adds the two environment variables
when launching IIS Express, so that ASP.NET Core related bits can be
injected.
LAUNCHER_ARGS: -debug -p “C:\Program Files\dotnet\dotnet.exe” -a “exec
\”C:\Users\lextm\documents\visual studio
2017\Projects\WebApplication2\WebApplication2\bin\Debug\netcoreapp1.0\WebApplication2.dll\””
-pidFile “C:\Users\lextm\AppData\Local\Temp\2\tmpFD6D.tmp” -wd “C:\Users\lextm\documents\visual studio
2017\Projects\WebApplication2\WebApplication2”
The tmp file in -pidFile “C:\Users\lextm\AppData\Local\Temp\2\tmpFD6D.tmp” can always change. How do I add LAUNCHER_ARGS as environment variable which will make it work even if the tmp file changes?
Let me know if there is any easier way to launch IIS Express to run ASP.NET Core Apps with command line or powershell scripts.
You are looking for [System.IO.Path]::GetTempFileName() method. It creates empty temp file on file system and returns its unique name.
I'm currently using the following PowerShell script to run my .NET Core 2.0 App:
$env:LAUNCHER_ARGS = "-p ""<path to dotnet.exe>"" -a ""exec \""<path to webapp main dll>\"""" -pidFile $([System.IO.Path]::GetTempFileName()) -wd ""<path to webapp root folder>"" -pr <project name>"
$env:LAUNCHER_PATH = "<path to VSIISExeLauncher.exe>"
& "<path to iisexpress.exe>" /config:"<path to applicationhost.config>" /site:"<webapp name>"
Placeholders (text within angle brackets) have to be filled with the corresponding values. You can find them out by running your project from Visual Studio and inspecting environment variables of iisexpress.exe process using Process Explorer as shown above in the link you provided.
In .NET Core 3 the solution to this problem has changed. Follow these steps.
1) The environment variables should now be:
LAUNCHER_ARGS=exec "C:\YourWebApiProject\bin\Debug\netcoreapp3.1\YourWebApiProject.dll"
LAUNCHER_PATH=C:\Program Files\dotnet\dotnet.exe
Change the first path to your dll path and ensure the .NET version in the path is correct. Note that there is no longer a need to create a temp file.
2) Ensure that both modules AspNetCoreModule and AspNetCoreModuleV2 are registered in the file .vs\{your solution name}\config\applicationhost.config as follows:
Under <system.webServer> <globalModules> add:
<add name="AspNetCoreModule" image="%IIS_BIN%\aspnetcore.dll" />
<add name="AspNetCoreModuleV2" image="%IIS_BIN%\Asp.Net Core Module\V2\aspnetcorev2.dll" />
Under <sectionGroup name="system.webServer"> add:
<section name="aspNetCore" overrideModeDefault="Allow" />
Under <location path="" overrideMode="Allow"> <system.webServer> <modules> add:
<add name="AspNetCoreModule" lockItem="true" />
<add name="AspNetCoreModuleV2" lockItem="true" />
It's also a good idea to make this change to the templates for this file which are located at %PROGRAMFILES%\IIS Express\config\templates\PersonalWebServer\applicationhost.config and %PROGRAMFILES(x86)%\IIS Express\config\templates\PersonalWebServer\applicationhost.config so that new VS solutions you create automatically get these changes to their configs. (Credit to this post)
3) Be mindful of whether you're using 32 or 64 bit IIS Express. (If you're on a 64 bit machine then 32 bit IIS Express = C:\Program Files (x86)\IIS Express, 64 bit = C:\Program Files\IIS Express) In my case, 32 bit had worked fine previously but after migrating to .NET Core 3 I had to use 64 bit or else the above modules wouldn't load.
I needed to run multiple .Net Core API endpoints at a time easily without popping open Visual Studio for each and every one of them. I ended up using answers here to build the following:
iisaspnet.bat:
#echo off
:: Args are like:
:: MobileApi
:: C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src\HCPMobileApi
:: MobileApi\bin\Debug\netcoreapp2.2\MobileApi.dll
:: .vs\MobileApp\config\applicationhost.config
setlocal
set PATH=%PATH%;C:\Program Files\IIS Express
set LAUNCHER_ARGS=exec %2\%3
set LAUNCHER_PATH=C:\Program Files\dotnet\dotnet.exe
iisexpress /site:%1 /config:"%2\%4"
:: Comment out line below to check for errors
exit
The first arg is the name of the Project - the name in Visual Studio (in some scenarios people go rogue and name their Project file one thing and the Project itself another thing - you want the Project name, not the file name, in this scenario).
The second arg is the root folder for third and fourth args.
The third arg is where to find the compiled Project DLL
The fourth arg is where to find the applicationhost.config that explains how to launch the site. As you'll see below, this is generally found in your .vs folder, but, where this exists can get a little crazy depending on how creative people get with organizing their Solution and Project folders. Generally the .vs folder is going to sit in the same folder as the .sln file, so it may be far from the Project folder/files.
This will be less helpful, but here's the batch file that kicks off the IIS Express windows, so you can see iisaspnet.bat in use:
start iisaspnet.bat MobileApi C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src\HCPMobileApi MobileApi\bin\Debug\netcoreapp2.2\MobileApi.dll .vs\MobileApp\config\applicationhost.config
start iisaspnet.bat HCP.MasterDataApi C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src MasterData\Api\HCP.MasterDataApi\bin\Debug\netcoreapp2.2\HCP.MasterDataApi.dll Solutions\.vs\MasterData\config\applicationhost.config
start iisaspnet.bat HCP.SecurityApi C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src Security\Api\HCP.SecurityApi\bin\Debug\netcoreapp2.2\HCP.SecurityApi.dll Solutions\.vs\Security\config\applicationhost.config
start iisaspnet.bat HCP.BillingApi C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src Billing\Api\HCP.BillingApi\bin\Debug\netcoreapp2.2\HCP.BillingApi.dll Solutions\.vs\Billing\config\applicationhost.config
start iisaspnet.bat HCP.ClientApi C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src Client\Api\HCP.ClientApi\bin\Debug\netcoreapp2.2\HCP.ClientApi.dll Solutions\.vs\Client\config\applicationhost.config
start iisaspnet.bat HCP.EmployeeApi C:\Users\chris\Dropbox\Code\2017\VbaMeasureHcp\src Employee\Api\HCP.EmployeeApi\bin\Debug\netcoreapp2.2\HCP.EmployeeApi.dll Solutions\.vs\Employee\config\applicationhost.config
The way the parameters work could likely be far simpler if the way the Projects, Solutions, etc were stored and named was more consistent, but, this is an existing set of Solutions I had no control over with scattered naming etc, and, the chaos above may be more helpful anyway for understanding how to call these commands.
The result is that running one command kicks off 6 IIS Express command windows for me, requests get logged to each of their windows, and I just type Q in each window to kill them.

Encountering "the system cannot find the file specified" when running a certain command

This is a problem I have never seen before. Whenever I run a certain command in my application, I am getting the error:
Could not load file or assembly 'CADB.Data'. The system could not find the file specified.
When I run the command in the debugger, I do not get this error. The system completes the process successfully. It is only when I am running the built .exe. The .exe is in my debug folder with all of the necessary DLLs (Copy Local = True) including the problem DLL (CADB.Data).
When the system runs this command, it is under impersonation. I put the Debug folder (containing .exe and DLLs) into a folder the impersonated user has full access to. I checked access in the Security tab of file properties, and the user has full access to the folder AND CADB.Data.dll. Still, I get the error message above. When I run the program through any other folder that the impersonated user does not have access to, I get a slightly different error: Could not load file or assembly 'CADB.Data'. Access is denied.
Running the application through the debugger on another workstation throws the error as well. The error occurs at the declaration of the method GetClaimGuidList which is a member of CADB.Data (below).
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using CADB.Data;
namespace CADB.BusinessServices
{
public class ClaimHelper
{
static public List<Entities.Claim> GetClaimGuidList(int caseId, bool includeNotices)
{
DataTable dt = ClaimCmd.GetClaimGuids(caseId, includeNotices);
return Utilities.MapDataTableToList<Entities.Claim>(dt);
}
}
}
Other things tried:
Setting DLL as read/write. It was read-only because the file was originally being edited by VSO and thus had a read-only mark.
Running process monitor to look for an access denied message. I don't find such a message anywhere in the monitor.
Removing the DLL and adding it again from the project (my solution has multiple projects).
Cleaning the entire solution, re-building and re-running the EXE
Deleting the bin folder of every project in the solution, re-building and re-trying
Can anyone help? Any ideas would be greatly appreciated. Thanks.
For some reason, the impersonated user did not have access to the application files created in the bin folder. I went to the Security properties of the folder and added that user to the folder with full access rights. This allowed us to bypass the error. Why the user was not able to access the CADB.Data DLL is still a mystery. In any case, the issue was not present in the published ClickOnce application.

Program connects after install to an unknown(?) sqlite database

I have a strange problem using vb.net (vs2010) and SQLite database: I made an install package with Setup and Deployment project, everything seems to be working fine. My SQLite databse installs under CommonApplicationData folder and the software under ProgramFiles\ProductName. In the setup project I set a custom action, the user have a choice to run software after install:
/StartApp="[CHECK]"
Private Sub MyInstaller_Committed(ByVal sender As Object, ByVal e As InstallEventArgs)
Dim productName As String = Context.Parameters("ProductName")
StartAfterInstall = Me.Context.Parameters.Item("StartApp")
If StartAfterInstall = "1" Then
Directory.SetCurrentDirectory(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location))
Shell(Path.GetDirectoryName(Assembly.GetExecutingAssembly().Location) + "\FB.exe")
End If
End Sub
In ApplicationEvents.vb I set at StartUp:
AppDomain.CurrentDomain.SetData("DataDirectory", Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData))
And here comes the strange behaviour: if the user starts application after install, the program connects to another(?) database, not to installed under CommonApplicationData. If the user inserts data, seems everything working fine.
After closing the application and starting new from the desktop/programfiles/users program menu connects the program to the database installed under CommonApplicationData, but he can't see the changes he made launching application after installation. So starting program from desktop/programfiles/users program menu => everything fine, but the first (automatic) start after install is a problem. I can't find out what happens, any ideas?
Has your Installation Administrator-Privileges?
If yes, the following probably happens:
you are writing to ProgramFiles. Windows redirects this to the administrator %appdata%\roaming folder because writing to ProgramFiles is considered bad.
It goes to the administrator account because the installation had administrator-privileges.
When you start your program from the user account, the user-specific %appdata% Folder is used, which is empty.
Do solve that problem:
do not launch your program from the installer.
Create a directory for your program in %appdata% and usw it.

Running VBScript from UIAccess VB app using MSScriptControl

I'm trying to run some VBSCRIPT from within my application. This works fine when I run my program from within VB. But once I add "UIAccess=true" to my manifest and digitally sign my exe with my certificate, I am unable to run the code any more. It gives errors when I try to interface with any program saying "429: ActiveX component can't create object: 'myApp.Application'". Anyone have any idea why it would run fine in the IDE but not with an application with uses UIAccess? Here is the code:
Dim scriptRunner As New MSScriptControl.ScriptControlClass
scriptRunner.Language = "VBScript"
scriptRunner.AllowUI = True
scriptRunner.Timeout = 3000
scriptRunner.AddCode(scriptStr)
scriptRunner = Nothing
In googling around, I found this website.
it says
Applications with the uiAccess flag set to true must be Authenticode signed to start properly. In addition, the application must reside in a protected location in the file system. \Program Files\ and \windows\system32\ are currently the two allowable protected locations.
maybe it works in your IDE because your IDE is within \program Files\, but outside of your IDE you are running the signed application NOT within \program files or \windows\system32