Use the Windows raw access APIs to directly access the USB drive - usb

At the end of USB physical drive, I want to write data directly using windows raw access API. I don't want to use kernel driver to do that.
As far as I know, HDD direct access is blocked from windows xp sp2 or sp3(?) for security reason. I'm not sure this is true for USB drive.
Please guide me how to get there. Thanks a lot.

It depends on how "direct" you want to be.
Something like
HANDLE hDrive = CreateFile("\\\\.\\F:", ...);
ReadFile(hDrive, ...);
should get you what you need in most situations, although you might need DeviceIoControl with
IOCTL_USB_USER_REQUEST with USBUSER_PASS_THRU
IOCTL_SCSI_PASS_THROUGH_DIRECT
or IOCTL_ATA_PASS_THROUGH_DIRECT
if you're doing something really advanced.
P.S.: This should be on StackOverflow, as other people have mentioned.

Voted to move to Stack Overflow. I think regardless, using an external HDD connected by USB won't change anything, as it still appears as a normal disk to windows.
When you say "raw access API", do you mean functions like CreateFile, WriteFile etc as listed here? Because those functions should be able to be called from normal Win32 apps. Or do you want direct access to the disk itself, with no filesystem layer in between? (Some user apps such as HxD can directly open disks for reading/writing - use with caution)

Related

Raspberry Pi 3 (Raspbian) programatically accessing a USB drive: best way to do this?

I'm running Raspbian 1.0, v9/15 on an RP3. I'm working on an application that will access a dedicated USB flash drive to store collected data. The static path to write the data is "/media/user/kingston". This works great unless I have a system crash at which point the owner and group for "/media/user/kingston" are changed to root, and the mount point for the flash drive now is now changed to "/media/user/kingston1" which (clearly) does not work with the static path defined in my application. Is there a standard dynamic path option that is available for this device and OS? Thanks in advance...
Update: Based on BJ Black's advice, this is what I added to fstab after creating a directory named /usb at the root of the filesystem,
/dev/sda1 /usb vfat noatime,nofail,user,rw,exec,umask=000 0 3
The advantages are,
1) allows bootup even when no USB drive is inserted,
2) allows any usb storage device to be used here.
Disadvantage is that the system must be powered down (or drive umounted) before flash drive is removed otherwise bad things happen, (I tried this). Question: Is there anything that I can do to reduce the "bad things" in the event that someone pulls out the usb while it is still mounted? Thanks in advance.
In general, I tend to prefer using a hard mount point for this kind of thing. There are possibly some neat tricks in /sys (or by using a grep against the output of mount(1) or /proc/mounts), but they'll fail as soon as you change out your Kingston stick for some other vendor (yuck).
Have a look at this link to better understand what's automounting your usb stick and how to shut that mechanism off.
As for mounting in a permanent place, I'd try either:
Create a mount point (say /data) and put an entry in fstab(5) so it gets mounted automatically on boot.
Same as 1, but use the noauto and user and do an explicit call to mount(1) from your application, or...
Install autofs and put an entry in auto.misc to automount the device (probably /dev/sda1) on use. Then symlink /data -> /misc/data.
Of these, I like option 3 the best, as the stick will unmount automatically when idle. Then your application need only double-check that the path is writable beforehand.
Also be super-careful on writes, as cheapie USB sticks tend to erase in large blocks and their wear levelling is weak at best (so both small random writes and large writes tend to wear the flash fast). Using f2fs or careful write buffering helps (and the noatime option on mount helps). And don't call fsync() all the time in your app!

Reading from database file over network in visual basic, with no shared drives

The machine I'm trying to access is an industrial PC that serves as the interface for some PLC-automated equipment. The computer creates a data record (an .mdb database) of the various machine settings so that they can be reviewed later if desired. I've created an application in Visual Basic 2010 to display and sort that information once it's been copied from the machine to someone's laptop.
What I'd like to do, though, is allow the user to access the database from their laptop over the network; each PC has a static IP address on the customer's LAN. Currently, we can use Teamviewer to transfer files, but I'd like to include that ability in my data viewing application. Without changing any settings on the industrial PC (i.e. leaving the network file sharing alone, and avoiding installing any sort of SQL server software), how can I access this information? The database files can get pretty large (40+ mb) so I'm trying to avoid any sort of FTP transfer, which would undoubtedly take forever.
The database is already set up on an ODBC connection (which is how the pc stores the PLC information in the database), and I suspect that this may be the key, but between my lack of any thorough understanding regarding networking and the internet's general distrust of ODBC (well earned, from what I've seen so far), I'm having a hard time finding any useful information.
If anyone could point me towards some useful tutorials, or give me a good place to start, I'd appreciate it.
I think you are out of luck. Think about it, if you could access the file, without sharing it, wouldn't that be a serious security problem?
What you can do: Use the always existing share \host\c$ to access the file. For that you'll need administrative privileges for the host.
But be aware: Even if this "works", it introduces problems:
It will be slow, because you are essentially copying 40MB over the wire over and over again
If you are not carefull, you might lock the *.mdb file while accessing it. Access Databases are not really meant to be accessed by multiple users/processes. That didn't prevented Microsoft to try to fake it. Todo so, a *.ldb (L as in Lock) file will be created, to signal other processes the file is locked.
Tldr: Don't do it.

Sandbox within vmware workstation, is it possible?

What I want to be able to do is that, run a vmware machine on workstation, windows xp or 7 for instance. But all the changes I make while I am running the machine e.g. create a file, install something etc, I don't want them to be written to the system/image. Instead it should act like even the image itself is sandboxed, and when I shut down the machine, the image stays the same.
Now, I know about the snapshots functionality, but I basically want to save the time that is expended while reverting an image, on every power down session. Instead it should be such that the changes aren't written to the image/system in the first place (and instead are done in something like memory or a temporary location etc), and thus there is no need to revert when the system is powered off.
Now, is this possible to achieve with just vmware workstation itself? if not than is it possible with some third party tool or something of the sort? if yes then specifically which tool? or if this is possible utilizing any other concepts, say ramdisks etc or anything at all really?
Any help at all is really appreciated!
If I understand your you correctly, defining the VM's disks as nonpersistant should help.

OSX: Hook file read event

I have a particular file I want to monitor for file read attempts by all applications on OSX. I'd like to be able to interrupt the requests so I could decide which applications have permission to read the file and which don't (by querying the user, or checking a cache of user responses). Is this possible with the OSX API? If not, is it even possible to get a list of which applications or processes do read a file?
I'm not saying there's no way to do this, but what #Jonathan is talking about isn't it.
That API is for tracking the creation, change, and destruction of files. Notably this tool is used by things like Spotlight to watch activity on the filesystem for new, interesting files.
But, wisely, reading isn't one of the events it tracks.
And even if reading WAS tracked, it is still the wrong mechanism, as it's a notification system after the fact, not in line with the call itself.
I seriously doubt what you want is possible the way you describe it.
With Access Control Lists, you can limit access at the user level (Fred can read the file, but Bob can not). This is a setting on the file itself. But there's no mechanism to allow Bobs App1 to read a file, while Bobs App2 can not, since there's really no formal mechanism of "application identity" beyond the command to executed, or whatever the program "says" its name is (both of which can be spoofed if motivated enough).
However, feel free to crawl the Darwin sources -- no doubt the answer is buried in there somewhere near the open(2) call.
EDIT, regarding comment.
What are you trying to do? What's the overall context?
Another thing that you may want to try is to use FUSE.
FUSE is a utility that let's you have "user space filesystems". People use FUSE for many purposes, like reading NTFS volumes, or mounting remote system via SSH.
They have a simple example, that gives you a skeleton that you can fill in for your purposes.
For most of the use cases, you'll simple defer to the system. However, for OPEN you will add your logic. Then you could point your FUSE utility at a directory, and "mount it". Then all of the files below that directory can use your new behavior.
I'm still not sure how you will identify Apps by name, but if it's not a real "security" issue, just for local control, I imaging you can come up with something. Activity Monitor has apps names, so they must be available, and FUSE will be running within the process space (I think), rather than through some external mechanism.
All that said, I think FUSE is your best bet, but it's probably not appropriate if you want to do this to "any file" with no preparation by the user (like not installing FUSE). If you wanted to do "any file", your FUSE system would need to be mounted at root, and then you'll simply have a full "clone" of the filesystem, with those files from the normal root "unprotected", while those from your new FUSE root will be protected. So, if someone wanted to NOT use your FUSE system, the real file is readily available to them through the actual file location.
If not, is it even possible to get a list of which applications or processes do read a file?
The command-line tool fs_util allows you to monitor filesystem activity, including reading.
The writings of Amit Singh should come in very handy. He explored the API that provides FileSystem events a few years ago, and provided a sample tool that allows you to intercept FS events. It's open source!
If i remember his conclusion properly, their isn't an official API, but you can use apple's tools to achieve what you want.

Remote Backup User Data on iPhone

I wrote a few iPhone apps using Core Data for persistent storage. Everything is working great but I would like to add the ability for users to back up their data to a PC (via WiFi to a PC app) or to a web server.
This is new to me and I can't seem to figure out where to begin researching the problem. I don't want to overcomplicate the issue if there is an easy way to implement this.
Is anyone familiar enough with what I am looking to do to point me in the right direction or give me a high level overview of what I should be considering?
The data is all text and would be perfectly stored in .csv files if that matters.
Unfortunately, I don't think there's a good all-purpose solution under the current SDK. Here are some ideas:
If you only want backup, you could just back up the whole sqlite file to the server or over wifi, but you then can't really use it with anything other than Core Data (and you might even run into trouble with iPhone-Mac compatibility, e.g. between 32-bit and 64-bit types).
A very robust solution would be to implement cloud storage with a REST API and sync the iPhone and desktop app to the server (this is what the Evernote app does, for instance), but that is obviously much more work.
You could also manually convert your data to a .csv and send that to the server or desktop, but parsing it could be problematic (and you'd have to worry about the data getting corrupted). If you did want to go that route, here is a tutorial.