Opening a website automatically using secure code - security

I want to open a website(say www.google.com) automatically whenever I am logon. This can be achieved through batch script and VBA macros but it can not be implemented on organisational level due to security concerns.
Is there any secure way to open a particular website using some piece of code.
Please let me know. Thanks in advance.
Regards,
Shrikant Salunke

There are lots of ways to do this, but I'm not sure exactly when you mean by "whenever I am logon".
Basically, if you want the most portable, multilingual way to open a web page with a program you are going to be passing a shell command that looks like this (following your example)
open https://www.google.com
This will open the specified URL (I think it must be a complete URL - including scheme) on the default browser.
Now the "when I am logon" part is what could make things complicated.
If by "when I am logon" you mean whenever you open your browser, then you don't even need to do this you can just reset your browser's homepage.
If you mean whenever you logon to your proxy, you just have to make sure that the first proxy request you send contains the correct request URI. In the case of google the correct URI would be google.com:443. The URI will have the format <hostname>:<portnumber>. The default HTTPS port number is 443. The default HTTP port number is 80.
If you mean whenever you logon to your system then you just need to execute the command open https://www.google.com within a login shell script. Login scripts are system dependent but you may refer to this post if you use a Unix-like or Posix compliant OS. If you use Windows I don't know how to help you but I'm sure there's a way to do it.
If you mean whenever you log into some program you wrote then things get really easy. You just have to make a call to that open command. Almost every language has a built in method for interacting with a shell. You just have to find that method in whatever platform you're using.
I honestly don't know if this will be helpful but good luck!
Edit
How to Run a Batch Shell Script Securely
What you need to do is run the script with a different trustlevel. Since you're using Batch you can do this by executing your script using the runas command (docs). This command allows you to adjust the trustlevel under which the script is executed without changing users. By changing the privileges of the executable, you can prevent it doing anything malicious. All it needs is enough "trust" to execute the open command.
If you need this fully automated throughout your organization, you can wrap your Batch file in a second Batch file that will call the runas command. This wrapper script will not run with reduced privileges but it also won't interact with the internet so you don't have to worry about it as much. You would be able to execute the wrapper script as a login script, and then everything should work.
Honestly I'm not a Windows person but I hope this helps!

Related

How To ADD Firefox Default Applications

So I'm trying to find a way to add default file extensions options to Firefox. Since for whatever reason it doesn't give you the option?
Example: Settings > General > Applications
I want to add new content types and then be able to select my default application of choice.
The current issue is, that I use an MSP client that when necessary allows us to remote into a client's workstation for troubleshooting. Normally one would just click on the "Start Remote Session," button, and it brings up the application to do so. However, since it operates in some form of Javascript (I think....?), it doesn't technically download a file for me to save and then execute through the app. It just opens the app automatically. It never gives me the option to save the a file or anything like that, that it would use for the Remote Session app.
So I want to figure out how to bypass this issue by just adding the extension needed for this process in Firefox's default content types.
Works on Windows, I'm currently on Linux. (So please don't tell me to not use linux or any form there of. That or to use wine or playonlinux. I already am)

Execute a shell (script) from Chromium?

Is there a way to launch a bash/ksh shell, or execute a shell script from Chromium? Is there a setting to tweak, a plungin to add, a workaround besides php and a local server?
Sorry if this is a duplicate. I assumed I would find an answer here, but only see answers about launching Chromium using a script or complete workarounds avoiding my question, with a local server and JavaScript/PHP. I have an Apache server available and can do the coding, but rather not.
I could do this in Internet Explorer on Windows (or used to be able to launch a .bat script there. I haven't used IE in a long time), why not in Chromium on Linux?
I understand the security concerns and sandbox in the browser, but in this case the browser never goes outside a firewall and I just want to launch a script from Chromium.
Thank you for your thoughtful replies.

Sign PowerShell script on non-Windows platform?

I'm working on a project where we are remotely deploying software using a configuration management, part of which delivers PowerShell scripts to Windows servers, which are then executed in order to perform parts of our setup and/or configuration.
The current deployment method writes the scripts to disk, but doesn't close the file handle. This was done to make the script more "secure" by preventing any other process from tampering with the file prior to it being executed. In order to run the script, PowerShell must read it from stdin, since it doesn't run a script if it cannot get exclusive access. The invocation looks something like this:
powershell.exe -Command - < C:\temp\some_name.ps1
This has a number of drawbacks, primarily that I can't pass parameters to the script. Additionally, reading large scripts from stdin gets funky with bad characters, line returns, etc.
I'd like to invoke the scripts in a more traditional method, e.g.
powershell.exe -File C:\temp\some_name.ps1 -Param value ...
but also keep in the spirit of making sure nothing can tamper with the script prior to it being executed. To that end I want to sign the powershell script and run powershell with the "AllSigned" execution policy.
The issue lies is that I can't really sign the script on the target server, as it has the same issue as PowerShell running the script...I have to release the exclusive lock to let PowerShell sign the file, but it could get tampered with.
I then decided that if I could sign the script on the server that is delivering it to the target machine that would work much better. However, our configuration management software servers are all Linux, and I have been stumped trying to find some way of signing PowerShell scripts on Linux. Mono has support for Authenticode, but out of the box it's only for exes and dlls. I've tried digging into the PowerShell .Net functions but found they use Cryptui.dll, which is Windows-specific.
At this point I'm grasping for anyway I can get the signature added to the scripts, or else I'll have to fallback to some other way of running the scripts that isn't really native. If possible I'd like to be able to compute the signature in-memory on a string representation of the script, but I'll take a file-based method if that is all I can get.
Not sure if this will work for you, but any time I am getting signature errors, I just add this to the bottom of the script:
# SIG # Begin signature block
# SIG # End signature block
I know it looks benign, but this works for me.
What about compiling your script to .exe ?
ps2exe, or even some builtin .net calls can do that for you.

Troi plugin function not working in FileMaker WebDirect

For purposes of being able to select from multiple file from the computer or network, I am using the following script command which works great in native FileMaker 14:
Set Variable [$dosFN; value: TrFile_SelectFileDialog( " -AllowMultipleFiles" ; "Please select one or more files" ;)]
In testing to make sure this works, I am doing a custom dialog to display the value of $dosFN and an example that successfully comes back would show:
From drive as:
C:\Files\img1.jpg
C:\Files\img2.jpg
or from network as:
\\ACI-2008-01\Files\img1.jpg
\\ACI-2008-01\FIles\img2.jpg
What is not work is when I attempt the same thing in a webdirect environment which is only showing the following when I perform the same script without even a file selection dialog box:
$$-4222
So how can I possibly make this work as desired in a webdirect environment?
This is not possible. This call is supposed to display the select file dialog. The plug-in does this by calling a function from one of the system libraries. In Web Direct you work with the database via a browser. Behind the scenes FileMaker silently converts the layouts and scripts into something that can run in the browser (lots of HTML, CSS, and JavaScript). But it cannot convert all and this call is one of things it cannot convert. As a result the plug-in only runs on the FileMaker server in a completely different environment and has no way to make a system call on another computer.
You may have better luck with FileMaker's own Insert File script step. It seems to be compatible with Web Direct. It cannot select multiple files though. (Also, other plug-in functions may still work in Web Direct but keep in mind that they actually run on the server, not the computer that runs the browser.)
The latest version of Troi file seems to be webdirect compatible, but it has to be installed on the FileMaker server as a server-side plugin. In any case check their documentation first, as it is usually quite detailed and if it does not help, you might get in touch with their support.
From how I understand it, the plug-in is running server side and has no way to display an interface on the client side (web browser). I do not believe there is a way to do what you are trying to do with Troi File, but you may just need to contact Troi.

Authenticating dialog box in Linux environment using Selenium

The Base URL in my Web Driver class asks for authentication for username and password. My Scripts run perfectly on Windows environment using AutoIT for authentication using the below mentioned code line.
`System.setProperty("webdriver.chrome.driver", this.getClass().getClassLoader().getResource("data/chromedriver_win32.exe").getFile());`
But I need to run on Linux environment and I want to replace this server authentication in place of AutoIT.
I have googled it and I got the results that I can still run the scripts using wine but the results are not perfect. If anyone found solution for this kind of problem please help me.
Thanks
This may not be a secure approach, but would it help to put user name & password in the URL?
I mention it is not a secure way since it is for an automated test and you'd have to take safeguards to ensure who the viewing audience is, since you don't want security risks.
If your application typically challenges with htpassword box, you might want to see
http://community.sitepoint.com/t/sending-htpasswd-login-information-in-a-url/2586/2

Resources