Top
Subscribe
Social
GitHub
Blog History
Further Reading
Search
Tags
Monday
Feb032014

PowerShell Error: The specified structure must be blittable or have layout information.

DateMonday, February 3, 2014 at 10:17PM

So recently I was working with the Get-TSLsaSecret CMDLet which was written by Niklas Goude, a guest blogger from TrueSec who was writing on the Hey Scripting Guy Blog.

You can find the write up on the CMDLet here, It is also worth reading the previous post in the series here.

Everytime I ran the CMDLet, ensuring that I was running as a 32bit session, which was elevated, I would recieve the message "The specified structure must be blittable or have layout information.", I looked and looked and couldn't see anything I was doing wrong, or anything wrong in the code.

I the stubled upon Microsoft KB 2909958. Resolving the issue is very simple, we just need to do another cast on the line with the error.

In the code from Microsoft/Niklas, change:

[LSAUtil.LSAUtil+LSA_UNICODE_STRING] [System.Runtime.InteropServices.marshal]::PtrToStructure($privateData, [LSAUtil.LSAUtil+LSA_UNICODE_STRING])

 

to:

[LSAUtil.LSAUtil+LSA_UNICODE_STRING][System.Runtime.InteropServices.marshal]::PtrToStructure($privateData, [System.Type][LSAUtil.LSAUtil+LSA_UNICODE_STRING])

And you are done!

More to come on Get-TSLsaSecret!!!!

Comments Off | | | Print ArticlePrint Article |
tagged , , , in
Wednesday
Jan222014

Tools of the trade

DateWednesday, January 22, 2014 at 12:00PM

I have been asked a few times what gear I use, for work and for personal use.

Hardware

I use three computers on a regular basis, a personal laptop/tablet, work laptop and then my gamming rig.

Firstly there is my simply fantasic Surface Pro 2 (128GB SSD, 4GB of RAM), this is one of the most amazing devices I have used, I am simply surprised by how much I can do with it.

I have my tweaked out HP EliteBook Folio 9470m, this is my work device. It isn't spec-ed out how you would get it normally from the shop, or even HP internally. Featuring a similar CPU as the Surface Pro 2, but with 256GB SSD and 16GB of RAM. Compared to all other work devices I have had over the years, it is by far the best. It is quite light, and packs a very nice 15 inch screen. The only limitation is there is no ESATA, but it has an abundance of USB3 ports.

Finally I have my gamming rig, not much to say but I7, 24GB of RAM, tonnes of storage and a beasty video card to boot all on a Gigabyte Sniper 2 motherboard. I game and code on this thing on a regular basis.

Software

Must Haves

  • Windows 8.1 X66
  • Office 2013

Development/PowerShell

  • PowerShell (obviously)
  • Visual Studio 2013
  • PrimalScript 2012
  • Notepad++
  • Winmerge
  • GitHub for Windows
  • Tortise SVN

Networking/Security

  • Bitvise SSH Client
  • Virtualbox
  • Tor
  • CCLeaner
  • GPG
  • Putty
  • F Secure AV
  • Inssider
  • NMap
  • WireShark
  • EMET
  • OpenVPN
  • Keepass
  • SMAC

Media

  • VLC
  • Winamp

Comunications and Social Media

  • Hexchat
  • Line
  • Skype
  • Lync

And the Rest...

  • Wunderlist
  • Firefox
  • Feedly
  • Pocket
  • Kindle
  • 7Zip
  • Cashplan
  • Foxit Reader
  • Steam

Peripherals

Nothing really special here. I like a good keyboard and mouse, preferably gaming gear like G510 etc.

My Partner bought me some fantasic Sony headphones for Christmas, the Sony MDR-1RBT Mark2. Quite amazing, bluetooth, NFC and 30 hour battery life!

 

So that is pretty much it. I will try and keep this updated as I change what I am using.

Comments Off | | | Print ArticlePrint Article |
tagged
Wednesday
Jan152014

What am I reading?

DateWednesday, January 15, 2014 at 12:00PM

Just a quick post about the blogs found in my RSS reader. It is all pretty self explanatory!

Comics

PHD Comics http://www.phdcomics.com
Penny Arcade http://www.penny-arcade.com
xkcd.com http://xkcd.com/
Dilbert http://dilbert.com/

Microsoft (and related) blogs

Security Research & Defense http://blogs.technet.com/b/srd/
Powershell.CA http://www.energizedtech.com/
MSRC http://blogs.technet.com/b/msrc/
Richard Hicks' DirectAccess Blog http://directaccess.richardhicks.com
Microsoft Security Bulletins http://technet.microsoft.com/security/bulletin
Jeff Alexander's Weblog http://blogs.technet.com/b/jeffa36/
istartedsomething http://www.istartedsomething.com
Ben Armstrong http://blogs.msdn.com/b/virtual_pc_guy/
Bink.nu News http://www.bink.nu
WinBeta | Microsoft centered, Technology focused http://www.winbeta.org
Group Policy Central http://grouppolicy.biz

Security

Darknet - The Darkside http://www.darknet.org.uk
F-Secure Antivirus Research Weblog  http://www.f-secure.com/weblog
security.crudtastic.com  http://security.crudtastic.com
Hak5 - Technolust since 2005 http://hak5.org
Schneier on Security  https://www.schneier.com/blog/
Packet Storm Security http://packetstormsecurity.com/

General

IFTTT Blog http://blog.ifttt.com/
Ars Technica http://arstechnica.com
LifeHacker Australia http://lifehacker.com.au
The Food Avenue...Diary of a food addict http://thefoodavenue.com

 

Comments Off | | | Print ArticlePrint Article |
tagged ,
Monday
Jan132014

DirectAccess Resources

DateMonday, January 13, 2014 at 10:03PM

So I have been spending quite a significant amount of time working on DirectAccess and generally talking to people about DirectAccess, remote access and working remotely in generally over the past few months.

DirectAccess was a technology that I had wanted to work with for a significantly long period of time, the concept of an always on VPN like it has always interested me. I was extremely excited to be given the opportunity to work with it!

Not only did I get the opportunity to deploy DirectAccess in an enterprise environment, but I also had the chance to share my experience with the Brisbane Infrastructure Group.  My presentation can be found here.

So I thought why not provide you all with links to some of the resources that I used during my deployment of DirectAccess

Blogs:

Richard Hicks (MVP DirectAccess)

http://directaccess.richardhicks.com/

Tom Shinder (MVP DirectAccess / TMMG)

http://blogs.technet.com/b/tomshinder

Iron Networks

http://www.ironnetworks.com/blog/

 

 

Specific articles you should read:

http://directaccessguide.com/2013/10/07/setting-up-single-nic-directaccess-servers-with-an-external-load-balancer/

http://www.ivonetworks.com/news/2013/10/is-isatap-required-for-directaccess/

http://www.ironnetworks.com/blog/application-compatibility-issues-microsoft-directaccess

http://www.ironnetworks.com/blog/directaccess-network-location-server-considerations

http://www.ironnetworks.com/blog/common-directaccess-implementation-mistakes

http://blog.kloud.com.au/2013/08/22/lync-2010-directaccess-audio-video-and-application-sharing-troubleshooting/

 

There are probably some links missing, if there are other things that I realise I have missed, I will update this post.

Comments Off | | | Print ArticlePrint Article |
tagged , , , , in ,
Monday
Sep022013

DirectAccess with Computer Certificates and SHA512 algorithms

DateMonday, September 2, 2013 at 9:59AM

I have posted this as a question on the TechNet forums, but also wanted to post it here.

I have just finished another test lab deployment of Direct Access, and have noticed one interesting issue which I am trying to confirm.

In the lab I deployed the PKI part of the infrastructure quite a while ago, its a typical deployment, with an offline root and online issuing authority. They were configured to use the SHA512 for the Signature and Signature Hash algorithms. This selection might seem paranoid, but has never been an issue as all clients have been Windows 7 or higher and thus have full support.

I deployed direct access, and using basically the default settings, everything appears to be working correctly, clients could successfully connect.

I then switched to requiring computer certificates, issued a certificate to the DA Server and the test clients based upon the "Computer" template.

Clients could no longer connect. Looking at the diagnostic logs for Direct Access it appeared that the tunnels were not being established correctly. Looking at get-DAConnectivityStatus, there was definitely an issue present, with a sub status error referring to errors with remote network authentication. Nothing really appeared out of the ordinary in the client diagnostic logs or event viewer.

I went looking on the server, nothing appeared at first to point to a problem, however on inspection of the system event log, there were errors in regards to TLS:

'An TLS 1.2 connection request was recieved from a remote client application, but none of the cipher suites supported by the client application are supported by the server. The SSL connection request has failed'

So I looked around and didn't find anything out there, I couldn't see anything obvious, then it occurred to me that we are using SHA512 in our certificates.

I quickly fired up a new CA in the test environment, this time basically accepting the defaults. Reissued certificates computer certificates to the DA server and the test clients, and I am now successfully connecting.

Does anyone know of this incompatibility? is it documented anywhere? IS this known by anyone? Has anyone seen this as well?

Any more info would be great.

Comments Off | | | Print ArticlePrint Article |
tagged , , , in
Page 1 ... 2 3 4 5 6 ... 17 Next 5 Entries ยป