Thread: Ramdisk
View Single Post
  #19  
Old December 30th 19, 02:05 AM posted to alt.windows7.general,microsoft.public.windowsxp.general
Mayayana
external usenet poster
  
Posts: 6,438
Default Ramdisk
"Shadow" wrote

| RAMDisk.exe is actually a VB6 executable. The Microsoft Visual
| C# / Basic.NET / MS Visual Basic 2005,7 and 10 files appear to be the
| registration routine.
|

Yes. I know it's VB6. I think we're crossing wires here.

There's no .Net in Dataram's program. And the installer is
not .Net. It's just an MSI.
I was talking about Lessmsi being .Net. Lessmsi requires .Net
v. 4, which is not something I'm ever likely to need, so I'd
be installing probably 100s of MB of stuff I don't need (plus
the Microsoft Wix libraries) to run a very simple program
that shouldn't have any dependencies.

| As to the programs you mentioned, I have HTA and scripting
| disallowed(security), and didn't manage to download jsMSIx. I use wget
| for downloads, so I can keep a log of where I got each file.
|
| Your page seems to have mistaken it for a download manager.

Sorry about that. It will work fine if you just use
a browser. Or you can spoof the UA. (I'm surprised
you don't already do that.)

I do block a lot of downloader programs.
They tend to be very sloppily made and the people who
use them tend to just go around grabbing things. I got
tired of it once when one of them downloaded over
300 copies of a program in about 1 minute. And that
was back in the old days when traffic was expensive.

It really is amazing how little people pay attention
online. People often grab one of everything -- more stuff
than they'll ever look at. Or they "scrape" the whole site.
It's just manic consumption. My MSI Unpacker is my most
popular download. There are several options and there's
a lot of information on the webpage. But the typical time
for people to download it, from the time they load the
webpage, is 6-10 seconds. I don't know how they even
find the link that fast! Just grab and go.

It reminds me of those old TV shows where people would
win a chance to run around a supermarket and get everything
they can grab in 2 minutes. I don't know why people do that.
Maybe it's just a result of the endless possibilities online.
One link leads to another and people end up racing around.
I sometimes find myself getting strung out like that. I start
out researching something. One thing leads to another.
My search branches. At some point I have 15 webpages open,
have lost track of all the things I plan to read, and I'm starting
to get low blood sugar.

If you don't allow script or HTAs you can still use jsMSIx,
which is a standard EXE. But it's up to you. I make no
money from it. If you like Lessmsi that's fine.

It seems a shame, though, for someone as handy as you
to block those things. An HTA is just a webpage that runs
in IE with no security. Bu it does have one limitation: It
can only run locally. So you can't be tricked online. If you
click a link in IE to an HTA online you'll get a download
dialogue. And the default icon is like the generic DOS
executable icon. So it would be very hard to get tricked
by it. Similarly with VBS, someone like you can't really be
tricked into running VBS malware, such as an email attachment,
because you know it's script. The real risks are script in
webpages and script embedded in MS Office files when MS
Office is installed. And disabling .js, .vbs and .hta won't help
a bit with either of those risks.

I have 9 HTAs on my desktop, and probably 30 VBScripts.
I use them for all kinds of things. One of the most common
uses is a script I wrote to fix carriage returns in Unix files.
I can just drop a whole folder on it and it will convert all
CR characters in text files to CR LF, the normal Windows
style. Another script cleans all TEMP files. Yet another
encodes/decodes Base64. And I have a javascript
deobfuscator HTA that I wrote for parsing obfuscated
webpage code. (That's another example where there's a
popular OSS version, but it's not very good. I think it's called
something like jsBeautifier.)
Recently I wrote another HTA for automating youtube-dl, so
I don't have to deal with the tedium of a console window.
I even wrote a graphic editor as an HTA.

I make HTAs because it's so powerful, fun, and relatively
simple. Webpages can host most of the typical things that
appear in a program window: text windows, buttons, dropdown
selectors, etc. And COM gives script vast powers. Of course,
that's why IE became dangerous and it's why webpages are
no longer safe. I rarely allow script online and haven't used
IE online since 2000. But offline it's a gem of ingenuity. COM
and ActiveX were really a brilliant invention. MS just made the
mistake of trying to use it online.

That's basically why MS invented HTAs in the first place. When
they began to see that ActiveX was a disaster online it was
a problem because a lot of corporate admins were using IE
to make simple but powerful utilities to run on their networks.
So MS forked the security. They gradually started restricting
script and ActiveX in IE, while at the same time allowed HTAs
free reign. All it takes is naming a file HTA instead of HTML.
Then it ges run by mshta instead of iexplore.exe. But it's the
same thing. Both of those are just thin wrappers around an
IE browser window.


Ads