Can perform task from a .vbs file but not from an .asp file! Why?

TheMSsForum.com: The Microsoft Software Forum

Hi

I had asekd previously a question qith regards to running a DLL file from
ASP. It was not running for me. Bo error returned, nothing, Just an empty
string (when it should have not been empty). I created a .vbs file and put
it in the same directory as the .asp file on the web. The same exact code.
It runs fine. Soon as I call the asp file, it still does nothing. Would
anyone have an idea as to why the .asp has no ability to run this dll?

The dll in question will create a folder within the same directory as the
calling file. I thought it could be a permissions thing, but after creating
a new dll file to test creating folders, it had no problem doing so

I am stuck as I am not sure what else I could do to make this run from asp

Thanks

Leo
Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Leo

Leo
Fri Oct 14 12:22:37 CDT 2005

I should crlarify this a bit maybe

'----------------------Code for the VB DLL called from the ASP and VBS
files -----------------------


Private Declare Function DmfDemoEncrypt Lib "C:\Program
Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s As
String) As String

Public strEmails As String
Public strEncryptThisString As String
Public strEncryptedData As String



Public Function EncryptData(ByVal emailaddresses As String, ByVal
DataToEncrypt As String) As String



strEncryptThisString = DataToEncrypt
strEmails = emailaddresses
strEncryptedData = (DmfDemoEncrypt(strEmails,
strEncryptThisString))




EncryptData = strEncryptedData






End Function
'---------------------------- END VB
CODE--------------------------------------------


Code for the vbs file

'------------------ VBS CODE (works) -----------------------

Option Explicit




Dim WshShell,fso,cd,objRSServer,strEmails,strAll

Set WshShell = WScript.CreateObject("WScript.Shell")
Set fso = CreateObject("Scripting.FileSystemObject")


Set objRSServer = CreateObject("Encrypt.clsEncryptData")

strEmails = "email1@email.com,email2@email.com"

cd = "this is encrypted email test"



strAll = objRSServer.EncryptData(strEmails, cd)

If strAll <> "" then

Msgbox strAll
Else

msgbox "Nothing returned"
End if




'Cleanup.
Set WshShell = Nothing
Set fso = Nothing

'---------------------------------- END -----------------------


code for the ASP file (doesn't work )

'------------ ASP CODE ------------------------

<%



Set objServer = Server.CreateObject("Encrypt.clsEncryptData")


strEmails = "email1@email.com,email2@email.com"
cd = "this is a test" 'Request("Body") '"this is encrypted email
test"


strAll = objServer.EncryptData(strEmails,cd)

response.write strAll

%>

I even tried to manually specify a <!-- #include file="Encrypt.dll" --> to
no avail

The C++ dll which the VB wrapper calls to actually encrypt the data sits
somewhere in the Windows directory. Once it is called it creates a folder in
the same directory as the calling file (ASP, or VBS in this case) called
store, where it stores some encryption keys , certificates etc....


So my question would be: why can I run this VB DLL from VB or VBS files, but
not ASP?

Could it have anything to do with permissions?




















"Leo" <none@none.com> wrote in message
news:ei%23np8N0FHA.908@tk2msftngp13.phx.gbl...
> Hi
>
> I had asekd previously a question qith regards to running a DLL file from
> ASP. It was not running for me. Bo error returned, nothing, Just an empty
> string (when it should have not been empty). I created a .vbs file and put
> it in the same directory as the .asp file on the web. The same exact code.
> It runs fine. Soon as I call the asp file, it still does nothing. Would
> anyone have an idea as to why the .asp has no ability to run this dll?
>
> The dll in question will create a folder within the same directory as the
> calling file. I thought it could be a permissions thing, but after
creating
> a new dll file to test creating folders, it had no problem doing so
>
> I am stuck as I am not sure what else I could do to make this run from asp
>
> Thanks
>
> Leo
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Roland

Roland
Mon Oct 17 02:43:37 CDT 2005

"Leo" <none@none.com> wrote in message
news:%23Sd4gPO0FHA.3756@tk2msftngp13.phx.gbl...
:I should crlarify this a bit maybe
:
: '----------------------Code for the VB DLL called from the ASP and VBS
: files -----------------------
:
:
: Private Declare Function DmfDemoEncrypt Lib "C:\Program
: Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s As
: String) As String
:
: Public strEmails As String
: Public strEncryptThisString As String
: Public strEncryptedData As String
:
:
:
: Public Function EncryptData(ByVal emailaddresses As String, ByVal
: DataToEncrypt As String) As String
:
:
:
: strEncryptThisString = DataToEncrypt
: strEmails = emailaddresses
: strEncryptedData = (DmfDemoEncrypt(strEmails,
: strEncryptThisString))
:
:
:
:
: EncryptData = strEncryptedData
:
:
:
:
:
:
: End Function
: '---------------------------- END VB
: CODE--------------------------------------------
:
:
: Code for the vbs file
:
: '------------------ VBS CODE (works) -----------------------
:
: Option Explicit
:
:
:
:
: Dim WshShell,fso,cd,objRSServer,strEmails,strAll
:
: Set WshShell = WScript.CreateObject("WScript.Shell")
: Set fso = CreateObject("Scripting.FileSystemObject")
:
:
: Set objRSServer = CreateObject("Encrypt.clsEncryptData")
:
: strEmails = "email1@email.com,email2@email.com"
:
: cd = "this is encrypted email test"
:
:
:
: strAll = objRSServer.EncryptData(strEmails, cd)
:
: If strAll <> "" then
:
: Msgbox strAll
: Else
:
: msgbox "Nothing returned"
: End if
:
:
:
:
: 'Cleanup.
: Set WshShell = Nothing
: Set fso = Nothing
:
: '---------------------------------- END -----------------------
:
:
: code for the ASP file (doesn't work )
:
: '------------ ASP CODE ------------------------
:
: <%
:
:
:
: Set objServer = Server.CreateObject("Encrypt.clsEncryptData")
:
:
: strEmails = "email1@email.com,email2@email.com"
: cd = "this is a test" 'Request("Body") '"this is encrypted email
: test"
:
:
: strAll = objServer.EncryptData(strEmails,cd)
:
: response.write strAll
:
: %>
:
: I even tried to manually specify a <!-- #include file="Encrypt.dll" --> to
: no avail
:
: The C++ dll which the VB wrapper calls to actually encrypt the data sits
: somewhere in the Windows directory. Once it is called it creates a folder
in
: the same directory as the calling file (ASP, or VBS in this case) called
: store, where it stores some encryption keys , certificates etc....
:
:
: So my question would be: why can I run this VB DLL from VB or VBS files,
but
: not ASP?
:
: Could it have anything to do with permissions?
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
:
: "Leo" <none@none.com> wrote in message
: news:ei%23np8N0FHA.908@tk2msftngp13.phx.gbl...
: > Hi
: >
: > I had asekd previously a question qith regards to running a DLL file
from
: > ASP. It was not running for me. Bo error returned, nothing, Just an
empty
: > string (when it should have not been empty). I created a .vbs file and
put
: > it in the same directory as the .asp file on the web. The same exact
code.
: > It runs fine. Soon as I call the asp file, it still does nothing. Would
: > anyone have an idea as to why the .asp has no ability to run this dll?
: >
: > The dll in question will create a folder within the same directory as
the
: > calling file. I thought it could be a permissions thing, but after
: creating
: > a new dll file to test creating folders, it had no problem doing so
: >
: > I am stuck as I am not sure what else I could do to make this run from
asp

The file is probably not exposed to the account being used. If you're
supporting anonymous users then the IUSR_COMPUTERNAME needs RX rights.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Leo

Leo
Mon Oct 17 08:55:31 CDT 2005

I have been messing around with the permissions. I gave the IUSR full
permissions on the machine...nothing


"Roland Hall" <nobody@nowhere> wrote in message
news:uix%2385u0FHA.1252@TK2MSFTNGP09.phx.gbl...
> "Leo" <none@none.com> wrote in message
> news:%23Sd4gPO0FHA.3756@tk2msftngp13.phx.gbl...
> :I should crlarify this a bit maybe
> :
> : '----------------------Code for the VB DLL called from the ASP and VBS
> : files -----------------------
> :
> :
> : Private Declare Function DmfDemoEncrypt Lib "C:\Program
> : Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s
As
> : String) As String
> :
> : Public strEmails As String
> : Public strEncryptThisString As String
> : Public strEncryptedData As String
> :
> :
> :
> : Public Function EncryptData(ByVal emailaddresses As String, ByVal
> : DataToEncrypt As String) As String
> :
> :
> :
> : strEncryptThisString = DataToEncrypt
> : strEmails = emailaddresses
> : strEncryptedData = (DmfDemoEncrypt(strEmails,
> : strEncryptThisString))
> :
> :
> :
> :
> : EncryptData = strEncryptedData
> :
> :
> :
> :
> :
> :
> : End Function
> : '---------------------------- END VB
> : CODE--------------------------------------------
> :
> :
> : Code for the vbs file
> :
> : '------------------ VBS CODE (works) -----------------------
> :
> : Option Explicit
> :
> :
> :
> :
> : Dim WshShell,fso,cd,objRSServer,strEmails,strAll
> :
> : Set WshShell = WScript.CreateObject("WScript.Shell")
> : Set fso = CreateObject("Scripting.FileSystemObject")
> :
> :
> : Set objRSServer = CreateObject("Encrypt.clsEncryptData")
> :
> : strEmails = "email1@email.com,email2@email.com"
> :
> : cd = "this is encrypted email test"
> :
> :
> :
> : strAll = objRSServer.EncryptData(strEmails, cd)
> :
> : If strAll <> "" then
> :
> : Msgbox strAll
> : Else
> :
> : msgbox "Nothing returned"
> : End if
> :
> :
> :
> :
> : 'Cleanup.
> : Set WshShell = Nothing
> : Set fso = Nothing
> :
> : '---------------------------------- END -----------------------
> :
> :
> : code for the ASP file (doesn't work )
> :
> : '------------ ASP CODE ------------------------
> :
> : <%
> :
> :
> :
> : Set objServer = Server.CreateObject("Encrypt.clsEncryptData")
> :
> :
> : strEmails = "email1@email.com,email2@email.com"
> : cd = "this is a test" 'Request("Body") '"this is encrypted email
> : test"
> :
> :
> : strAll = objServer.EncryptData(strEmails,cd)
> :
> : response.write strAll
> :
> : %>
> :
> : I even tried to manually specify a <!-- #include file="Encrypt.dll" -->
to
> : no avail
> :
> : The C++ dll which the VB wrapper calls to actually encrypt the data sits
> : somewhere in the Windows directory. Once it is called it creates a
folder
> in
> : the same directory as the calling file (ASP, or VBS in this case) called
> : store, where it stores some encryption keys , certificates etc....
> :
> :
> : So my question would be: why can I run this VB DLL from VB or VBS files,
> but
> : not ASP?
> :
> : Could it have anything to do with permissions?
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> :
> : "Leo" <none@none.com> wrote in message
> : news:ei%23np8N0FHA.908@tk2msftngp13.phx.gbl...
> : > Hi
> : >
> : > I had asekd previously a question qith regards to running a DLL file
> from
> : > ASP. It was not running for me. Bo error returned, nothing, Just an
> empty
> : > string (when it should have not been empty). I created a .vbs file and
> put
> : > it in the same directory as the .asp file on the web. The same exact
> code.
> : > It runs fine. Soon as I call the asp file, it still does nothing.
Would
> : > anyone have an idea as to why the .asp has no ability to run this dll?
> : >
> : > The dll in question will create a folder within the same directory as
> the
> : > calling file. I thought it could be a permissions thing, but after
> : creating
> : > a new dll file to test creating folders, it had no problem doing so
> : >
> : > I am stuck as I am not sure what else I could do to make this run from
> asp
>
> The file is probably not exposed to the account being used. If you're
> supporting anonymous users then the IUSR_COMPUTERNAME needs RX rights.
>
> --
> Roland Hall
> /* This information is distributed in the hope that it will be useful, but
> without any warranty; without even the implied warranty of merchantability
> or fitness for a particular purpose. */
> Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
> WSH 5.6 Documentation -
http://msdn.microsoft.com/downloads/list/webdev.asp
> MSDN Library - http://msdn.microsoft.com/library/default.asp
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Roland

Roland
Mon Oct 17 13:50:56 CDT 2005

"Leo" wrote in message news:%23WaNxJy0FHA.1032@TK2MSFTNGP12.phx.gbl...
:I have been messing around with the permissions. I gave the IUSR full
: permissions on the machine...nothing

Please post after my responses, not before them.

It's a really bad idea to give everyone on the planet full rights to your
system. This .dll is in the %systemroot%\system32 folder. Have you checked
the effective rights of the IUSR_COMPUTERNAME in that folder and have you
verified this is the user being used to access the .dll file? Is there a
reason this file needs to be in this folder?

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Leo

Leo
Mon Oct 17 14:45:08 CDT 2005

This is my personal development machine Roland, so I do not care about the
permissions. It will be a different story when it gets deployed. Plus it was
for troubleshooting purposes

The IUSR has access to that folder. What I managed to do so far was to run
the VB app from IDE. Then run my ASP page. It works great. But when I
compile the App into a DLL and run my ASP page, it still returns
nothing....!?!?!



"Roland Hall" <nobody@nowhere> wrote in message
news:eTNQ2u00FHA.2884@TK2MSFTNGP09.phx.gbl...
> "Leo" wrote in message news:%23WaNxJy0FHA.1032@TK2MSFTNGP12.phx.gbl...
> :I have been messing around with the permissions. I gave the IUSR full
> : permissions on the machine...nothing
>
> Please post after my responses, not before them.
>
> It's a really bad idea to give everyone on the planet full rights to your
> system. This .dll is in the %systemroot%\system32 folder. Have you
checked
> the effective rights of the IUSR_COMPUTERNAME in that folder and have you
> verified this is the user being used to access the .dll file? Is there a
> reason this file needs to be in this folder?
>
> --
> Roland Hall
> /* This information is distributed in the hope that it will be useful, but
> without any warranty; without even the implied warranty of merchantability
> or fitness for a particular purpose. */
> Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
> WSH 5.6 Documentation -
http://msdn.microsoft.com/downloads/list/webdev.asp
> MSDN Library - http://msdn.microsoft.com/library/default.asp
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Roland

Roland
Mon Oct 17 15:13:13 CDT 2005

"Leo" wrote in message news:eLQ3IN10FHA.3256@TK2MSFTNGP09.phx.gbl...
: This is my personal development machine Roland, so I do not care about the
: permissions.

I won't debate the security issue anymore other than to say if you're on the
internet and anyone can access your web server and the anonymous user has
full access, you're immediately at risk. Enough said.

: It will be a different story when it gets deployed. Plus it was
: for troubleshooting purposes

Noted.

: The IUSR has access to that folder. What I managed to do so far was to run
: the VB app from IDE. Then run my ASP page. It works great. But when I
: compile the App into a DLL and run my ASP page, it still returns
: nothing....!?!?!

Have you tried using FileMon from SysInternals to see what's really
happening and are you getting anything in your logs?

What does the ASP page do if it's not calling the .dll file? I don't see
the apples-apples comparison. What am I missing?

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp



Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Roland

Roland
Wed Oct 19 03:29:28 CDT 2005

"Leo" wrote in message news:uBuFR%23%230FHA.3188@TK2MSFTNGP14.phx.gbl...
: What the asp page does is:
:
: passes two strings to the DLL function and the DLL returns an encrypted
: string that looks like this:
:
: MIIHxgYJKoZIhvcNAQcDoIIHtzCCB7MCAQAxggJqMIIBMQIBADCBtDCBrjGBqzCB
: qAYDVQQpE4GgTUhZd0RBWUtZSVpJQVliOUhnSUJBUXdnWkdWMlpXeHZjR1Z5TG5a
: dmJIUmhaMlV1WTI5dEl6RXdPRFEwTURBMk5qUXdSREFhREFsdWIzUkNaV1p2Y21V
: RURUQTFNRGt5T0RBd01EQXdNRm93Smd3Q2FXUUVJR1J0Wm5OMWNIQnZjblJBWkdW
: MlpXeHZjR1Z5TG5admJIUmhaMlV1WTI5dAIBATAPBgtghkgBhv0eAQECAQUABGSG
: amqBJbkwyp11m/uzAghdUz2wJyvg8CgPTaIW+rFd+BraqpLuBXd3pOWRxRmO+YiG
: KkvZu8WIXOO/tUBL/isWp7t27LAGEa62TcQooqd9cIEWe3usqh9DndjogpnMRQiw
: MGSNMIIBMQIBADCBtDCBrjGBqzCBqAYDVQQpE4GgTUhRd0RBWUtZSVpJQVliOUhn
: SUJBUXdnWkdWMlpXeHZjR1Z5TG5admJIUmhaMlV1WTI5dEl6RXdPRFEwTURBMk5q
: UXdRakFhREFsdWIzUkNaV1p2Y21VRURUQTFNRGt5TlRBd01EQXdNRm93SkF3Q2FX
: UUVIbU4xYzNSdmJXVnlRR1JsZG1Wc2IzQmxjaTUyYjJ4MFlXZGxMbU52YlE9PQIB
: ATAPBgtghkgBhv0eAQECAQUABGQGtVLM2jPFyyTbPhctVJstniLUl0G2MONK8TMy
: pJ+EU48CQjMXy9q63UlbmdpoSrl/RLGiiVPaeuPLPT+3mJX183270afmqofXiiCb
: I2U8lEeoBgiInPCku6ocZYbxuiOCJ+XfMIIFPgYJKoZIhvcNAQcBMB0GCWCGSAFl
: AwQBAgQQebMQjWsqfmvLMIUQJvn9/oCCBRAl6xTc/osR/Fn2emiI/zNXz+VTAKUv
: kKfJdFSdakgwoq8E0Z37rZFEcjjt2hy14293jEgLWKEdOc0/Fshrx3hLry/0Ohyq
: /Tnd3Hksirms9k6DOCevDE0J9cROPIaFwz/39byZlHOfrGxZHcCOAx5jgBx2WQmc
: sJSrz/DeqRIrHSfcOl+V6724mx3jUl8FAIGJ8rZ4L6hPb2Ezih3rVMecB65SZwtP
: 3RPgDxFQfMu7nw0eElMJHorDmQMImBPfECNzPxrdDYX5rmZLAWTLbP6OVOzBYVIg
: bwGerfIR2N0FXXJz/grLsRkDsB1XwlOrv8iQLNUVJbNi6QFyUkefylWhT52CQTIU
: redmhYIWjQzS4LZwoApe/Ksgq4/BCC2+HaDSaq8Aw1wlj/I3TnFXhpVqU5Vnpec0
: pkKsVXLPgJIOMKPtAXSUVuKKNk9ylNUR+Xet3n4ljPxBj0E5jM4DcFdl5UPOMTG+
: Cj56Q80EPUfxl7jpchoiMQV2IiqtiTd7eIitX3txd2dSxu6TDGLx2qCuJnbNKtsA
: zI7Gy8f2OR55EOwhwmDBl0P7EDAp+a78A2Fa5u4Luuq7XGLXHrnulioX6ywjd3oA
: VYon9w9KhiCuPQ0Mv2OXF/cx+Zv2fylslFvsPdPVsu0KxKUePUWv1TMbYpSFwjjx
: RU4CMP6O38WtA1m7U91TizGxttngTSaX62Ha7WrqGNX9dDxp
:
: I used the Filemon tool but it's not giving me anything weird I can
: troubleshoot

It's not supposed to give you anything weird. We're looking for the calls
to access the files. I'm concerned with the C++ dll being accessed when
called from the wrapper while running from ASP.

What are the rights to this folder? C:\Program Files\Samples\Simple\
Have you tried removing the anonymous user access and running this at
http://localhost/ to eliminate the anonymous user permissions being the
issue?
You said the C++ dll resides somewhere under the windows directory. Isn't
this the C++ dll?
Private Declare Function DmfDemoEncrypt Lib "C:\Program
Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s As
String) As String

BTW... rights only apply when they are inherited, if not specifically set.
Adding a user to a group requires that group having access to be effective.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Roland

Roland
Wed Oct 19 03:30:31 CDT 2005

What encryption method is being used?

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Leo

Leo
Wed Oct 19 08:26:00 CDT 2005

It is proprietary, from a company called Voltage. Their whole encryption
algorithms are based on Identity-Based Encryption (IBE).

What they have is a API documentation, but it was geared more towards
integration with applications than with the web. It's actually written in C
(but they claim C++). They provided me with a sample of a program that
encrypts a document, but then I modified it to encrypt emails.




"Roland Hall" <nobody@nowhere> wrote in message
news:%234KRfdI1FHA.2924@TK2MSFTNGP15.phx.gbl...
> What encryption method is being used?
>
> --
> Roland Hall
> /* This information is distributed in the hope that it will be useful, but
> without any warranty; without even the implied warranty of merchantability
> or fitness for a particular purpose. */
> Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
> WSH 5.6 Documentation -
http://msdn.microsoft.com/downloads/list/webdev.asp
> MSDN Library - http://msdn.microsoft.com/library/default.asp
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Leo

Leo
Wed Oct 19 08:35:57 CDT 2005


> It's not supposed to give you anything weird. We're looking for the calls
> to access the files. I'm concerned with the C++ dll being accessed when
> called from the wrapper while running from ASP.
You are right. I meant I cannot see any big diffeence when running the
wrapper from the VB IDE or the DLL as far as
accessing files. The only obvious difference is that when running from the
VB IDE it's VB6.exe that invokes the calls to the DLL, and when running as
a compiled DLL, it's DLLHOST.exe that is doing the loading of the files. I
ran Process Viewer from Microsoft, and it shows both files loaded when I
call
the DLL (both my wrapper dll and the encryption DLL). I just am not sure if
permissions are still the issue.

>
> What are the rights to this folder? C:\Program Files\Samples\Simple\
> Have you tried removing the anonymous user access and running this at
> http://localhost/ to eliminate the anonymous user permissions being the
> issue?
There is no anonymous user for that folder or virtual directory. What it is
there's an IUSR with full control (again for testing purposes), then users
and administrators and everyone groups


> You said the C++ dll resides somewhere under the windows directory. Isn't
> this the C++ dll?
I put it under C:\Windows\System32, just to exclude the path from my wrapper
dll


> Private Declare Function DmfDemoEncrypt Lib "C:\Program
> Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s As
> String) As String
>
> BTW... rights only apply when they are inherited, if not specifically set.
> Adding a user to a group requires that group having access to be
effective.
I added IUSR to the adminnistrators group. I guess that should give it
enough rights (lol). I mean this is on my development machine and I have
broken every security rule with regards to user rights so far
but I do not care, since it's not going beyond my machine at this point.




"Roland Hall" <nobody@nowhere> wrote in message news:uyci7cI1FHA.700@TK2MSFT
NGP10.phx.gbl...
> "Leo" wrote in message news:uBuFR%23%230FHA.3188@TK2MSFTNGP14.phx.gbl...
> : What the asp page does is:
> :
> : passes two strings to the DLL function and the DLL returns an encrypted
> : string that looks like this:
> :
> : MIIHxgYJKoZIhvcNAQcDoIIHtzCCB7MCAQAxggJqMIIBMQIBADCBtDCBrjGBqzCB
> : qAYDVQQpE4GgTUhZd0RBWUtZSVpJQVliOUhnSUJBUXdnWkdWMlpXeHZjR1Z5TG5a
> : dmJIUmhaMlV1WTI5dEl6RXdPRFEwTURBMk5qUXdSREFhREFsdWIzUkNaV1p2Y21V
> : RURUQTFNRGt5T0RBd01EQXdNRm93Smd3Q2FXUUVJR1J0Wm5OMWNIQnZjblJBWkdW
> : MlpXeHZjR1Z5TG5admJIUmhaMlV1WTI5dAIBATAPBgtghkgBhv0eAQECAQUABGSG
> : amqBJbkwyp11m/uzAghdUz2wJyvg8CgPTaIW+rFd+BraqpLuBXd3pOWRxRmO+YiG
> : KkvZu8WIXOO/tUBL/isWp7t27LAGEa62TcQooqd9cIEWe3usqh9DndjogpnMRQiw
> : MGSNMIIBMQIBADCBtDCBrjGBqzCBqAYDVQQpE4GgTUhRd0RBWUtZSVpJQVliOUhn
> : SUJBUXdnWkdWMlpXeHZjR1Z5TG5admJIUmhaMlV1WTI5dEl6RXdPRFEwTURBMk5q
> : UXdRakFhREFsdWIzUkNaV1p2Y21VRURUQTFNRGt5TlRBd01EQXdNRm93SkF3Q2FX
> : UUVIbU4xYzNSdmJXVnlRR1JsZG1Wc2IzQmxjaTUyYjJ4MFlXZGxMbU52YlE9PQIB
> : ATAPBgtghkgBhv0eAQECAQUABGQGtVLM2jPFyyTbPhctVJstniLUl0G2MONK8TMy
> : pJ+EU48CQjMXy9q63UlbmdpoSrl/RLGiiVPaeuPLPT+3mJX183270afmqofXiiCb
> : I2U8lEeoBgiInPCku6ocZYbxuiOCJ+XfMIIFPgYJKoZIhvcNAQcBMB0GCWCGSAFl
> : AwQBAgQQebMQjWsqfmvLMIUQJvn9/oCCBRAl6xTc/osR/Fn2emiI/zNXz+VTAKUv
> : kKfJdFSdakgwoq8E0Z37rZFEcjjt2hy14293jEgLWKEdOc0/Fshrx3hLry/0Ohyq
> : /Tnd3Hksirms9k6DOCevDE0J9cROPIaFwz/39byZlHOfrGxZHcCOAx5jgBx2WQmc
> : sJSrz/DeqRIrHSfcOl+V6724mx3jUl8FAIGJ8rZ4L6hPb2Ezih3rVMecB65SZwtP
> : 3RPgDxFQfMu7nw0eElMJHorDmQMImBPfECNzPxrdDYX5rmZLAWTLbP6OVOzBYVIg
> : bwGerfIR2N0FXXJz/grLsRkDsB1XwlOrv8iQLNUVJbNi6QFyUkefylWhT52CQTIU
> : redmhYIWjQzS4LZwoApe/Ksgq4/BCC2+HaDSaq8Aw1wlj/I3TnFXhpVqU5Vnpec0
> : pkKsVXLPgJIOMKPtAXSUVuKKNk9ylNUR+Xet3n4ljPxBj0E5jM4DcFdl5UPOMTG+
> : Cj56Q80EPUfxl7jpchoiMQV2IiqtiTd7eIitX3txd2dSxu6TDGLx2qCuJnbNKtsA
> : zI7Gy8f2OR55EOwhwmDBl0P7EDAp+a78A2Fa5u4Luuq7XGLXHrnulioX6ywjd3oA
> : VYon9w9KhiCuPQ0Mv2OXF/cx+Zv2fylslFvsPdPVsu0KxKUePUWv1TMbYpSFwjjx
> : RU4CMP6O38WtA1m7U91TizGxttngTSaX62Ha7WrqGNX9dDxp
> :
> : I used the Filemon tool but it's not giving me anything weird I can
> : troubleshoot
>
> It's not supposed to give you anything weird. We're looking for the calls
> to access the files. I'm concerned with the C++ dll being accessed when
> called from the wrapper while running from ASP.
>
> What are the rights to this folder? C:\Program Files\Samples\Simple\
> Have you tried removing the anonymous user access and running this at
> http://localhost/ to eliminate the anonymous user permissions being the
> issue?
> You said the C++ dll resides somewhere under the windows directory. Isn't
> this the C++ dll?
> Private Declare Function DmfDemoEncrypt Lib "C:\Program
> Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s As
> String) As String
>
> BTW... rights only apply when they are inherited, if not specifically set.
> Adding a user to a group requires that group having access to be
effective.
>
> --
> Roland Hall
> /* This information is distributed in the hope that it will be useful, but
> without any warranty; without even the implied warranty of merchantability
> or fitness for a particular purpose. */
> Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
> WSH 5.6 Documentation -
http://msdn.microsoft.com/downloads/list/webdev.asp
> MSDN Library - http://msdn.microsoft.com/library/default.asp
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Patrice

Patrice
Wed Oct 19 08:41:09 CDT 2005

Don't you have any syntax error ? AFAIK Declare Function is not supported in
VBSCript... IMO you'll have to expose this DLL function through a COM
object...

--
Patrice

"Leo" <none@none.com> a écrit dans le message de
news:eLQ3IN10FHA.3256@TK2MSFTNGP09.phx.gbl...
> This is my personal development machine Roland, so I do not care about the
> permissions. It will be a different story when it gets deployed. Plus it
was
> for troubleshooting purposes
>
> The IUSR has access to that folder. What I managed to do so far was to run
> the VB app from IDE. Then run my ASP page. It works great. But when I
> compile the App into a DLL and run my ASP page, it still returns
> nothing....!?!?!
>
>
>
> "Roland Hall" <nobody@nowhere> wrote in message
> news:eTNQ2u00FHA.2884@TK2MSFTNGP09.phx.gbl...
> > "Leo" wrote in message news:%23WaNxJy0FHA.1032@TK2MSFTNGP12.phx.gbl...
> > :I have been messing around with the permissions. I gave the IUSR full
> > : permissions on the machine...nothing
> >
> > Please post after my responses, not before them.
> >
> > It's a really bad idea to give everyone on the planet full rights to
your
> > system. This .dll is in the %systemroot%\system32 folder. Have you
> checked
> > the effective rights of the IUSR_COMPUTERNAME in that folder and have
you
> > verified this is the user being used to access the .dll file? Is there
a
> > reason this file needs to be in this folder?
> >
> > --
> > Roland Hall
> > /* This information is distributed in the hope that it will be useful,
but
> > without any warranty; without even the implied warranty of
merchantability
> > or fitness for a particular purpose. */
> > Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
> > WSH 5.6 Documentation -
> http://msdn.microsoft.com/downloads/list/webdev.asp
> > MSDN Library - http://msdn.microsoft.com/library/default.asp
> >
> >
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Leo

Leo
Wed Oct 19 09:43:37 CDT 2005

Which is why I am using the wrapper. What the VB DLL does should be
irrelevant to the ASP request, as long as ASP gets a string back. So in this
case I have the VB DLL doing the work.

The DLL function you suggest should be exposed, are you saying the C++
encryption function should be exposed (if you have been reading the posts
that is). The VB DLL is a com object





"Patrice" <nobody@nowhere.com> wrote in message
news:Oe8ZFLL1FHA.1252@TK2MSFTNGP09.phx.gbl...
> Don't you have any syntax error ? AFAIK Declare Function is not supported
in
> VBSCript... IMO you'll have to expose this DLL function through a COM
> object...
>
> --
> Patrice
>
> "Leo" <none@none.com> a écrit dans le message de
> news:eLQ3IN10FHA.3256@TK2MSFTNGP09.phx.gbl...
> > This is my personal development machine Roland, so I do not care about
the
> > permissions. It will be a different story when it gets deployed. Plus it
> was
> > for troubleshooting purposes
> >
> > The IUSR has access to that folder. What I managed to do so far was to
run
> > the VB app from IDE. Then run my ASP page. It works great. But when I
> > compile the App into a DLL and run my ASP page, it still returns
> > nothing....!?!?!
> >
> >
> >
> > "Roland Hall" <nobody@nowhere> wrote in message
> > news:eTNQ2u00FHA.2884@TK2MSFTNGP09.phx.gbl...
> > > "Leo" wrote in message news:%23WaNxJy0FHA.1032@TK2MSFTNGP12.phx.gbl...
> > > :I have been messing around with the permissions. I gave the IUSR full
> > > : permissions on the machine...nothing
> > >
> > > Please post after my responses, not before them.
> > >
> > > It's a really bad idea to give everyone on the planet full rights to
> your
> > > system. This .dll is in the %systemroot%\system32 folder. Have you
> > checked
> > > the effective rights of the IUSR_COMPUTERNAME in that folder and have
> you
> > > verified this is the user being used to access the .dll file? Is
there
> a
> > > reason this file needs to be in this folder?
> > >
> > > --
> > > Roland Hall
> > > /* This information is distributed in the hope that it will be useful,
> but
> > > without any warranty; without even the implied warranty of
> merchantability
> > > or fitness for a particular purpose. */
> > > Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
> > > WSH 5.6 Documentation -
> > http://msdn.microsoft.com/downloads/list/webdev.asp
> > > MSDN Library - http://msdn.microsoft.com/library/default.asp
> > >
> > >
> >
> >
>
>


Top

Re: Can perform task from a .vbs file but not from an .asp file! Why? by Roland

Roland
Sat Oct 22 03:32:55 CDT 2005

"Leo" wrote in message news:%23Gw1KIL1FHA.3568@TK2MSFTNGP15.phx.gbl...
:
: > What are the rights to this folder? C:\Program Files\Samples\Simple\
: > Have you tried removing the anonymous user access and running this at
: > http://localhost/ to eliminate the anonymous user permissions being the
: > issue?
: There is no anonymous user for that folder or virtual directory. What it
is
: there's an IUSR with full control (again for testing purposes), then users
: and administrators and everyone groups

IUSR is the anonymous user. You have to disable it for the web site to test
effectively unless you can prove the user being used is not the anonymous
user.

: > You said the C++ dll resides somewhere under the windows directory.
Isn't
: > this the C++ dll?
: I put it under C:\Windows\System32, just to exclude the path from my
wrapper
: dll

And putting it [the dll file] under the %systemroot%\system32 won't help if
the code still tells it to look elsewhere.

: > Private Declare Function DmfDemoEncrypt Lib "C:\Program
: > Files\Samples\Simple\email_encrypt.dll" (ByVal email As String, ByVal s
As
: > String) As String
: >
: > BTW... rights only apply when they are inherited, if not specifically
set.
: > Adding a user to a group requires that group having access to be
: effective.
: I added IUSR to the adminnistrators group. I guess that should give it
: enough rights (lol).

No, it doesn't. That is not how file system security works. NO ACCESS
overrides all other rights. And, if a user is part of any group, INCLUDING,
Admin/Domain Admin, THAT group has to have rights to that folder. The Admin
group is just a name, like any other, but has full rights IF and ONLY IF,
that group is present for a particular folder/file or inherited rights,
meaning listed, in the file system security. What you should ALWAYS do, is
verify the groups the user has access to and then look at the effective
rights. That tells you if the user really has access, no matter which group
they're in.

Ex. If you break inherited rights, which is usually what I do for one-off
folders, and you set MYSECRET group as having full access, and THEN put the
anonymous user in the Administrator's group, the anonymous user will not
have access rights to that folder or anything beneath it. You would have to
add the anonymous user to the MYSECRET group or give the Administrator's
group full rights to that folder, explicitly.

I mean this is on my development machine and I have
: broken every security rule with regards to user rights so far
: but I do not care, since it's not going beyond my machine at this point.

I would disagree with that assessment if you have any accounts that have
rights to other systems and in the very least is could be compromised and
used to attack others but that's not our main focus here now.

--
Roland Hall
/* This information is distributed in the hope that it will be useful, but
without any warranty; without even the implied warranty of merchantability
or fitness for a particular purpose. */
Technet Script Center - http://www.microsoft.com/technet/scriptcenter/
WSH 5.6 Documentation - http://msdn.microsoft.com/downloads/list/webdev.asp
MSDN Library - http://msdn.microsoft.com/library/default.asp


Top