What
i really don’t like in Websense is that endpoint client is not
customizable. Ui and Stealth like black and white have pros and cons
in both variants. Unfortunately there is no chance to disable one
part in program without exe file modification. While all our requests
are dropping in their Feature request list, lets figure out what we
can theoretically do. Yeah, I aware about license agreement and
product modification and so on, but that mod actually is good for
our lab environment.
Let's
pretend that we have a task to hide something from tray icon menu.
As you may know, right click on Websense shield shows menu with three
options: Websense Endpoint, Set Encryption Password and Log Viewer,
and Set Encryption option needs to be disabled.
First
step is make a copy of Dserui (endpoint client executable) to the
different location and open in your favorite disassembler. Fast
browsing through shows that all strings are accessible. And there
isn't any protection or controls from modification. In our case it's
a
This
is not a lesson which way to use for disabling that part. As an
example here, I’m going to use recourse extractor.
Here,
we just need to cut “MENUITEM "Set Encryption Password",
32781" string and that's it. Stop a service and replace file.
Now we have beautiful picture without option for user Set Encryption
Password.
Automation
process for replacing many clients also can be such simple without
creating new installation package with modified executable. As a
fastest approach you can use differential patcher, it will create
small executable with necessary changes.
Regards,
Aleh
No comments:
Post a Comment