Jump to content


Photo

pirana.exe starting from somewhere in the %TEMP% folder

pirana windows

  • Please log in to reply
5 replies to this topic

#1 evasive

evasive

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 15 August 2019 - 08:01 AM

I have a challenge. I see after launching pirana.exe form the installed folder under C:\Progrma Files it is spawning anohter pirana.exe process from the %TEMP%\<random_subfolder\<random_subfolder>

 

This is not acceptable for our IPS/security team. Is there a way to make that second process start from a defided folder? Otherwise the second process will be blocked by whatever anti-malware/anti-virus/anti-ransomware that is being used in the organization. So far this has not been an issue as we were running it virtualized in App-V. But now we have a system where it needs to be run physically installed and we run into this issue.



#2 Simon Davis

Simon Davis

    Advanced Member

  • Administrators
  • 1,109 posts

Posted 21 August 2019 - 06:06 PM

Hi I spoke with with one of the developers and what he thinks is happening is that the pirana in "TEMP" is just the Perl interpreter running the pirana.pl script. Remember that (on Windows) Pirana is distributed as an executable. That executable is just a self-expanding zip-package, that includes the Pirana Perl scripts, the required Perl packages, and the Perl interpreter. When the user starts pirana.exe, it expands those things (probably in "TEMP"), and then starts the Perl interpreter to run the pirana.pl script. This is for example why the first time you start pirana.exe on Windows it takes 5-10 seconds longer, as it needs to decompress these files.

 

So he's not sure what to recommend. could your IT group add an exception for Pirana in the AV software? run Pirana from source?

 

If your IT group needs more help/information then let me know when they would be available, EU afternoon would most likely work best with the timezones.

 Simon.


Edited by Simon Davis, 21 August 2019 - 06:07 PM.


#3 evasive

evasive

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 26 August 2019 - 05:49 AM

 

 

When the user starts pirana.exe, it expands those things (probably in "TEMP"), and then starts the Perl interpreter to run the pirana.pl script. 

 

So the question is, is there any control over where this extraction is done? If so I can ask the IT department to maken an exception for that folder, just as long as it is consistently unpacking in that folder.



#4 evasive

evasive

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 26 August 2019 - 01:35 PM

as for running from source, I am hired to make this application land on windows client machines, if there's a description on how to make that happen I'm all ears.



#5 Keith Nieforth

Keith Nieforth

    Newbie

  • Members
  • Pip
  • 2 posts

Posted 28 August 2019 - 04:25 PM

Hi,

 

This can be accomplished by setting the environment variables PAR_GLOBAL_TEMP and/or PAR_TEMP to a folder of your preference.

 

Please see this thread: https://www.perlmonks.org/?node_id=709846. This seems to do exactly what you want (we also use PAR::Packer to compile the Pirana executable on Windows).

 

Please note that you can't set the PAR_GLOBAL_TMP folder to the same folder as where you are running Pirana from (probably C:\Program Files x86), since that will probably overwrite pirana.exe. 

 

On a windows machine from the command line you can run:

 

set PAR_GLOBAL_TEMP=C:\test

pirana.exe

 

This will create the specified folder (if it doesn't exist yet), and run Pirana from that folder instead of from the TEMP folder. Of course you can also set the environment variables from the system settings window, and then run Pirana from a shortcut or start menu, it doesn’t have to be run from the console. 

 

Best Regards,

 

Keith


  • Simon Davis likes this

#6 evasive

evasive

    Newbie

  • Members
  • Pip
  • 4 posts

Posted 02 September 2019 - 09:48 AM

Keith,

 

This is EXACTLY what I needed.

 

THANK YOU!  :)

 

 

Best regards,

Edwin


  • Simon Davis likes this





Also tagged with one or more of these keywords: pirana, windows

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users