Microsoft has released a new patch for Internet Explorer. According to the Microsoft Security Advisory, the reason for the out-of-band release was that the vulnerability described in CVE-2010-0806, “Uninitilized Memory Corruption Vulnerability”, was being widely seen in the wild.
On March 10th the exploit was added to the MetaSploit Framework, and instructions on how to use the exploit immediately being spread on many hacker boards. It was first seen on the replacement for Milw0rm, XpltDB: Exploit-DB.com.
You can find some more info at Gary Warner’s blog (from where I got the news) or at Rec-Sec.com.
(more…)
From CyberCrime & Doing Time:
The Energizer DUO, a USB-powered battery recharger, was confirmed on Friday by Energizer Holdings to contain malicious code. According to this Energizer Press Release, they were notified by the CERT Coordination Center that the Windows software that ships with their DUO Charger “contains a vulnerability”.
(more…)
Under certain circumstances you may want to allow only one instance of your applications. How do I do that in C#? Well, it is fairly easy. Start by creating a Windows Forms Application.
Include the following Namespace:
using System.Runtime.InteropServices;
Just wrap the following code around the Application.Run() call and there you go:
Process[] runningProcesses = Process.GetProcessesByName("Project1");
if (runningProcesses.Length == 1)
{
Application.Run(new Form1());
}
yuki requested a post on how to backup my SVN repositories. Well, here you are :)
Dumping repositories with the help of Scheduled Tasks under Windows or the Cron Daemon under Linux isn’t as complicated as you might think. Of course there are caveats, and regular things that you have to take an eye on, but in the end you’ll have an reliable solution that fit your needs.
(more…)
I regularly use the remote desktop protocol. This is somehow unavoidable if you’re maintaining several Windows server and other client machines. Linux has an excellent client implementation of it, and I now use it more often than the Windows client.
(more…)
In my opinion Subversion is a great tool and by now essential in a development process. In the company where I am working at, Subversion is used only by a small number of developers who are committing their work regularly. Everybody knows who is working on which part of the project. But having an increasing number of contributors (OpenSource projects for example) traditional repository usage can be a pain in the ass. This is where patches come in to hand.
What is a patch? A patch is a text file that contains the alteration that were made to a specific file. It includes the lines that have been removed, added or modified. In short, if you have a script and edited it, you could create a patch file containing the changes you’ve made.
What’s the point of this? For example, if you want to contribute code changes to a project where you don’t have write access to it you would post your patch file to a ticket system or such. Someone will then review your changes before actually committing them.
(more…)
Some time ago I wondered if it is possible to build a Windows service from scratch using Visual Studio 2008. I started with a Console Application and added basic service functionality by hand. I found a lot of search results when trying to find something useful on the net but I came up with my own implementation.
The following article will cover what you need to do to convert a Console Application into a Windows Service and install it. I used Visual Studio 2008, but it should also work with older Editions like VS 2003 & VS 2005.
(more…)
I really like to hack commands into console windows but when using Subversion excessively I rather use a good and stable client GUI. But no matter if you’re using a GUI or the command line client it is recommended to configure everything properly.
(more…)
While using and maintaining Subversion repositories on a Windows Server I quickly felt the need for hook scripts that do some work before and after committing changes to a repository. This is fairly easy on a Unix or Linux based system where you can use the power of shell scripts, but on a Windows based OS this might be a little more challenging.
The SVN Book unfortunately isn’t much helpful on this and even searching for existing (Windows) hook scripts on the net isn’t very fertile. Apparently.
Try searching for example “pre-commit.bat” including the quotation marks.
That will at least yield in to something useful to work with. The examples I’ve found were very mixed up and usually buggy.
But good news are that you can use almost everything that is executable for hook scripts. Batch files are the most common practice but you can also use WSH scripts, Perl, Python and even compiled code.
After studying the existing scripts I realized that it’s not that difficult to get a batch file to work with the Subversion server. You’ll just have to be careful on some things.
(more…)
It’s not unusual that I sometimes need to create unique keys. GUIDs are great but they can get really long. Sometimes I just need simple (shorter) unique keys. For example when I send a request to my web application there’s an ID that correlates my request with the transaction. A GUID isn’t what I’d want here.
I often see techniques that use sequential IDs of appropriate size as they will guarantee uniqueness. Easy and simple! But not secure in any way. Anyone could easily brute force sequential IDs to retrieve records from a database.
(more…)
