Ubikuity.net Web application developer

28 December 2016

Publish your tweets on your blog first

Filed under: Tweets — John Ubikuity @ 0:46

Publish your tweets on you blog first! Then automate the copy to Twitter: no untrusted URL shortener & free backup

31 March 2016

Revising the course Hack Yourself First and insert Tesla Model S

Filed under: Programming — John Ubikuity @ 0:49

Last year, I had the chance to attend one of the excellent workshop “Hack Yourself First” presented by Troy Hunt: http://www.troyhunt.com/2016/02/more-europe-even-more-again-and-more.html

Now it’s time to practice again by using the (very simple) tool Havij and use the dedicated and deliberately vulnerable website http://hackyourselffirst.troyhunt.com/

To celebrate the unveiling of Tesla new car, I just played a little with Havij and I updated an existing car with Tesla Model S P90D characteristics: http://hackyourselffirst.troyhunt.com/Supercar/8

I guess the changes will be reverted soon, so I took a screenshot:

Sans titre3

Sans titre2

Just for reference, here is the SQL script I used:

UPDATE Make SET name=’Tesla Motors’ WHERE MakeId=8;
UPDATE Supercar SET Cylinders=’V0′ WHERE SupercarId=8;
UPDATE Supercar SET Description=’Model S acceleration is instantaneous, silent and smooth’ WHERE SupercarId=8;
UPDATE Supercar SET EngineCc=0 WHERE SupercarId=8;
UPDATE Supercar SET EngineLayout=’Dual electric motor’ WHERE SupercarId=8;
UPDATE Supercar SET Model=’Tesla Model S P90D’ WHERE SupercarId=8;
UPDATE Supercar SET PowerKw=568 WHERE SupercarId=8;
UPDATE Supercar SET TopSpeedKm=250 WHERE SupercarId=8;
UPDATE Supercar SET TorqueNm=967 WHERE SupercarId=8;
UPDATE Supercar SET WeightKg=2200 WHERE SupercarId=8;
UPDATE Supercar SET ZeroToOneHundredKmInSecs=2.8 WHERE SupercarId=8;

Some of the other attendees created a blog post to summarize what we learned at the workshop:

3 November 2015

U2F (Yubikey) support in Firefox

Filed under: Resolved bugs — Tags: , , — John Ubikuity @ 10:24

Unfortunately at the moment (2015-11-03), U2F protocol is still not officially supported in Mozilla Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1065729

U2F protocol is mainly promoted by Yubico company (who is selling Yubikeys)

Finally, Firefox 57 (called Quantum) supports U2F protocol but for the moment (2017-12-17) it’s not enabled by default. Here is how to enable it:

  • Type about:config into the Firefox browser.
  • Search for “u2f”.
  • Double click on security.webauth.u2f to enable U2F support (the value should be set to “true“)

Source: https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/

22 May 2015

Emprunter l’identité d’un autre utilisateur en ASP.NET

Filed under: ASP.NET — Tags: , — John Ubikuity @ 17:06

Lors des phases de test/recette, il est souvent utile de pouvoir se connecter en tant qu’un autre utilisateur sur une application, par exemple pour vérifier que les permissions et les différents rôles de l’application fonctionnent correctement.

Dans mon cas, j’avais besoin de pouvoir emprunter l’identité d’un autre utilisateur sur une application Intranet ASP.NET MVC dont le mécanisme d’authentification est de type Windows NTLM (<authentication mode="Windows" />)

La solution que j’ai trouvé est de créer un cookie qui contient le nom du compte utilisateur que je veux revêtir (“impersonation”).
Puis à chaque chargement de page (Global.asax.cs), l’application examine la présence de ce cookie afin de changer à la volée l’utilisateur connecté (HttpContext.Current.User).

Evidemment, pour des raisons de sécurité et d’auditabilité, il faut désactiver ce mécanisme sur l’application en Production.

Voici le code qui permet de faire cela et que j’ai publié sur GitHub : https://github.com/ubikuity/impersonate-windows-user-aspnet
Détails de l’implémentation : https://github.com/ubikuity/impersonate-windows-user-aspnet/commit/ed660effc08f2a89ed621b62bbda6b71e72a6e3e

1 June 2014

List of neighboring states for each US state

Filed under: Programming — John Ubikuity @ 22:41

I was searching for a list of neighboring/bordering/adjacent states for each USA state.

I wasn’t able to find any open data, so I decided to create my own list using the following sources:

=> Feel free to verify, contribute and reuse my file: neighbors-states.csv

Notes:

  • The SQL script was created for SQL Server 2008.

Possible improvements:

  • Add a column called “IsApproximativeNeighbor” in the table “NeighborStates” to define properly the relation between Alaska and Washington state even if there is no common border.

Off topic:

1 October 2012

What’s new in .NET Framework 4.5

Filed under: Programming — John Ubikuity @ 13:55

Here is a nice poster to summarize what’s new in .NET Framework 4.5:

http://www.heikniemi.net/hardcoded/2011/10/whats-new-in-net-framework-4-5-poster/

Concerning ASP.NET, I like:

  • New site template for ASPNET MVC 4
  • Built-in Javascript + CSS combining and minification
  • Strongly typed data binding in ASP.NET Web Forms
  • Multiple file upload component for ASP.NET Web Forms
  • IIS Express used by default (instead of Cassini)

11 September 2012

Difference between “Independent association” and “Foreign key association” in Entity Framework

Filed under: Entity Framework — Tags: — John Ubikuity @ 9:50

I begin to understand the difference between “Independent association” and “Foreign key association” in Entity Framework Code First thanks to this article : http://www.ladislavmrnka.com/2011/05/foreign-key-vs-independent-associations-in-ef-4/

Advice: use both (Independent associations and Foreign key associations):

“This saves on unnecessary DB lookups, allows lazy loaking, and allows you to easily see/set the ID if you know what you want it to be. Note that having both does not change your table structure in any way.”

Source: http://stackoverflow.com/questions/5281974/code-first-independent-associations-vs-foreign-key-associations

Which version of ASP.NET MVC is used in an existing Visual Studio project

Filed under: ASP.NET MVC — John Ubikuity @ 0:06

Question: how to find which version of ASP.NET MVC is used in an existing Visual Studio project?

Answer: via Reflection:

typeof (Controller).Assembly.GetName().Version 

Source: http://stackoverflow.com/questions/3008704/how-to-determine-the-current-version-of-asp-net-mvc

10 September 2012

Copier coller du texte sans conserver la mise en forme

Filed under: Power user tools — John Ubikuity @ 23:49

PureText est un petit utilitaire qui permet de faire un copier-coller d’un bout de texte sans conserver la mise en forme d’origine (gras, souligné, style, code html, etc.) et de coller uniquement le texte brut.

Source : http://www.stevemiller.net/puretext/

Publier automatiquement votre dernier article de blog sur Twitter

Filed under: Wordpress — John Ubikuity @ 23:24

Le plugin “WP to Twitter” permet de publier automatiquement vos articles de blogs WordPress sur votre compte Twitter.

La configuration du plugin demande quelques minutes d’attention (récupération des paramètres Consumer key, Consumer secret, Access token, Access token secret via https://dev.twitter.com/) mais ensuite cela marche très bien.

En savoir plus : http://cleverwp.com/publish-to-twitter-automatically-from-your-wordpress-blog/

Older Posts »

Powered by WordPress