Publish your tweets on you blog first! Then automate the copy to Twitter: no untrusted URL shortener & free backup
28 December 2016
31 March 2016
Revising the course Hack Yourself First and insert Tesla Model S
Last year, I had the chance to attend one of the excellent workshop “Hack Yourself First” presented by Troy Hunt: http://www.troyhunt.com/2016/02/more-europe-even-more-again-and-more.html
Now it’s time to practice again by using the (very simple) tool Havij and use the dedicated and deliberately vulnerable website http://hackyourselffirst.troyhunt.com/
To celebrate the unveiling of Tesla new car, I just played a little with Havij and I updated an existing car with Tesla Model S P90D characteristics: http://hackyourselffirst.troyhunt.com/Supercar/8
I guess the changes will be reverted soon, so I took a screenshot:
Just for reference, here is the SQL script I used:
UPDATE Make SET name=’Tesla Motors’ WHERE MakeId=8;
UPDATE Supercar SET Cylinders=’V0′ WHERE SupercarId=8;
UPDATE Supercar SET Description=’Model S acceleration is instantaneous, silent and smooth’ WHERE SupercarId=8;
UPDATE Supercar SET EngineCc=0 WHERE SupercarId=8;
UPDATE Supercar SET EngineLayout=’Dual electric motor’ WHERE SupercarId=8;
UPDATE Supercar SET Model=’Tesla Model S P90D’ WHERE SupercarId=8;
UPDATE Supercar SET PowerKw=568 WHERE SupercarId=8;
UPDATE Supercar SET TopSpeedKm=250 WHERE SupercarId=8;
UPDATE Supercar SET TorqueNm=967 WHERE SupercarId=8;
UPDATE Supercar SET WeightKg=2200 WHERE SupercarId=8;
UPDATE Supercar SET ZeroToOneHundredKmInSecs=2.8 WHERE SupercarId=8;
Some of the other attendees created a blog post to summarize what we learned at the workshop:
3 November 2015
U2F (Yubikey) support in Firefox
Unfortunately at the moment (2015-11-03), U2F protocol is still not officially supported in Mozilla Firefox: https://bugzilla.mozilla.org/show_bug.cgi?id=1065729
U2F protocol is mainly promoted by Yubico company (who is selling Yubikeys)
Finally, Firefox 57 (called Quantum) supports U2F protocol but for the moment (2017-12-17) it’s not enabled by default. Here is how to enable it:
- Type about:config into the Firefox browser.
- Search for “u2f”.
- Double click on security.webauth.u2f to enable U2F support (the value should be set to “true“)
Source: https://www.yubico.com/2017/11/how-to-navigate-fido-u2f-in-firefox-quantum/
22 May 2015
Emprunter l’identité d’un autre utilisateur en ASP.NET
Lors des phases de test/recette, il est souvent utile de pouvoir se connecter en tant qu’un autre utilisateur sur une application, par exemple pour vérifier que les permissions et les différents rôles de l’application fonctionnent correctement.
Dans mon cas, j’avais besoin de pouvoir emprunter l’identité d’un autre utilisateur sur une application Intranet ASP.NET MVC dont le mécanisme d’authentification est de type Windows NTLM (<authentication mode="Windows" />
)
La solution que j’ai trouvé est de créer un cookie qui contient le nom du compte utilisateur que je veux revêtir (“impersonation”).
Puis à chaque chargement de page (Global.asax.cs), l’application examine la présence de ce cookie afin de changer à la volée l’utilisateur connecté (HttpContext.Current.User).
Evidemment, pour des raisons de sécurité et d’auditabilité, il faut désactiver ce mécanisme sur l’application en Production.
Voici le code qui permet de faire cela et que j’ai publié sur GitHub : https://github.com/ubikuity/impersonate-windows-user-aspnet
Détails de l’implémentation : https://github.com/ubikuity/impersonate-windows-user-aspnet/commit/ed660effc08f2a89ed621b62bbda6b71e72a6e3e
1 June 2014
List of neighboring states for each US state
I was searching for a list of neighboring/bordering/adjacent states for each USA state.
I wasn’t able to find any open data, so I decided to create my own list using the following sources:
- http://theincidentaleconomist.com/wordpress/list-of-neighboring-states-with-stata-code/
- http://www.john.geek.nz/2009/01/sql-tips-list-of-us-states/
- http://askville.amazon.com/Trivia-state-bordered-states/AnswerViewer.do?requestId=3941039
- http://en.wikipedia.org/wiki/List_of_U.S._states_by_date_of_statehood
- http://en.wikipedia.org/wiki/History_of_Washington,_D.C.
=> Feel free to verify, contribute and reuse my file: neighbors-states.csv
Notes:
- The SQL script was created for SQL Server 2008.
Possible improvements:
- Add a column called “IsApproximativeNeighbor” in the table “NeighborStates” to define properly the relation between Alaska and Washington state even if there is no common border.
Off topic:
- At first, I wanted to use MySQL but I discovered that MySQL constraint implementation still is incomplete: “the CHECK clause is parsed but ignored by all storage engines”. See http://bugs.mysql.com/bug.php?id=3464 and http://dev.mysql.com/doc/refman/5.1/en/create-table.html.
- Maybe some of you remember the song from this cartoon: Animaniacs video of Wakko’s famous 50 State Capitols song.
- By the way, I never been to the USA and this list give some motivation to visit USA!
1 October 2012
What’s new in .NET Framework 4.5
Here is a nice poster to summarize what’s new in .NET Framework 4.5:
http://www.heikniemi.net/hardcoded/2011/10/whats-new-in-net-framework-4-5-poster/
Concerning ASP.NET, I like:
- New site template for ASPNET MVC 4
- Built-in Javascript + CSS combining and minification
- Strongly typed data binding in ASP.NET Web Forms
- Multiple file upload component for ASP.NET Web Forms
- IIS Express used by default (instead of Cassini)
11 September 2012
Difference between “Independent association” and “Foreign key association” in Entity Framework
I begin to understand the difference between “Independent association” and “Foreign key association” in Entity Framework Code First thanks to this article : http://www.ladislavmrnka.com/2011/05/foreign-key-vs-independent-associations-in-ef-4/
Advice: use both (Independent associations and Foreign key associations):
“This saves on unnecessary DB lookups, allows lazy loaking, and allows you to easily see/set the ID if you know what you want it to be. Note that having both does not change your table structure in any way.”
Which version of ASP.NET MVC is used in an existing Visual Studio project
Question: how to find which version of ASP.NET MVC is used in an existing Visual Studio project?
Answer: via Reflection:
typeof (Controller).Assembly.GetName().Version
Source: http://stackoverflow.com/questions/3008704/how-to-determine-the-current-version-of-asp-net-mvc
10 September 2012
Copier coller du texte sans conserver la mise en forme
PureText est un petit utilitaire qui permet de faire un copier-coller d’un bout de texte sans conserver la mise en forme d’origine (gras, souligné, style, code html, etc.) et de coller uniquement le texte brut.
Source : http://www.stevemiller.net/puretext/
Publier automatiquement votre dernier article de blog sur Twitter
Le plugin “WP to Twitter” permet de publier automatiquement vos articles de blogs WordPress sur votre compte Twitter.
La configuration du plugin demande quelques minutes d’attention (récupération des paramètres Consumer key, Consumer secret, Access token, Access token secret via https://dev.twitter.com/) mais ensuite cela marche très bien.
En savoir plus : http://cleverwp.com/publish-to-twitter-automatically-from-your-wordpress-blog/