code page 2 - Dave's Blog

Search
My timeline on Mastodon

Tweet from Eric Lawrence

2016 Jun 2, 10:32
Chrome relaxes IDN display of Punycode (old restrictions were like IE) to match Firefox instead: https://bugs.chromium.org/p/chromium/issues/detail?id=336973#c34 
PermalinkComments

Tweet from Sampson

2016 May 21, 11:33
Awesome—ScreenToGIF 2 is out! Lets you record a portion of your screen, edit afterwards, and export as animated GIF. https://screentogif.codeplex.com/releases/view/621383 
PermalinkComments

WinRT Launcher API in PowerShell

2016 Mar 31, 10:12
You can call WinRT APIs from PowerShell. Here's a short example using the WinRT Launcher API:
[Windows.System.Launcher,Windows.System,ContentType=WindowsRuntime]
$uri = New-Object System.Uri "http://example.com/"
[Windows.System.Launcher]::LaunchUriAsync($uri)
Note that like using WinRT in .NET, you use the System.Uri .NET class instead of the Windows.Foundation.Uri WinRT class which is not projected and under the covers the system will convert the System.Uri to a Windows.Foundation.Uri.
PermalinkComments

Retweet of timbray

2016 Feb 17, 1:07
Super-cool unicode character search: http://www.amp-what.com/unicode/search/check …
PermalinkComments

Retweet of erewok

2016 Feb 16, 5:22
This guy sped by me on the freeway. Had a strong feeling this was a Unicode codepoint. In my gut I knew what it was. pic.twitter.com/4B3oHSXXAi
PermalinkComments

Retweet of FakeUnicode

2016 Feb 12, 7:25
> typeof NaN 'number' > (╯°□°)╯︵ ┻━┻) ...
PermalinkComments

Cdb/Windbg Commands for Runtime Patching

2016 Feb 8, 1:47

You can use conditional breakpoints and debugging commands in windbg and cdb that together can amount to effectively patching a binary at runtime. This can be useful if you have symbols but you can't easily rebuild the binary. Or if the patch is small and the binary requires a great deal of time to rebuild.

Skipping code

If you want to skip a chunk of code you can set a breakpoint at the start address of the code to skip and set the breakpoint's command to change the instruction pointer register to point to the address at the end of the code to skip and go. Voila you're skipping over that code now. For example:

bp 0x6dd6879b "r @eip=0x6dd687c3 ; g"

Changing parameters

You may want to modify parameters or variables and this is simple of course. In the following example a conditional breakpoint ANDs out a bit from dwFlags. Now when we run its as if no one is passing in that flag.

bp wiwi!RelativeCrack "?? dwFlags &= 0xFDFFFFFF;g"

Slightly more difficult is to modify string values. If the new string length is the same size or smaller than the previous, you may be able to modify the string value in place. But if the string is longer or the string memory isn't writable, you'll need a new chunk of memory into which to write your new string. You can use .dvalloc to allocate some memory and ezu to write a string into the newly allocated memory. In the following example I then overwrite the register containing the parameter I want to modify:

.dvalloc 100
ezu 000002a9`d4eb0000 "mfcore.dll"
r rcx = 000002a9`d4eb0000

Calling functions

You can also use .call to actually make new calls to methods or functions. Read more about that on the Old New Thing: Stupid debugger tricks: Calling functions and methods. Again, all of this can be used in a breakpoint command to effectively patch a binary.

PermalinkCommentscdb debug technical windbg

Tweet from David_Risney

2016 Feb 7, 9:13
Pretty shredded polygons in html & js https://www.clicktorelease.com/code/polygon-shredder/ …
PermalinkComments

Let's Encrypt NearlyFreeSpeech.net Setup

2016 Feb 4, 2:48

2016-Nov-5: Updated post on using Let's Encrypt with NearlyFreeSpeech.net

I use NearlyFreeSpeech.net for my webhosting for my personal website and I've just finished setting up TLS via Let's Encrypt. The process was slightly more complicated than what you'd like from Let's Encrypt. So for those interested in doing the same on NearlyFreeSpeech.net, I've taken the following notes.

The standard Let's Encrypt client requires su/sudo access which is not available on NearlyFreeSpeech.net's servers. Additionally NFSN's webserver doesn't have any Let's Encrypt plugins installed. So I used the Let's Encrypt Without Sudo client. I followed the instructions listed on the tool's page with the addition of providing the "--file-based" parameter to sign_csr.py.

One thing the script doesn't produce is the chain file. But this topic "Let's Encrypt - Quick HOWTO for NSFN" covers how to obtain that:

curl -o domain.chn https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.pem

Now that you have all the required files, on your NFSN server make the directory /home/protected/ssl and copy your files into it. This is described in the NFSN topic provide certificates to NFSN. After copying the files and setting their permissions as described in the previous link you submit an assistance request. For me it was only 15 minutes later that everything was setup.

After enabling HTTPS I wanted to have all HTTP requests redirect to HTTPS. The normal Apache documentation on how to do this doesn't work on NFSN servers. Instead the NFSN FAQ describes it in "redirect http to https and HSTS". You use the X-Forwarded-Proto instead of the HTTPS variable because of how NFSN's virtual hosting is setup.

RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

Turning on HSTS is as simple as adding the HSTS HTTP header. However, the description in the above link didn't work because my site's NFSN realm isn't on the latest Apache yet. Instead I added the following to my .htaccess. After I'm comfortable with everything working well for a few days I'll start turning up the max-age to the recommended minimum value of 180 days.

Header set Strict-Transport-Security "max-age=3600;" 

Finally, to turn on CSP I started up Fiddler with my CSP Fiddler extension. It allows me to determine the most restrictive CSP rules I could apply and still have all resources on my page load. From there I found and removed inline script and some content loaded via http and otherwise continued tweaking my site and CSP rules.

After I was done I checked out my site on SSL Lab's SSL Test to see what I might have done wrong or needed improving. The first time I went through these steps I hadn't included the chain file which the SSL Test told me about. I was able to add that file to the same files I had already previously generated from the Let's Encrypt client and do another NFSN assistance request and 15 minutes later the SSL Test had upgraded me from 'B' to 'A'.

PermalinkCommentscertificate csp hsts https lets-encrypt nearlyfreespeech.net

Tweet from David_Risney

2016 Jan 27, 10:28
Identify coder from binary based on code style. https://freedom-to-tinker.com/blog/aylin/when-coding-style-survives-compilation-de-anonymizing-programmers-from-executable-binaries/ … Following company style guidelines is now a privacy issue.
PermalinkComments

Retweet of f4grx

2016 Jan 26, 7:43
@FakeUnicode also UNICODE CONSORTIUM FACE REVIEWING EMOJI CODEPOINT REQUESTS
PermalinkComments

Retweet of FakeUnicode

2016 Jan 26, 7:15
OH COME ON. SERIOUSLY?? pic.twitter.com/EMdqGylC4L
PermalinkComments

Retweet of FakeUnicode

2016 Jan 24, 10:52
.@alolita How Ancient Egypt fell. "But great Pharaoh, we need a snake playing croquet." "You have like 50 snake symbols." "But, croquet!"
PermalinkComments

Tweet from David_Risney

2016 Jan 24, 3:13
Unicode includes 24 clock face code points, so obv here's my Unicode clock: http://david-risney.github.io/UnicodeClock/ 
PermalinkComments

Unicode Clock

2016 Jan 24, 2:00

I've made a Unicode Clock in JavaScript.

Unicode has code points for all 30 minute increments of clock faces. This is a simple project to display the one closest to the current time written in JavaScript.

Because the code points are all above 0xFFFF, I make use of some ES6 additions. I use the \u{XXXXXX} style escape sequence since the old style JavaScript escape sequence \uXXXX only supports code points up to 0xFFFF. I also use the method String.codePointAt rather than String.charCodeAt because the code points larger than 0xFFFF are represented in JavaScript strings using surrogate pairs and charCodeAt gives the surrogate value rather than codePointAt which gives the code point represented by the pair of surrogates.

"🕛".codePointAt(0)
128347
"🕛".charCodeAt(0)
55357

🕐🕑🕒🕓🕔🕕🕖🕗🕘🕙🕚🕛🕜🕝🕞🕟🕠🕡🕢🕣🕤🕥🕦🕧

The ordering of the code points does not make it simple to do this. I initially guessed the first code point in the range would be 12:00 followed by 12:30, 1:00 and so on. But actually 1:00 is first followed by all the on the hour times then all the half hour times.

PermalinkCommentsjavascript Unicode

JavaScript Types and WinRT Types

2016 Jan 21, 5:35PermalinkCommentschakra development javascript winrt

Retweet of codepo8

2016 Jan 12, 12:53
Chewbacca... his arms open. pic.twitter.com/fABwocHCOu
PermalinkComments

Retweet of FakeUnicode

2016 Jan 10, 10:34
Support! Rather than "Combining" though they would be "Combing." https://twitter.com/martineno/status/686639564207841281 … [@martineno]
PermalinkComments

Retweet of FakeUnicode

2016 Jan 3, 10:26
I mean, look at this crap. All these full-alphabet variants "Because math!" @asrivkin @PlanetDr @lukedones @grierja pic.twitter.com/qQ1POiqniv
PermalinkComments

Retweet of tombkeeper

2015 Nov 11, 11:07
Another demo of our talk "BadBarcode" in PacSec 2015: start a shell by one single boarding pass.
PermalinkComments
Older EntriesNewer Entries Creative Commons License Some rights reserved.