2016 Oct 8, 2:19
In case you were wondering: Yes, the new address bar that was added to RegEdit supports Alt+D to set keyboard focus #WindowsInsiders
2016 Feb 8, 1:47
You can use conditional breakpoints and debugging commands in windbg and cdb that together can amount to effectively patching a binary at runtime. This can be useful if you have symbols but you
can't easily rebuild the binary. Or if the patch is small and the binary requires a great deal of time to rebuild.
If you want to skip a chunk of code you can set a breakpoint at the start address of the code to skip and set the breakpoint's command to change the instruction pointer register to point to the
address at the end of the code to skip and go. Voila you're skipping over that code now. For example:
bp 0x6dd6879b "r @eip=0x6dd687c3 ; g"
You may want to modify parameters or variables and this is simple of course. In the following example a conditional breakpoint ANDs out a bit from dwFlags. Now when we run its as if no one is
passing in that flag.
bp wiwi!RelativeCrack "?? dwFlags &= 0xFDFFFFFF;g"
Slightly more difficult is to modify string values. If the new string length is the same size or smaller than the previous, you may be able to modify the string value in place. But if the string
is longer or the string memory isn't writable, you'll need a new chunk of memory into which to write your new string. You can use .dvalloc to allocate some memory and ezu to write a string into
the newly allocated memory. In the following example I then overwrite the register containing the parameter I want to modify:
ezu 000002a9`d4eb0000 "mfcore.dll"
r rcx = 000002a9`d4eb0000
You can also use .call to actually make new calls to methods or functions. Read more about that on the Old New Thing: Stupid debugger tricks: Calling functions and methods. Again, all of this can be used in a breakpoint command to
effectively patch a binary.
2015 Aug 4, 3:08
Very helpful site to determine which channels you're likely able to receive OTA based
on your address or zip code: http://gomohu.com/xbox/
2013 Apr 3, 4:46
This is essentially an AV exploit against Super Mario World that results in running the end game code. Watch the video. “…there’s a glitch that’s been known for a while, where Yoshi can end up in
the “I have an item in my mouth” state, but not actually have an item in his mouth. When he spits out this nothingness, the game crashes. …That address did not contain code, and so the system
crashed. But wait a second. What if, by some sheer coincidence, that address did contain code? The specific address dropped him in somewhere amongst various data for the game’s internal random
number generator, and the random number generator can be manipulated in a TAS. Could the game be coerced into running arbitrary code?…”
2012 Dec 7, 2:04
To setup my home Windows dev box to be accessible from outside I followed two main steps:
Last time I had to do this there was a service named dynamicdns.org which seems to still exist but no longer appears to be free. Instead I used dnsdynamic.org which is free and has a web API
as well as links to and instructions for setting up native tools to dynamically update my IP address.
2012 Jul 28, 12:05
One persons quest to watch the Olympics online.
The location requirements (guessed at via IP address) are irritating. The requirement that you have a particular cable subscription to view video online seems like not network neutrality.
Also this related article:
2012 Jun 6, 2:54
Use of my old Hotmail account has really snuck up on me as I end up caring more and more about all of the services with which it is associated. The last straw is Windows 8 login, but previous straws include Xbox, Zune, SkyDrive, and my Windows 7 Phone.
I like the features and sync'ing associated with the Windows Live ID, but I don't like my old, spam filled, hotmail email address on the Live ID account.
A coworker told me about creating a Live ID from a custom domain, which sounded like just the ticket for me. Following the instructions above I was able
to create a new deletethis.net Live ID but the next step of actually using this new Live ID was much more difficult. My first hope was there would be some way to link my new and old Live IDs so
as to make them interchangeable. As it turns out there is a way to link Live IDs but all that does
is make it easy to switch between accounts on Live Mail, SkyDrive and some other webpages.
Instead one must change over each service or start over depending on the service:
In the Xbox 360 system menu you can change the Live ID
associated with your gamertag. This worked fine for me and I got an email telling me about the transfer of my Microsoft Points.
There's no way to do this for the Zune specifically, however changing over your Xbox account also transfers over all your Zune purchased
content. I don't have a Zune Pass so I can't confirm that, but all of my previously purchased television shows transferred over successfully.
Windows 7 Phone
To change the main Live ID associated with your phone, reset your phone to factory default and start over. All purchased applications are
lost. Had I purchased any applications I would have been pissed, but instead I was just irritated that I had to reset my phone.
I don't use my Hotmail account for anything and it only sits and collects spam. Accordingly I didn't attempt switching this over.
I didn't have much in my SkyDrive account. I downloaded all files as a zip and then manually uploaded them to the new account.
2012 Mar 14, 4:30
By the URI RFC there is only one way to represent a particular IPv4 address in the host of a URI. This is the standard dotted decimal
notation of four bytes in decimal with no leading zeroes delimited by periods. And no leading zeros are allowed which means there's only one textual representation of a particular IPv4 address.
However as discussed in the URI RFC, there are other forms of IPv4 addresses that although not officially allowed are generally accepted. Many implementations used inet_aton to parse the address from the URI
which accepts more than just dotted decimal. Instead of dotted decimal, each dot delimited part can be in decimal, octal (if preceded by a '0') or hex (if preceded by '0x' or '0X'). And that's
each section individually - they don't have to match. And there need not be 4 parts: there can be between 1 and 4 (inclusive). In case of less than 4, the last part in the string represents all
of the left over bytes, not just one.
For example the following are all equivalent:
Standard dotted decimal form
All of the above
The bread and butter of URI related security issues is when one part of the system disagrees with another about the interpretation of the URI. So this non-standard, non-normal form syntax has
been been a great source of security issues in the past. Its mostly well known now (CreateUri normalizes these
non-normal forms to dotted decimal), but occasionally a good tool for bypassing naive URI blocking systems.
2012 Feb 10, 4:00
As a professional URI aficionado I deal with various levels of ignorance on URI percent-encoding (aka URI encoding, or URL escaping). The basest ignorance is with respect to the mere existence of
percent-encoding. Percents in URIs are special: they always represent the start of a percent-encoded octet. That is to say, a percent is always followed by two hex digits that represents a value
between 0 and 255 and doesn't show up in a URI otherwise.
The IPv6 textual syntax for scoped addresses uses the '%' to delimit the zone ID from the rest of the address. When it came time to define how
to represent scoped IPv6 addresses in URIs there were two camps: Folks who wanted to use the IPv6 format as is in the URI, and those who wanted to encode or replace the '%' with a different
character. The resulting thread was more lively than what shows up on the IETF URI discussion mailing list.
Ultimately we went with a percent-encoded '%' which means the percent maintains its special status and singular purpose.
2011 Dec 10, 6:49
Public site that tracks who (by IP address) downloads what and lets anyone view this.
2011 Oct 19, 5:58
The following code works fine. I have a ccomptr named resolvedUri and I want to update its hostname so I do the following:
CreateIUriBuilder(resolvedUri, 0, 0, &builder);
builder->CreateUri(0xFFFFFFFF, 0, 0, &resolvedUri);
But the following similar looking code has a bug:
The issue is that doing &resolvedUri gets the address of the pointer but also clears out the pointer due to the definition of my smart pointer class:
T *ptrValue = mPtrValue;
mPtrValue = NULL;
In C++ there’s no guarantee about the order in which parameters for a function or method are evaluated. In the case above, &resolvedUri clears out the ccomptr before evaluating
resolvedUri.Get() and so ResolveHostAlias gets a nullptr.
An interesting and related thread on stack overflow on undefined behavior in C++
2011 Jun 20, 2:09
"Why did the hackers at Lulz Security ("LulzSec") invade Sony Pictures websites, take down cia.gov, and release 60,000+ e-mail addresses and passwords? For the lulz, of course—but what might look
lulzy to one person could certainly enrage another. In honor of its 1,000th tweet, the witty wankers of LulzSec released a manifesto of sorts, defending their actions to the angry Internets."
2011 Apr 6, 3:52
Humorous quote from the doc: "While we readily agree that the naming of IPv6 address parts is not the most pressing concern the Internet is facing today, a common nomenclature is important for
2010 Dec 6, 12:17
Ye olde DoS: "The Berners Street Hoax was perpetrated by Theodore Hook in the City of Westminster, London, in 1809. Hook had made a bet with his friend, Samuel Beazley, that he could transform any
house in London into the most talked-about address in a week, which he achieved by sending out thousands of letters in the name of Mrs Tottenham, who lived at 54 Berners Street, requesting
deliveries, visitors, and assistance."
2010 Oct 6, 2:31 2010 Jul 12, 7:11
How to get around Hulu's physical location filtering: Use something like Fiddler to add the X-Forwarded-For header that HTTP proxies with an IP address associated with a phyiscal location you desire
and block your port 1935 which Flash uses for RTMP (see http://kb2.adobe.com/cps/164/tn_16499.html)
2010 Jul 8, 9:00
I previously described my desire to hook my Outlook calendar up to my
. I just found out that I can do this and the reverse as both support publishing calendars to the Internet. The following are how I set this up under Outlook 2010 and Google
In Outlook, I go to the calendar view, right click on my calendar and select "Share Publish to Office.com". At this point I can change the permissions to allow anonymous Internet access, and under
Detail change between 'Full details' (full calendar), 'Limited details' (subject lines & availability only), 'Availability only'. Availability only is almost just what I want -- I'd also like
to include location but availability only is good enough. After hitting OK here I get a 'Do you want to send an invitation...' dialog box. I hit 'Yes' and I can copy the webcals:// URL out of the
email window that opens up. Next, to add it to my Google calendar, I open http://www.google.com/calendar/
, and under 'Other calendars', I select 'Add
Add by URL', paste in that webcals:// URL but change the 'webcals' at the start to 'https'.
In Google Calendar, I can click on my calendar name under 'My calendars', select 'Calendar settings', and on the new page, look under 'Calendar Address', click the ICAL icon, and copy the URL in
the new dialog. Now back in Outlook I go to the Calendar view, right click on 'My Calendars', and select 'Add Calendar From Internet...'. In the new dialog that pops up I paste in the URL from
In this fashion I can share public calendar data between my personal and work calendars.
2010 May 6, 7:16
"Today web gadgets, mashup components, advertisements, and other 3rd party content on websites either run with full trust alongside your content or are isolated inside of IFrames. As a result, many
modern web applications are intrinsically insecure, often with unpredictable service quality. Live Labs Web Sandbox addresses this problem."
2010 Jan 15, 7:05
Section 4 has a summary table with all the various special use IPv4 address blocks.
2010 Jan 15, 3:19
"The .arpa domain is the “Address and Routing Parameter Area” domain and is designated to be used exclusively for Internet-infrastructure purposes. It is administered by the IANA in cooperation with
the Internet technical community under the guidance of the Internet Architecture Board. For the management guidelines and operational requirements of the .arpa domain, see RFC 3172."