This is a mirror of official site: http://jasper-net.blogspot.com/

Assembly Language Megaprimer for Linux

| Wednesday, May 23, 2012
In this video series, we will learn the basics of Assembly Language programming on Linux. This will help us in doing reverse engineering and writing exploits in later videos. I will be start from the absolute scratch, so no pre-requisites required.

Read more: Security Tube
QR: Inline image 1

Posted via email from Jasper-net

Wine Mono 0.0.4 Release - I'm serious now!

| Monday, May 21, 2012
I have published version 0.0.4 of Wine Mono on Sourceforge. I fully intend to make this release a part of Wine.

The source tarball is at

The binary is at

For developers, the source repository is at

Changes since 0.0.2:
 * With Wine 1.5.4 and Wine Mono 0.0.4, it's now possible to run mixed-mode assemblies.
 * The random hang that was introduced in Mono 2.11 is now fixed (0.0.2 contained a hacky work-around).
 * A replacement for XNA 4.0 based on MonoGame is now included, to be used if MS XNA 4.0 is not installed.
 * Updated Mono from 2.11.0 to 2.11.1, bringing in the changes listed here: http://mono.1490590.n4.nabble.com/Mono-2-11-1-is-out-td4575466.html
 * Changes from Hans Leidekker to make upgrading and removing the msi work better.
 * Added more registry keys to prevent native .NET from trying to install while Wine Mono is installed.
 * Various improvements to the build script.

Some programs that worked with the official Mono for Windows package will fail with this one because gluezilla (Mono's web browser component) is missing. In all other respects I expect this to work as well as or better than the official Mono for Windows package, and if not I'd like to hear about it.

Read more: WineHQ Mail list
QR: Inline image 1

Posted via email from Jasper-net

Test Scribe for Visual Studio 11 Beta

|
Inline image 2

Test Scribe is a documentation power tool designed to construct documents directly from the TFS for test plan and test run artifacts for the purpose of discussion, reporting etc.

This is a popular extension for MTM, allowing users to export Test Documents, in previous posts I wrote about extending Test Scribe Template for MTM 10.

Test Scribe – Automatic Document Generating For Test Manager 2010

Test Scribe – Developer Guide

How To Change Test Scribe Template

And of course as we getting closer to VS 11 release here is Test Scribe for VS 11 Beta, Download Page

Read more: Shay Raiten
QR: Inline image 1

Posted via email from Jasper-net

Free set Windows Performance analysis tools. From boot perf analysis, to power use, memory leaks, CPU hogs, app crashes and many more...

|
 In conjunction with my upcoming book and sessions at Briforum, I am releasing a number of new and updated tools involving Windows Performance analysis. These tools may be found in the Performance Tools section of the TMurgent website. These tools are generally free to download and use (the only restrictions are for ISVs that want to use them to show off how good they are).

QR: Inline image 1

Posted via email from Jasper-net

AsyncCTP installation problems (and VS11)

|
The AsyncCTP is getting a bit long in the tooth. This post is to explain how, why, and what to do.

Common symptoms:

AsyncCTP fails to install -- i.e. it doesn't create the "Async CTP" folder inside "My Documents", and VS doesn't recognize the async keywords.
Installing VS11 causes AsyncCTP to stop working.
AsyncCTP doesn't work on Windows 8.

Explanation
The AsyncCTP is an update. It updates Visual Studio 2010 with modified versions of the VS IDE compilers that colorize the new keywords. It also updates the .NET4 framework with modified versions of the command-line csc.exe and vbc.exe compilers. But the AsyncCTP was never incorporated into Microsoft's official source code for VS2010 or .NET4, and was never meant to be -- it's just an experimental CTP.

And so, when Microsoft produces official updates to either VS or .NET4, and they touch the same files, then they tend to overwrite the AsyncCTP -- or prevent it from installing in the first place.

Also .NET45, which comes with VS11 and Win8, is an in-place update on top of .NET4, and so replaces the csc.exe and vbc.exe from the AsyncCTP with updated ones. As Stephen Toub explains, the new csc.exe and vbc.exe are incompatible with AsyncCTPLibrary.dll.

What to do
Best option is to upgrade to VS11 Beta and .NET45. It has much better async support (fewer bugs, more features, better debugging, better perf)
 
Failing that, if you're stuck with VS2010 + AsyncCTP, here are ideas:
If you already have VS2010 + AsyncCTP working, then don't install VS11.
 
If you have VS2010 SP1 but the AsyncCTP installer doesn't seem to have worked, the problem might be conflicting updates such as
   KB2635973, KB2615527, KB2645410
Any update after October 11 is liable to conflict, though. Go to ControlPanel > AddRemovePrograms > WindowsUpdates and uninstall them if present.
Platforms:

Targeting .NET45 with async:
you have to use VS11 Beta, which works fine.

Read more: Lucian's VBlog
QR: Inline image 1

Posted via email from Jasper-net

Google hacking database

|
Welcome to the google hacking database
We call them 'googledorks': Inept or foolish people as revealed by Google. Whatever you call these fools, you've found the center of the Google Hacking Universe!

Google Hacking Database Categories

Footholds (23) 
Examples of queries that can help a hacker gain a foothold into a web server

Files containing usernames (15) 
These files contain usernames, but no passwords... Still, google finding usernames on a web site..

Sensitive Directories (65) 
Google's collection of web sites sharing sensitive directories. The files contained in here will vary from sesitive to uber-secret!

Web Server Detection (72) 
These links demonstrate Google's awesome ability to profile web servers..

Vulnerable Files (60) 
HUNDREDS of vulnerable files that Google can find on websites...

Vulnerable Servers (70) 
These searches reveal servers with specific vulnerabilities. These are found in a different way than the searches found in the "Vulnerable Files" section.

Read more: Exploit-db
QR: Inline image 1

Posted via email from Jasper-net

Obtaining mscordacwks.dll for CLR Versions You Don’t Have

| Sunday, May 20, 2012
Inline image 2

Note: This blog post assumes that you can capture and analyze managed dumps in WinDbg using SOS, and have encountered a bizarre technical problem when using dumps from a production environment. If this assumption is incorrect, feel free to peruse my .NET Debugging Resources link post.

When debugging managed dumps in WinDbg, you will need to load the SOS version that is compatible with the CLR version in the dump. SOS, in turn, requires the CLR “data access DLL” (mscordacwks.dll), which is a debugging helper shipping with the .NET Framework. If SOS and/or mscordacwks.dll are missing or have the wrong version, you will receive an error similar to the following when trying to run most SOS commands:

Failed to load data access DLL, 0x80004005 
Verify that 1) you have a recent build of the debugger (6.2.14 or newer) 
2) the file mscordacwks.dll that matches your version of mscorwks.dll is in the version directory 
3) or, if you are debugging a dump file, verify that the file mscordacwks_<arch>_<arch>_<version>.dll is on your symbol path. 
4) you are debugging on the same architecture as the dump file. For example, an IA64 dump file must be debugged on an IA64 machine.

You can also run the debugger command .cordll to control the debugger's load of mscordacwks.dll. .cordll -ve -u -l will do a verbose reload. If that succeeds, the SOS command should work on retry.

If you are debugging a minidump, you need to make sure that your executable path is pointing to mscorwks.dll as well.

Some CLR versions have been indexed by the Microsoft public symbol server, so you can instruct the debugger to download everything automatically by setting your symbol path and image path to the Microsoft symbol server.

However, some CLR versions have not been indexed and cannot be retrieved automatically—and this is where you need to crawl the Web and find the binaries manually. Today I had the chance to encounter a CLR version, 2.0.50727.3607, which WinDbg couldn’t retrieve from the Microsoft symbol server:

         mscordacwks_x86_x86_2.0.50727.3607.dll/4ADD5446590000/ 
         mscordacwks_x86_x86_2.0.50727.3607.dll not found

Doug Stewart has been collecting updates to CLR 2.0 for several years now, and has an entry on his post for the 3607 CLR build, associated with KB article 976569.

QR: Inline image 1

Posted via email from Jasper-net

Ninite

|
Inline image 1

Just pick your apps and click Get Installer. Ninite does the rest — fully automatic.

No Clicking Next, Next, Next
Ninite fully automates installers offscreen.

No Toolbars
Ninite automatically says "No" to toolbars and other junk.

Always Up-to-date
A Ninite installer always gets an app's latest version no matter when you made it.

It Updates Too
Just run your Ninite installer again and it will update the apps to their latest versions.

No Signup
Ninite just works. No account, signup, or client needed.

32 and 64-bit
Ninite installs the best version of an app for your PC.

International
Ninite installs apps in your PC's language.

Faster for Business
Ninite Pro is 3x faster and allows business use.

Works with RMMs
Kaseya, Labtech, Level Platforms, KACE, GFI, Naverisk, and more. Ninite Pro integrates with everything.

Read more: Ninite
QR: Inline image 2

Posted via email from Jasper-net

Windows 8 Comes with Built-in Option to Turn On/Off 16-Bit Application Support

|
UPDATE: This feature is only present in 32-bit edition of Windows 8 Developer Preview.

Time to share another interesting feature of Windows 8. Did you know Windows 8 comes with a built-in option to turn on or off 16-bit application support?

Our reader "Basil" has found a new applet "16-Bit Application Support" in Control Panel of Windows 8 Developer Preview. This new applet allows you to enable or disable 16-bit application support in Windows 8.

Inline image 1

When you open the applet in Control Panel, Windows shows a dialog box to turn 16-bit application support on or off. Simply click on Enable button and you'll be able to enjoy 16-bit applications in Windows 8.

QR: Inline image 2

Posted via email from Jasper-net

.Net 4.5 Gets Zippy... Zip support is baked into the .Net 4.5 Framework

|
One of the missing feature of .NET framework was a support for Zip file manipulation such as reading the zip archive, adding files, extracting files, etc. and we were using some third party libraries such as excellent DotNetZip. In .NET 4.5, we have an extensive support for manipulating .zip files.

First thing that you should do is to add System.IO.Compression assembly as reference to your project. You may also want to reference System.IO.Compression.FileSystem assembly to access three extension methods (from the ZipFileExtensions class) for the ZipArchive class: CreateEntryFromFile, CreateEntryFromFile, and ExtractToDirectory. These extension methods enable you to compress and decompress the contents of the entry to a file.

..."

System.IO.Compression Namespace

QR: Inline image 1

Posted via email from Jasper-net

Xceedium Xsuite

|
Inline image 2

Xceedium Xsuite™ protects your organization from security threats associated with privileged users, individuals and applications that have unfettered administrative access to your most sensitive IT infrastructure and business data.

Xceedium’s highly scalable solution employs role-based privilege access control, ensuring that privileged users, such as network administrators, security staff and trusted third parties, have rights to access only the specific systems, devices and commands they require. In other words, it provides “least privilege” access.

But Xsuite goes far beyond the popular least privilege concept, enabling organizations to implement the entire set of security controls necessary to protect modern networks from insider threats. We call it Zero Trust access control.

Xsuite integrates three award-winning software modules: GateKeeper™ Administrator Access Control, Password Authority™ Admin Password Management, and A2A Authority™ Application Password Management on a single, hardened appliance.

Read more: Xceedium
QR: Inline image 1

Posted via email from Jasper-net

WCF: Serialization and Generics

|
Recently, I have been spending some time blogging about serialization.  This is partially in an effort to go back over some of the basics prior to starting on WCF and P2P in a week or so.  Today, I am continuing the serialization subject by taking a closer look at generics in regards to serialization.

This is actually a popular subject for a lot of newcomers to WCF.  Many developers who are fond of generics will create a service that exposes some generic method.  When they finally get ready to fire up the service and give it a trial run, they are quickly disappointed to discover that it doesn't work as expected.

So, what's the deal?

WCF does not support the use of generic methods for service operation.  In other words, only concrete types can be used for service operations.  Open generic types cannot be used.  Now, it is important to clarify this is not a limitation of WCF.  Rather, it is a limitation of WSDL, which is used to expose service metadata to consumers.  There is no construct within WSDL to define a generic type.  Generally speaking, I agree with this behavior 
since it decreases the coupling between a client and service. 

Although generic methods are not supported, it is possible to expose generic objects for the purpose of exchanging data.  However, there are some limitations.  Let's take a closer look:

Bounded Generics

In his book Programming WCF Services , Juval Lowy points out that it is possible to use "bounded generics."  This is sometimes referred to as closed generics.  Basically, it refers to defining a generic class for your data contract, but it is restricted to a specific type in the service operation.  This may sound somewhat vague.  So, here is an example to provide a better illustration:

[DataContract]
public class MyGenericObject<T>
{
    private T _id;
    private string _description;

    public MyGenericObject()
    {
    }

    [DataMember]
    public T ID
    {
        get { return _id; }
        set { _id = value; }
    }

    [DataMember]
    public string Description
    {
        get { return _description; }
        set { _description = value; }
    }
}

Read more: Jeff W. Barnes
QR: Inline image 1

Posted via email from Jasper-net

Маленькие хитрости класса Enumerable

|
Сегодня речь пойдет о классе System.Linq.Enumerable. Enumerable – это один из основных классов Linq, так как содержит extension-методы, используемые при построении запросов. Мало кому известно (по крайней мере, мне так показалось), но данный класс может быть использован не только для построения Linq-запросов. Enumerable содержит несколько обычных статических методов, которые, я думаю, тебе могут пригодиться.

Enumerable.Empty<T>

Насколько часто тебе приходится создавать пустую коллекцию (IEnumerable<T>)? Обычно разработчики либо создают пустой список, либо массив, состоящий из нуля элементов.

IEnumerable<int> items = new List<int>();
...
IEnumerable<int> items = new int[]()

С этим кодом все в порядке, он работает, но, согласись, смотрится не очень эстетично. Более того, данный подход не всегда является оптимальным, если ты хочешь создать пару тысяч подобных объектов. Тут тебе может помочь метод Enumerable.Empty<T>. Задача этого метода – вернуть тебе пустую коллекцию (IEnumerable<T>).

IEnumerable<int> items = Enumerable.Empty<int>();

Согласись, подобный код смотрится немного более эстетично. Кроме того он и работает быстрее в том случае, если тебе понадобится создать пустую коллекцию несколько (сотен тысяч) раз. Прирост производительности возможен за счет того, что метод Empty<T> возвращает один и тот же объект для каждого запрашиваемого типа (паттерн Singleton): первый вызов метода инициализирует объект, поэтому он заметно медленнее, чем создание пустого массива или списка, зато следующие вызовы теоретически выполняются быстрее. Стоит отметить, что метода Empty<T> создает массив из нуля элементов.

Enumerable.Range

int[] items = new int[count];
for (int i = 0; i < count; i++)
{
    items[i] = start + i;
}

Read more: Čivava's Blog
QR: Inline image 1

Posted via email from Jasper-net