The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 4,262 other subscribers

Archive for February 1st, 2022

Hornbach has some very “special” limitations to “special characters” in passwords. I wonder why.

Posted by jpluimers on 2022/02/01

[Wayback] Jeroen Wiert Pluimers on Twitter: “”Too special” password character password woos at @HORNBACH_NL : [ Het wachtwoord moet minstens acht tekens lang zijn, en minstens een getal en een letter (a-zA-Z) bevatten. De volgende speciale tekens zijn toegestaan: !”#$%&'()*+,.:;?@_|} ] 1/”

I wonder what kind of parser they use, as these printable special ASCII characters are forbidden:

  • \-/[\]^`{~
  • space (0x20)
  • tab (0x9)
  • line feed (0xa)
  • carriage return (0xb
  • vertical tab (0xb)
  • form feed (0xc)

Seems no JSON or SQL to me: there I would expect other limitations.

What would break if you use them in other fields or pass them in an HTML POST-request?

I mean: these passwords should be salted and hashed immediately when the HTML-POST request is received, so certainly they would not be stored somewhere or passed many layers into code, right?

Oh, in order to activate an account there, you need to accept some 40+ A4 sized pages of legal stuff. Brave Dutch judge that will put these all in favour of Hornbach.

–jeroen

Read the rest of this entry »

Posted in Development, LifeHacker, Power User, Security, Software Development, Web Development | Leave a Comment »

Gisteren 3 jaar terug: Ongeval in restaurant Alrijne Leiderdorp – Alrijne Ziekenhuis

Posted by jpluimers on 2022/02/01

Ongeveer 9 maanden na dit ongeval in 2019 kreeg ik diagnose endeldarmkanker die later ook nog bleek uitgezaaid. De behandelingen duurden ruim een jaar en daar ben ik nog steeds van aan het herstellen.

Langzaam krijg ik meer energie en uithoudingsvermogen en ben ik ook de kladversies van wat er in mijn blog archief staat bij te werken. Tijd dus om deze te publiceren.

[Archive.is1/Archive.is2Ongeval in restaurant Alrijne Leiderdorp – Alrijne Ziekenhuis. (was binnen een half jaar van de Alrijne site af)

Gerelateerd twitter:

Read the rest of this entry »

Posted in About, Personal | Leave a Comment »

ESXi: editing /etc/vmware/hostd/vmInventory.xml to fix the datastore UUID for unavailable VMs part 2

Posted by jpluimers on 2022/02/01

I started my post ESXi: editing /etc/vmware/hostd/vmInventory.xml to fix the datastore UUID for unavailable VMs with

In case I ever need this on ESXi: Insights into the VMware inventory files (vmAutoStart.xml and vmInventory.xml on ESXi; inventory.vmls on VMware Workstation/Player)

Since almost all of my blog is about things I bumped into in real life, this post was a preparation because I kind of expected this to indeed happen, and it did.

Below are the screenshots and steps I took. Of course it is an N=1 experience, so your situation might differ, but I tried to be thorough and not miss any steps.

Read the rest of this entry »

Posted in ArchiveTeamWarrior, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Internet, InternetArchive, Power User, Virtualization, VMware, VMware ESXi, WayBack machine | Leave a Comment »

Some links on using and updating Let’s Encrypt certificates for internal servers

Posted by jpluimers on 2022/02/01

Sometimes it is easier to have current and public CA signed TLS certificates for internal servers than to setup and maintain an internal CA and register it on all affected browsers (including mobile phones).

One of my reasons to investigate this is that Chrome refuses to save credentials on servers that have no verifiable TLS certificate, see my post Some links on Chrome not prompting to save passwords (when Firefox and Safari do) about a week ago.

Below are some links for my link archive that hopefully will allow me to do this with Let’s Encrypt (msot via [Wayback/Archive] letsencrypt for internal servers – Google Search):

Read the rest of this entry »

Posted in Cloud, Cloudflare, Development, Encryption, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Fritz!, Fritz!Box, Fritz!WLAN, Infrastructure, Internet, Let's Encrypt (letsencrypt/certbot), Power User, Security, Software Development, Virtualization, VMware, VMware ESXi, Web Development | Leave a Comment »