The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,854 other subscribers

Archive for the ‘Development’ Category

« Previous Entries
Next Entries »

Fork Gist to Repo on GitHub – Stack Overflow

Posted by jpluimers on 2024/01/09

It is not a full fork and misses a few things (including the Gist description), but is the easiest way to clone a gist to a regular GitHub repository.

I needed it because somehow pushing to gists was denied without explanation or real GitHub feedback.

Another reason is that regular GitHub repositories show you way more information about the commits than Gists do.

Thanks [Wayback/Archive] Noitidart for asking and [Wayback/Archive] Bruno Bronosky for answering at [Wayback/Archive] Fork Gist to Repo on GitHub – Stack Overflow:

Read the rest of this entry »

Posted in Authentication, Development, DVCS - Distributed Version Control, gist, git, GitHub, LifeHacker, Power User, Security, Source Code Management | Leave a Comment »

VMware ESXi: shell script to get uuid.bios and all Ethernet generatedAddress MAC address values for all VMs

Posted by jpluimers on 2023/12/28

This is a sort of follow-up on ESXi: listing virtual machines with their IP addresses where we ended with this:

I modified the above script to become this:

#!/bin/sh
vmids=`vim-cmd vmsvc/getallvms | sed -n -E -e "s/^([[:digit:]]+)s+((S.+S)?)s+([S+])s+(.+.vmx)s+(S+)s+(vmx-[[:digit:]]+)s*?((S.+)?)$/1/p"`
for vmid in ${vmids} ; do
    # powerState values:
    #   Powered off
    #   Powered on
    #   Suspended
    powerState=`vim-cmd vmsvc/power.getstate ${vmid} | sed '1d'`
    name=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/(vim.vm.ConfigInfo) {/,/files = (vim.vm.FileInfo) {/ s/^ +name = "(.*)",.*?/1/p'`
    vmPathName=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/files = (vim.vm.FileInfo) {/,/tools = (vim.vm.ToolsConfigInfo) {/ s/^ +vmPathName = "(.*)",.*?/1/p'`
    # For now, I choose to use only the IPv4 main address from ipAddress, which is in between (vim.vm.GuestInfo) { and net = (vim.vm.GuestInfo.NicInfo) [.
    ipAddress=`vim-cmd vmsvc/get.guest ${vmid} | sed -n -E -e '/(vim.vm.GuestInfo) {/,/net = (vim.vm.GuestInfo.NicInfo) [/ s/^ +ipAddress = "(.*)",.*?/1/p'`
    printf "VM with id %3s has power state %-11s and IPv4=%-15s (name = ${name}; vmPathName = ${vmPathName}).n" "${vmid}" "${powerState}" "${ipAddress}"
done

Now the script grew even larger in to vim-cmd-list-all-VMs-with-IPv4-MAC-uuid.sh:

Read the rest of this entry »

Posted in *nix, *nix-tools, ash/dash, ash/dash development, Development, ESXi6, ESXi6.5, ESXi6.7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »

css color names – Google Search

Posted by jpluimers on 2023/12/27

I like the featured snipped [WayBack] css color names – Google Search

It points to [WayBack] Quackit: CSS Color Codes which has the below nice table (a few duplicates could be stripped, but the ordering and layout is great!)

Since then, I also found these very interesting pages on web colors that are also useful in any software development environment:

Read the rest of this entry »

Posted in Color (software development), CSS, Development, HTML, Software Development, Web Development | Leave a Comment »

Guess the maximum DNS Response Size… (by Jan Schaumann)

Posted by jpluimers on 2023/12/26

Every once in a while Jan Schaumann writes a long Twitter thread and saves it in a blog post. Always good ways to learn. This time it was no different: [Wayback/Archive] DNS Response Size started with

Read the rest of this entry »

Posted in Communications Development, Development, DNS, Internet, Internet protocol suite, IPv4, IPv6, Power User, TCP, tcpdump, UDP, Wireshark | Leave a Comment »

Hello “SMTP Smuggling” information released days before the Holiday season to open source SMTP server teams

Posted by jpluimers on 2023/12/24

Jan Wildeboer was mad for good reasons, though the open source projects didn’t yet seem to publicly have show their real madness, just bits like [Wayback/Archive] oss-security – Re: Re: New SMTP smuggling attack:

I'm a little confused by sec-consult's process here. They identify a
problem affecting various pieces of software including some very widely
deployed open source software, go to the trouble of doing a coordinated
disclosure, but only do that with...looking at their timeline... gmx,
microsoft and cisco?

“SMTP Smuggling” is bad, and big open source SMTP server projects like exim, postfix and sendmail needed to assess and fix/prevent the issue on very short notice: effectively confronting them with a zero-day less than a week between the information got released and the Holiday season.

That gives “deploy on Fridays” a totally different dimension.

How bad? Well, it already managed to reach this Newline – Wikipedia entry:

The standard Internet Message Format[26] for email states: “CR and LF MUST only occur together as CRLF; they MUST NOT appear independently in the body”. Differences between SMTP implementations in how they treat bare LF and/or bare CF characters have led to so-called SMTP smuggling attacks[27].

The crux of the problem is very well described by the “Postfix: SMTP Smuggling” link below: recommended reading, and the middle of [Wayback/Archive] SMTP Smuggling – Spoofing Emails Worldwide | Hacker News

TLDR: In the SMTP protocol, the end of the payload (email message) is indicated by a line consisting of a single dot. The line endings normally have to be CRLF, but some MTAs also accept just LF before and/or after the dot. This allows SMTP commands that follow an LF-delimited dot line to be “tunneled” through a first MTA (which requires CRLF and thus considers the commands to be part of the email message) to a second MTA (which accepts LF and thus processes the commands as real commands). For the second MTA, the commands appear to come from the first MTA, hence this allows sending any email that the first MTA is authorized to send. That is, emails from arbitrary senders under the domains associated with the first MTA can be spoofed.

Here are some links to keep you busy the next hours/days/weeks:

And the toots linking to background information:

Read the rest of this entry »

Posted in *nix, *nix-tools, Communications Development, Development, exim mail, Internet protocol suite, postfix, Power User, Python, Scripting, sendmail, SMTP, Software Development | Leave a Comment »

When sending out IDs or credentials per snail mail, please use a font that distinguishes zeroes from ohs

Posted by jpluimers on 2023/12/20

Paper mail is about user experience too, not just ads, but letters too, especially the ones sending out IDs or credentials.

There were three characters that could either be an oh or a zero, so it took me half the permutations to get it right.

A font like Consolas is fine for that (and ships with Windows). Even better: use OCR A.

ConsolasOCR A

Based on [Wayback/Archive] Jeroen Wiert Pluimers on Twitter: “Tip voor @xs4all: In de rest van de xs4all->KPN migratie, stuur “Onderwerp Uw wachtwoord voor Telefonie” brieven gaarne in een lettertype waar de 000 en OOO heel duidelijk van elkaar kunnen worden onderscheiden. Hier 4 pogingen (de helft van de permutaties) nodig gehad. “

–jeroen

Posted in Development, Software Development, User Experience (ux) | Leave a Comment »

A great source to learn about JavaScript element enumeration and modification: iamadamdev/bypass-paywalls-chrome

Posted by jpluimers on 2023/12/19

Sometimes one bumps into a Google Chrome extension that is both useful from a practical perspective as insightful on learning from how it is done.

This is one: [Wayback/Archive] iamadamdev/bypass-paywalls-chrome: Bypass Paywalls web browser extension for Chrome and Firefox.

It supports many sites (including more than a dozen Dutch ones) for which it is not easy to justify creating separate accounts for them (just the risk of them leaked into Have I been Pwned? is large, despite GDPR) and staying logged on for each of them. I have dozens of listings of my email addresses at haveibeenpwned.com, so I am a lot more careful making accounts than in the past despite assigning unique email addresses for each account (which is part of the burden).

Read the rest of this entry »

Posted in Chrome, Development, HTML, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Browsers, Web Development | Leave a Comment »

awaescher/Fusion: 🧰 A modern alternative to the Microsoft Assembly Binding Log Viewer (FUSLOGVW.exe)

Posted by jpluimers on 2023/12/18

[Wayback/Archive] awaescher/Fusion: 🧰 A modern alternative to the Microsoft Assembly Binding Log Viewer (FUSLOGVW.exe)

So, do you know what “Enable immersive logging” means? Or why you should separate log categories from “Default” and “Native Images”? Did you ever forget to disable the log again and wondered why every .NET application was that slow and your disk ran out of space?

Forget all the setup upfront – just hit “Record” to capture your assembly logs. If you are done, click “Stop” again. That’s it.

Via [Wayback/Archive] Meik Tranel on Twitter: “@Nick_Craver Take this: github.com/awaescher/Fusion Nice UI and never forget to disable that env var ever again.”.

–jeroen

Posted in .NET, C#, Development, F#, Software Development, VB.NET | Leave a Comment »

Reminder to self: pointers to recovering “The Great Suspender” suspended URLs (after in 2021 Google booted it from Chrome for being malware)

Posted by jpluimers on 2023/12/14

I was a long term user of “The Great Suspender”. It was a cool little Chrome Extension that would auto-suspend Chrome tabs that had not been used for a while and resume them when the tab did get accessed again thereby greatly reducing the horrible Chrome CPU and memory footprints.

During my year+ long treatment against metastasised rectum cancer I had suspended or hibernated most of my physical and virtual machines. So there was not just the surprised during the recovery of those that The Great Suspender had been kicked of the Chrome extensions, but also the problem of getting all the suspended tabs back of machines that eventually would be awoken out of sleep: I keep tabs open on stuff that I was working on or investigating for future blog posts, so these somehow could be important.

For now, I am not using anything as a replacement just to experience how well Chrome has evolved to suspend inactive tabs itself.

Now Chrome seems to do this well, as this post is based on an old VM that I have now unsuspended which had [Wayback/Archive] “the great suspender” “malware” – Google Search and the below links open in a mid-February 2021 state but not all archived in the Wayback Machine or Archive.is (some I did archived in February-May 2021).

The links are about why it got removed, how to recover lost suspended tabs and a possible alternative in case current Chrome suspend behaviour is not good enough.

Read the rest of this entry »

Posted in Bookmarklet, Chrome, Development, Google, HTML, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Development | Leave a Comment »

Why can’t we have nice things: ZorgDomein email subject has no ID in them, nor responds on Social Media on improvement suggestions

Posted by jpluimers on 2023/12/13

The drawback sending out emails all with the same subject is that the receiver is having a hard time setting them apart.

Especially in the work or medical realm this makes people miss crucial information.

Worse are organisations broadcasting on Twitter, but not responding at all to improvement suggestions. [Wayback/Archive] @ZorgDomein / Twitter gets both wrong (and is also unusually hard to find phone contact information for on their web-site):

Read the rest of this entry »

Posted in Back-End Development, Development, eMail, Health, LifeHacker, Power User, SocialMedia, Software Development | Leave a Comment »

« Previous Entries
Next Entries »