The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,862 other subscribers

Archive for the ‘Software Development’ Category

« Previous Entries
Next Entries »

Bypassing ACLs with SeRestore privilege. And very simple User to LocalSystem elevation. – YouTube

Posted by jpluimers on 2025/05/28

This is cool and scary at the same time, especially since I knew about other privileges (SeDebugPrivilege comes to mind).

Granted you need to be local administrator for this, but still: for some tasks you do not need to elevate in the traditional way, but just give your current token more privileges.

[Wayback/Archive] Bypassing ACLs with SeRestore privilege. And very simple User to LocalSystem elevation. – YouTube

Via [WaybackSave/Archive] Grzegorz Tworek on X: “Friendly Reminder: If you have admin privileges but lack the necessary file permissions, you can leverage the SeBackup/SeRestore privileges directly from cmd.exe! There’s no need to elevate to LocalSystem, duplicate TrustedInstaller, or use similar methods. Simply enable the …”

Read the rest of this entry »

Posted in C, Development, Power User, Software Development, Windows, Windows Development | Leave a Comment »

b0rk: “debugging strategy: jump into a REPL” / Twitter

Posted by jpluimers on 2025/05/28

[Wayback/Archive] 🔎Julia Evans🔍 on Twitter: “debugging strategy: jump into a REPL” (more platforms in the replies to the Tweet)

title: jump into a REPL In dynamic languages (like Python / Ruby / JS), you can jump into an interactive console at any point in your code. Here's how to do it in a frontend Javascript program: 1. edit your code code: ``` my_var = call_some_function() debugger; ``` 2. refresh the page 3. play around in the developer tools console! you can call any function you want / try out fixes! How to do it in other languages: Ruby: `binding.pry` Python: `import pdb; pdb.set_trace()`

Read the rest of this entry »

Posted in Debugging, Development, Software Development | Leave a Comment »

0x00 – Introduction to Windows Kernel Exploitation //

Posted by jpluimers on 2025/05/27

On my reading list (plus read/watch the links it mentions): [Wayback/Archive] 0x00 – Introduction to Windows Kernel Exploitation // by [Wayback/Archive] wetw0rk (@wetw0rk_bot) / X ([Wayback/Archive] wetw0rk.github.io).

Hopefully by now, more episodes have been published.

Links from this one, including archived versions split in the same sections as the above article:

Via [WaybackSave/Archive] Alex Plaskett on X: “0x00 – Introduction to Windows Kernel Exploitation by @wetw0rk_bot …”.

--jeroen

Posted in Development, Infosec (Information Security), Red team, Security, Software Development | Tagged: | Leave a Comment »

Naming things isn’t hard: if it contains a number, include the unit in the name (your timeout might not be in nanoseconds)

Posted by jpluimers on 2025/05/27

This case, it was C# accessing a SQL back-end, but the responses to the Tweet how so many more examples not even related to software development.

Remember that plane crashing because they overloaded while they thought the fuel load numbers were in Imperial pounds where in fact they were in metric kilograms?

That’s why naming things that contain numbers should contain the unit in their name!

Related blog post: Watch “Felienne Hermans: How patterns in variable names can make code easier to read” on YouTube

Tweet: [Wayback/Archive] Nick Craver on Twitter: “Troubleshooting a hanging test suite and godDAMMIT. “In seconds”. Integer timeouts should be a felony offense punishable by an indeterminate amount of seconds/milliseconds/hours/fortnights/whatever the judge chooses.”

var csb = new SqlConnectionStringBuilder(TestConfig.Current. SQLServerConnectionString){ ConnectTimeout = 2000 }; int SqlConnectionStringBuilder.ConnectTimeout { get; set; } Gets or sets the length of time (in seconds) to wait for a connection to the server before terminating the attempt and generating an error. Returns: The value of the SqlConnectionStringBuilder, ConnectTimeout property, or 15 seconds if no value has been supplied.

var csb = new SqlConnectionStringBuilder(TestConfig.Current. SQLServerConnectionString) { ConnectTimeout = 2000 }; int SqlConnectionStringBuilder.ConnectTimeout { get; set; } Gets or sets the length of time (in seconds) to wait for a connection to the server before terminating the attempt and generating an error. Returns: The value of the SqlConnectionStringBuilder, ConnectTimeout property, or 15 seconds if no value has been supplied.

Read the rest of this entry »

Posted in .NET, Agile, C#, Code Quality, Conference Topics, Conferences, Database Development, Development, Event, Software Development, SQL, SQL Server, Systems Architecture | Leave a Comment »

Online .NET source code browsers for both .NET Framework and .NET Core

Posted by jpluimers on 2025/05/22

I used these .NET Source Browsers quite few times over the last decade, first for the .NET Framework and later for .NET Core (now called .NET, sometimes .NET Runtime) as well, but forgot to blog about them, so now that I discovered there is one for the Roslyn Compiler Platform as well, let’s list them all:

It was introduced as [Wayback/Archive] referencesource-beta.microsoft.com by [Wayback/Archive] A new look for .NET Reference Source – .NET Blog which explains how to use it for browsing (on-line and off-line), Visual Studio integration, debugging, and more. In about a month however it got out of beta and became the primary as it functioned so well (you can verify this while browsing through the 2014 Wayback links).

All are powered by [Wayback/Archive] KirillOsenkov/SourceBrowser:

Read the rest of this entry »

Posted in .NET, .NET 4.8, .NET Core, .NET Framework, C#, Development, Software Development | Leave a Comment »

GitHub – LaurieWired/Malimite: iOS and macOS Decompiler

Posted by jpluimers on 2025/05/21

Will likely need this one day: [Wayback/Archive] GitHub – LaurieWired/Malimite: iOS and macOS Decompiler

--jeroen

Posted in Development, iOS Development, ObjectiveC, Software Development, Swift | Leave a Comment »

Podcast with @mattgodbolt of godbolt.org fame, on among other things becoming a verb, 6502s, exploring compilers, and application binary interfaces.

Posted by jpluimers on 2025/05/21

From a while ago: [Wayback/Archive] Kristian Köhntopp on Twitter: “embedded.fm/episodes/334 Embedded.fm  with @mattgodbolt of godbolt.org  fame, on among other things becoming a verb, 6502s, exploring compilers, and application binary interfaces.”

Read the rest of this entry »

Posted in .NET, C#, C++, Development, FreePascal, Pascal, Software Development | Leave a Comment »

Debugging Win32 binaries in Ghidra via Wine

Posted by jpluimers on 2025/05/20

For my link archive: [Wayback/Archive] Debugging Win32 binaries in Ghidra via Wine

[Wayback/Archive] Ghidra is a cross-platform reverse-engineering and binary analysis tool, with recent versions including support for dynamic analysis. I want to try using it as a replacement for IDA Pro in reverse-engineering of Win32 binaries, but hit bugs related to address space detection when running gdbserver with Wine ([Wayback/Archive] ghidra#4534).

This post contains custom GDB commands that allow Ghidra to query the Linux process ID and memory maps of a Win32 target process running in 32-bit Wine on a 64-bit Linux host.

Via [Wayback/Archive] Ptrace Security GmbH on Twitter: “Debugging Win32 binaries in Ghidra via Wine #Pentesting #Debugging #CyberSecurity #Infosec”.

--jeroen

Posted in Debugging, Development, Software Development, Windows Development | Tagged: , , , | Leave a Comment »

Exceptions and DLL in Delphi – Stack Overflow

Posted by jpluimers on 2025/05/20

Every once in a while I discover an answer I have not yet put on my blog, especially as related answer are always interesting.

This is one that didn’t make it until now: [Wayback/Archive] Exceptions and DLL in Delphi – Stack Overflow (thanks [Wayback/Archive] jpfollenius, [Wayback/Archive] Deltics and [Wayback/Archive] Lars Truijens)

Read the rest of this entry »

Posted in Conference Topics, Conferences, Delphi, Development, Event, Software Development, Undocumented Delphi, Windows Development | Leave a Comment »

Yes, you can globally block JavaScript and enablpe per-site, but you block Bookmarklets too

Posted by jpluimers on 2025/05/16

Trying to trim down excessive CPU usage of my web browsers, and lessen the risk of intrusion, I experimented with globally disabling JavaScript and only enabling it on sites where it adds value to me.

That is possible (see below), but immediately showed a big side effect: Bookmarklets will not work on sites that have JavaScript disabled.

Disabling JavaScript globally only allows Bookmarklets on sites where you have enabled JavaScript. Not the situation I hoped for (:

I’ll try it for a while though.

Read the rest of this entry »

Posted in Bookmarklet, Chrome, Chrome, Development, Firefox, Google, JavaScript/ECMAScript, Power User, Scripting, Software Development, Web Browsers, Web Development | Leave a Comment »

« Previous Entries
Next Entries »