Category: Tech

Technology and Computers are my primary interests. It is also how I
earn dollars for spending on food and housing.

Extract a password from a saved .rdp file.

I choose complex passwords and I quickly forget them. I save them in rdp files so that I can just click the file and it will automatically log me into a remote desktop connection.

Recently I forgot a password and I really wanted it back. I googled.

Then with some knowledge, I made a stupid and ugly Windows Forms application which lets me extract the encoded password crypt from an rdp file, paste it into a TextBox and click a button to decrypt.

Ok, so the data is fake. All zeros does not decode and decrypt to “thisismypassword”. But it works 🙂

The interesting bits are very short after pulling together the p/invoke and hex encode library.


int discarded;
byte[] bytes =
Utility.HexEncoding.GetBytes( input.Text, out discarded );
System.Text.ASCIIEncoding acsciiencoding = new ASCIIEncoding();
System.Text.UnicodeEncoding lUnicodeEncoding = new UnicodeEncoding();

byte[] lDecryptedBytes = dataProtector.Decrypt( bytes, null );

string decrypted = Utility.HexEncoding.ToString( lDecryptedBytes );
output.Text = "decrypted:"+decrypted + Environment.NewLine +
"unicode:" + lUnicodeEncoding.GetString( lDecryptedBytes, 0, lDecryptedBytes.Length ) +
Environment.NewLine +
"ascii:" + acsciiencoding.GetString( lDecryptedBytes, 0, lDecryptedBytes.Length )
+ Environment.NewLine
;

I like it when things are simple.

More fun with rediculous corporate security awareness training

I wouldn’t have taken it if I hadn’t been told it is mandatory.  What a waste of time for a person who already takes security seriously.  I feel like a child who has been told to sit in the corner and listen even if I already know everything today’s lesson is going to cover.

So when taking the quit at the end of the 190 slide deck which I skipped through, I run across a question regarding “a secure network”  I answered incorrectly.  I felt the need to email the corporate security people this response:

Question 3 from the Final Exam
 
The more secure a network is, the
harder it is to use.
 
The
correct answer is false.  You want me to select true to continue.  I just wanted
to voice my objection to this.  This is not true.  In fact, do we even ever
“use” networks?  We use applications that use networks.  Programmers writing the
application may use the network as means for applications to communicate, but as
end users we don’t directly use the network.  Furthermore, a more secure network
protects me from stupid things like worms and certain viruses.  This in turn
makes my computer easier to use because I don’t get these worms and certain
viruses.  So in many ways a secure network is more easy to use than an insecure
network.

Yes, I know I am a bit of a prick at times 🙂

Omer van Kloeten on Operating Systems

Omer van Kloeten has a series of posts on Operating Systems. It is damn find overview for me. It has been seven or eight years since I took my Operating Systems course in college. I also find the posts important because I’m aware of the number of programmers who have never had any higher education. Its very valueable to at least be aware of these things. Its why its taught in college. Very few programmers go and program at this level, but we must always be aware of what is really going on layers underneath us.

Processes, Signals and Threads
Scheduling

Thanks Omer!

I made it back alive from CodeMash

CodeMash was sweet.

So many other people are blogging about how awesome it was, I almost feel like I don’t need to mention it at all.

Any mention on the net is good, as long as they spell your name right. Meeting tons of people at CodeMash was a blast. Everyone was very down to earth. Keith was great to talk too. Catching up with Dustin Campbell was a blast as always. Of course talking with people I see more often like Bill Wagner, Josh Holmes, Jason Follas and Dianne Marsh was great too. It was great to talk with Richard Perry who is living in Detroit (well, Ferndale) who loves Detroit. I love Detroit too.

Bruce Eckel’s keynote was awesome. The non-codemash of software direction and burning man inspiration was awesome.

Neal Ford’s keynote was very fun. The Starbucks and Waffle House Domain Specific Languages are not to be forgotten.

Dave Donaldson represented NHibernate and I’ve very glad to see an open source .NET project get some exposure. I talked to a number of people who had never heard of NHibernate or Castle Project. I tried my best to explain to them what they were and of course talk them up as much as possible. I do happen to disagree with Dave when he says that LINQ is an ORM killer. LINQ to SQL, LINQ to Entities are just implementations of LINQ that happen to by ORMs themselves. There is nothing stopping the NHibernate community from creating LINQ to NHibernate. In fact, I’ve been thinking about how it could be done and I don’t think it would be too difficult.

I put some photos up on my flickr.

My camera was in the wrong mode for a number of the head shaving photos and I didn’t realize it until it was too late to capture the action. I love this picture of Josh and Brian just having their heads shaved and Josh just happens to be standing such that the projector is displaying “codemash” on his forehead. It was a very fun coincidence.
CodeMash 020

Did I mention that Richard Perry is a lot of fun?
CodeMash 004

It was also great hanging out with Richard Harding and Mark Ramm. Mark always has the most interesting and outrageous stories.

If you didn’t make it to codemash, I’m sorry to tell you that you REALLY missed out. I look forward to seeing you at the next one.

Code Mash Openning night.

Checked in a little before 8pm. So I agreed to meet my wife at 9pm and I went down and registered and listened to the already started expert panel on languages.

They definitely covered a lot of things.

The only things I’d like to add is on the topic of an enterprise architecture based on Web Services(SOAP). I think WCF is compelling enough that is bears mentioning. Yes, right now it is .NET only, but it is pluggable everywhere. You could (probably without too much effort) talk to java, python or whatever with it. The reason I find WCF so compelling is that it can start off as SOAP and WS-*, but based on its entirely customizable and extensible framework, you can completely change these transports to whatever you want. It could be binary. It could be RESTful XML over HTTP. It could be RESTful JSON over HTTP. Or… and this is one thing that I would love to explore… it could be your own protocol with your own states. I’ve always liked they way SMTP, POP, and IMAP were plain text (mostly) over TCP. It would be fun to try to come up with a generic WCF provider which would look, talk, and act like a plain text protocol over TCP.

The rest of the night is OpenSpaces talks. The only two I saw posted at 10min till 9pm was a 9pm on DotNetNuke and a 10pm on Open Source with .NET. I’ve missed most of the first writing this. I need to get food, so I hope I don’t miss the 10pm.

Cygwin Setup for distribution and yourself

Beating cygwin setup into submission can be a challenge. I finally figured it out.

I have need to install cygwin on servers which have no internet connection. I have no computer with internet except my lowly workstation. It already has cygwin installed. I would like to be able to download the cygwin installer, tell it to download only(it does support this) and then copy that package directory to a non-connected machine and run the cygwin installer.

The catch is that when I run the cygwin installer on my workstation, it sees all the packages I have installed. I can select a package for re-download, but then it downloads only that package and not all of its dependencies. I want a way to fetch everything! I actually suffered through an openssh cygwin bundle once. Adding a dependant package when I found it, trying again and so on, until after about 5 rounds, I had functioning openssh. It was a horrible experience.

It turns out the cygwin setup program reads setup information from /etc/setup. The simple workaround is to rename /etc/setup(aka c:\cygwin\etc\setup) do your download only install, and then delete the /etc/setup and rename your original back in place.

So far it works very well. You can even keep around multiple setup directories for different cygwin bundles.

Your own Apache proxy without root

I have a shell account on various friends servers all over the internet. Thanks to ssh, I can create a SOCKS proxy and tunnel traffic through ssh out the internet through any of these shell boxes. However, for various reasons (usually DNS related) SOCKS isn’t always good enough. I like to have an HTTP proxy as well.

Enabling mod_proxy in apache is pretty darn easy any any linux distro… if you have root to make changes to the apache configuration and to restart apache. I have friends nice enough to give me shell, but they don’t give me root. (I don’t blame them.) It turns out that running your own apache, without compiling it, is very easy with a little know how on most modern linux distributions.

First, copy the apache configuration which came with the system (hopefully apache is installed. If it is not, these instructions are not for you).

$ mkdir etc ; cp -a /etc/apache2 etc

Next, make directories for apache runtime information and logs.

$ mkdir -p var/log/apache2 var/lock/apache2 var/run

Now edit etc/apache2.conf and change… well… a lot of things. Just apply this patch instead. It is easy to read and see what is changed.

--- /etc/apache2/apache2.conf   2006-01-07 05:51:10.000000000 -0800
+++ etc/apache2/apache2.conf    2006-10-05 11:39:11.000000000 -0700
@@ -10,7 +10,7 @@
 # (available at );
 # you will save yourself a lot of trouble.

-ServerRoot "/etc/apache2"
+ServerRoot "/home/jrwren/etc/apache2"

 # The LockFile directive sets the path to the lockfile used when Apache
 # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
@@ -20,12 +20,12 @@
 # DISK. The PID of the main server process is automatically appended to
 # the filename.

-LockFile /var/lock/apache2/accept.lock
+LockFile var/lock/apache2/accept.lock

 # PidFile: The file in which the server should record its process
 # identification number when it starts.

-PidFile /var/run/apache2.pid
+PidFile var/run/apache2.pid

 # Timeout: The number of seconds before receives and sends time out.

@@ -98,8 +98,8 @@
 AcceptMutex fcntl
 

-User www-data
-Group www-data
+User jrwren
+Group jrwren

 # The following directives define some format nicknames for use with
 # a CustomLog directive (see below).
@@ -110,20 +110,20 @@


 # Global error log.
-ErrorLog /var/log/apache2/error.log
+ErrorLog var/log/apache2/error.log

 # Include module configuration:
-Include /etc/apache2/mods-enabled/*.load
-Include /etc/apache2/mods-enabled/*.conf
+Include mods-enabled/*.load
+Include mods-enabled/*.conf

 # Include all the user configurations:
-Include /etc/apache2/httpd.conf
+Include httpd.conf

 # Include ports listing
-Include /etc/apache2/ports.conf
+Include ports.conf

 # Include generic snippets of statements
-Include /etc/apache2/conf.d/[^.#]*
+Include conf.d/[^.#]*

 #Let's have some Icons, shall we?
 Alias /icons/ "/usr/share/apache2/icons/"
@@ -390,4 +390,4 @@
 #

 # Include the virtual host configurations:
-Include /etc/apache2/sites-enabled/[^.#]*
+Include sites-enabled/[^.#]*
diff -ru /etc/apache2/mods-available/proxy.conf etc/apache2/mods-available/proxy.conf
--- /etc/apache2/mods-available/proxy.conf      2006-01-07 05:51:10.000000000 -0800
+++ etc/apache2/mods-available/proxy.conf       2006-10-05 08:00:33.000000000 -0700
@@ -3,12 +3,13 @@
         #turning ProxyRequests on and allowing proxying from all may allow
         #spammers to use your proxy to send email.

-       ProxyRequests Off
+       ProxyRequests On

        
                Order deny,allow
                Deny from all
                #Allow from .your_domain.com
+               Allow from 127.0.0.1
        

        # Enable/disable the handling of HTTP/1.1 "Via:" headers.
diff -ru /etc/apache2/ports.conf etc/apache2/ports.conf
--- /etc/apache2/ports.conf     2006-07-26 12:15:44.000000000 -0700
+++ etc/apache2/ports.conf      2006-10-05 06:47:47.000000000 -0700
@@ -1,2 +1 @@
-Listen 80
-Listen 3080
+Listen 1080
diff -ru /etc/apache2/sites-available/default etc/apache2/sites-available/default
--- /etc/apache2/sites-available/default        2006-07-26 11:01:53.000000000 -0700
+++ etc/apache2/sites-available/default 2006-10-05 07:01:11.000000000 -0700
@@ -25,13 +25,13 @@
                Allow from all
        

-       ErrorLog /var/log/apache2/error.log
+       ErrorLog var/log/apache2/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

-       CustomLog /var/log/apache2/access.log combined
+       CustomLog var/log/apache2/access.log combined
        ServerSignature On

     Alias /doc/ "/usr/share/doc/"

Beware that the cp command from before copies the symlinks and they still point to /etc, so you may need to recreate some symlinks in etc/apache/mods-enabled.

Now you should be able to just start apache.


$ apache2 -d etc/apache2 -f apache2.conf

The patch configured apache to run on port 1080, so now use ssh with -L 1080:localhost:1080 and point your http proxy to localhost:1080 and you can browse the web via the ssh connection, also utilizing the remote hosts DNS.

That public wifi point won’t see any of your web traffic, just the ssh connection.

We are not alone

WE ARE NOT ALONE! How would you feel if aliens landed at your local airport, just sat there for a couple of hours and then flew away? Just a hypothetical(of course), but how would you feel if it was 100% irrefutable proof? What if you witnessed it with your own eyes? How would you feel about our(humankind’s) place in the universe?

Ann Arbor Dot Net Developer group will be having a meeting on January 10th, but currently we are homeless! Our usual meeting location is under construction. We will be finalizing a meeting location very soon. I’ll let you know.

We have an awesome meeting topic. This description was stolen from Darrell Hawley‘s email.

Matt Winkler, Technical Evangelist for Windows
Workflow Foundation (WF), will be speaking at our next meeting on January
10. If you haven’t heard, WF is the programming model, engine and tools for
quickly building workflow enabled applications. WF radically enhances a
developer’s ability to model and support business processes. Sound
interesting? Make sure you don’t miss AADND on January 10th starting at 6:00
pm.

Matt Winkler is the Technical Evangelist for Windows Workflow. He was born
and raised in St. Louis, Missouri, home of Budweiser, the Cardinals and
toasted ravioli. After college at Denison University, he returned to work
for a consulting firm and a software development firm. For the last few
years he has been focused on integration and workflow technologies, so he’s
very excited about Windows Workflow, and looking forward to finding many
different cool uses for it.

putty and screen

I’ve been using screen in Linux or Unix (Tru64) since around 1996. I left it for a number of years and didn’t start using screen regularly again until sometime in 2004. Since then I’ve been trying to learn more and more about screen’s endless feature set.

My favorite thing has more to due with a my use case for screen with putty. I’ve found it extremely useful to set my “Remote command” to “screen -U -x -R” in putty. This reconnects to a running putty session without disconnecting any other connected sessions. This setting is in putty under Connection->SSH.

Now I can ssh to a remote system using 2 or 3 putty instances and get the same screen session and have each different putty session in a different screen window. I can even split the screen windows in one session, and have them separate in another session. I’ve been using this for at least a year and it has very positively affected my productivity.

Other great putty tips include using Consolas (sorry, its only available to vista users or Visual Studio users) at 8pt for a font and using the putty -load command line to start a saved session. I type win-R putty -load myhost more than I should. Before I did the screen thing I set putty’s scrollback setting to 20000 lines. I like to minimize with the keyboard by pressing alt-space n, so I enable “System menu appears on ALT-Space”. Today I heard a complaint that putty closes the window and you don’t see what happened, but I’ve never experienced this because I always have the “warn before closing window” option.

This tip is the newest one to me, and I wish I had found it sooner. Under Window->Selection the behavior of double clicking a word is set. Double clicking URLs doesn’t normally work in putty, so you have to go change the character class of colon, question mark, and ampersand. Change the class to 2 and now when you double click a url it will be highlighted entirely!

I use port forwarding a ton, but I’m not going to explain it here. It has been explained before in many places. Use google.

Jorge on Free Software

I agree with you entirely Jorge, but have you considered that YOU are the alternative.

It is about Free Software. Please keep up speaking against the Poisonous People. They are as dangerous as non-free and closed source software. Many of us look to people like you to be an alternative vocal minority to keep these Poisonous People in check. Thank you for doing so.

You are the perfect “Leader-Type” in the Open Source community. Yes, you are doing “real work” too, but you have the distinct advantage of NOT trying to ship releases like many of them. Yet, you talk with them, you understand their message and you relay it to the rest of us.

Bruce and the other Poisonous People aren’t doing this. They have a personal adjenda. Some of us can see that, but others may not, so we need to give you a more powerful voice. We need to let others know that THIS (Bruce) is NOT what free software is about.

Thanks Jorge.