jump to navigation

Bug in ServerXMLHTTP with POST/303
September 18, 2006

Posted by Roel in : Technical , 1 comment so far

Last night i was developing with ServerXMLHTTP. ServerXMLHTTP is included with the Microsoft XML Parser (MSXML) version 3.0 or later.

Do not confuse ServerXMLHTTP with XMLHTTP, which is designed for client applications and relies on URLMon, which is built upon Microsoft Win32 Internet (WinInet).

The following bug is regarding to ServerXMLHTTP (so also: MSXML 3 – MSXML 4 SP2)

When doing a POST to an URL, and it responses with a "HTTP 303 – See Other" code, ServerXMLHTTP will RE-POST to the given URI.
According to the HTTP specifications it should follow the given URI with a GET request.

This issue is actually a ‘wrong implementation’ by Microsoft.

I see two possible security issues:

  1. Reposting username/password to another URI (without user’s notice).
  2. Redirect Looping when the 303 is pointing to the same source (i.e. http://www.abnamro.nl/ does this for Internet Banking). However i saw that after many redirects, the ServerXMLHTTP will exit with a ‘redirect problem’ to avoid buffer overflow and other ‘damage’. I’m note sure if all versions do this.

I reported this problem to Microsoft by phone (0800-MICROSOFT, from the Netherlands) and by E-Mail (support@microsoft.com), both at September, 12th, 2006.

How to setup an IBM Workplace server with CentOS (RHEL) + VNC
May 15, 2006

Posted by Roel in : Technical , add a comment

Recently i installed an IBM Workplace server on CentOS with VNCServer.
The IBM Software can run on Windows as well as Linux (RedHat Enterprise or SuSe).
Because you actually have to BUY RedHat Enterprise, they say you pay for a support contract but you cannot download the install files/ISO without buying the support contract. You can only download the RedHat Enterprise source files but then you have to compile them which is a total waste of time.
So i downloaded CentOS which is almost the same. CentOS is really free and you can download the DVD IDO or installation files.

Here is the PDF file i made with a step-by-step How-To for installing CentOS, installing IBM Workplace Server and installing a VNCServer (for remote configuration). I do nothing about tuning and all the installs are quite basic. The PDF is for Newbie’s.

How To install an IBM Workplace Server.pdf

Also look at the PDF if you encounter ‘Disk is Full’ error messages during the installation of CentOS or if you have problems with configuring or connecting VNCServer (black screen/window after connecting).
Note: The installation of CentOS is in Grafics-mode. IBM Workplace server failed to install under command-line mode, after a phone call with IBM, they said it was better to install in grafics mode…

Digest authentication: Impossible to authenticate to DB and IIS Webserver
April 26, 2006

Posted by Roel in : Technical , add a comment

Due to some technical issues (i’ll show you below) it is impossible to authenticate using Digest Authentication for authenticating the user against an Database/LDAP and the webserver itself. I did this before with Basic authentication, which works fine.

Example1:
It is possible to authenticate with basic authentication against a Database, simply write a 401 header to the client, wait until the client responses, decode the response with a Base64Decode function and query a database table with that username and password. When you decode the client response with a Base64Decode function, you get the ‘username:pasword’ (separated by a colon). (more…)

[VBScript/ASP] About Isnull and =null
April 26, 2006

Posted by Roel in : Technical , 1 comment so far

Expressions in VBScript/ASP with "null" in it, will always return FALSE. See the examples below:

Dim test
If (test=null) Then Response.Write "True" Else Response.Write "False" End If
If Not(test=null) Then Response.Write "True" Else Response.Write "False" End If

Both will show "False". Because "null" is in the expression, none of them will ever return True.
This is because any expression containing a Null is itself Null and therefore False.
Too make it more confusing, look at this example:

test_avc = null
Response.Write IsNull(test_avc)
If (test_avc=null) Then response.write "True" Else Response.Write "False" End If

This will return "True … False".
See the VBScript IsNull Reference:
"Use the IsNull function to determine whether an expression contains a Null value. Expressions that you might expect to evaluate to True under some circumstances, such as If Var = Null and If Var <> Null, are always False. This is because any expression containing a Null is itself Null, and therefore, False."

Windows Genuine Advantage bypassed again!
March 11, 2006

Posted by Roel in : Technical , 1 comment so far

UPDATE: This bypass method described below doesn’t work anymore. Visit mydigitallife’s article for an updated (3-dec-2006) and easy method of bypassing WGA/Notifications/Visiting Windows Updates, etc.

In 2005 Microsoft introduced Windows Genuine Advantage (WGA) which was (also) meant to reduce illegal copies. Since then, people who had an ‘illegal’ Corporate copy of Windows XP or Server 2003 were not able to use the Windowsupdate site anymore.
Shortly after that people found a way to bypass the checks required by the Windowsupdate site by disabling the WGA ActiveX plugin from their Internet Explorer.
It could be done by pasting this line in your browser:
javascript:void(window.g_sDisableWGACheck='all');
Microsoft fixed it and bypassing was no longer possible after March 2005.

The following content is for informational and educational purposes only.

I came accross the website of djlizard and he found a NEW way to bypass the checks at the Windowsupdate site.

  1. Close all your browsers (this is really important)
  2. Click Start -> Run -> Type: regsvr32 /u LegitCheckControl.dll
  3. Go to the WindowsUpdate site, select typical or custom. It will show the Activate button to activate your copy of windows. Click Start -> Run -> Type: regsvr32 LegitCheckControl.dll and go back one page in your browser. Now you can click typical or custom again and it won’t show the Activate button but continues to search for updates.

Script it! A logfiles compress/backup script
March 5, 2006

Posted by Roel in : Technical , 1 comment so far

Lesson of this article is: Script It!
I will also show an in depth example of a sheduled script which will zip/rotate/delete/move/copy you logfiles. This is a typical task everyone with a webserver would automate/script because you want to save your logfiles for statistics and to track ‘bad’ visitors while zipping them reduces it’s size approximately 25 times. So a 100MB logile will only be 4MB.

You can much better script the tasks you do often than doing it by hand all the time.
Advantages are:

Before scripting tasks i advise you to do the tasks manually a few times, then you exactly know which steps you have to do and which are always the same, you have more feeling with the task now.

(more…)

Always do your calculations based on days !
January 30, 2006

Posted by Roel in : Technical , add a comment

This is a simple example of what can happen when you calculate with years only:

Imagine you had a backup script which would delete all old backups, older than 1 year.
When you were using a VBScript (or ASP) function like:
DateDiff('yyyy', backup_create_date, Now)The 1st of January all your backups would be deleted (even the ones created at 31-12-previous_year). This is because Microsoft has quite a different way of doing math with years:
"When comparing December 31 to January 1 of the immediately succeeding year, DateDiff for Year ("yyyy") returns 1 even though only a day has elapsed."
Source: Microsoft MSDN VBScript Functions Reference – DateDiff Function
 
Solution: The best thing to do is always to calculate using days. The example above would be:
DateDiff('d', backup_create_date, Now).
Note: Keep in mind that years have a variable number of days (ie: 365, 366).

Magic Quotes and stripslashes, the truth
November 22, 2005

Posted by Roel in : Technical , add a comment

The follwing article i found is about what every PHP programmer should know, but unfortunately, the opposite is what i see among the most PHP programmers. They just freak around with the escaping of quotes and slashes. It sometimes results in a database with too many slashes and may be get noticed after a few years… For once and for all, the real facts about magic_quotes_gpc, addslashes() and stripslashes(). May it be clear for ever: http://www.webmasterstop.com/63.html.