Category: Secure .NET Coding

Good Reads For Information Security Domain

For February 2016 OpenSSL Releases Security Advisory for Several Vulnerabilities Drupal Releases Critical Security Advisory for Multiple Vulnerabilities Google Project Zero: The Definitive Guide on Win32 to NT Path Conversion Angler Attempts to Slip The Hook

Tagged with: , ,

0wn!ng using xp_cmdshell

Background Well we all know “xp_cmdshell” and its history. It is a windows shell that gets spawns and uses string argument for command execution. The point is what the big deal? Impact The moment you get the access of the

Tagged with: ,

Run Code by impersonating user privilege

Background In my previous post I have explained that how to perform operations on local system using ASP.NET. After using it and putting the same code in testing environment I realize that I throws access denied error when normal user

Tagged with: ,

Set ComboBox Item color

Background Not sure when this is useful, but its handy code to have when developing windows forms applications. The need can arise when we have to color code the data that we are displaying like status, severity, types, etc. As

Tagged with: ,

Visual Studio is not debugging

Background It was a very normal day of development for me. As we know that luck does not favors us always, so for me as well. I was doing some coding on my project and wanted to debug the code

Tagged with: ,

Enabling Session State in SharePoint 2010

Background Don’t know when this will be needed, but whenever required it important to know that how do we enable Session State in SharePoint 2010. Basically after enabling this we would be able to use session variables in our SharePoint

Tagged with: , ,

Web Part’s custom Properties in ToolPart

Its is there on my cards for long time to write on customizing Web Part’s properties. Now, finally I am writing. The basic idea behind this article is to add our own logic and controls in web part. There could

Tagged with: , , ,

Race Condition in SharePoint 2010

Background On the other day I have been told write a code on event handler to update fields value based on condition. I thought it would be very simple, but it was not. Though the implementation was very simple with

Tagged with: , ,

Working with Multiple Cookies

Background When we build our web-application, we all use cookies for some of the other reason. Reasons could be keeping session id, certain user information, or any other page related data, etc. Whatever purpose it may be, as the best

Tagged with: ,

DO NOT Install * aCt!v3X

You must be wondering with the topic title that why it is so weird, “DO NOT” for actually DO NOT J and “Install” is strikeout means that not to install and “*” in SQL means ALL. “aCt!v3X” is nothing but

Tagged with: ,