Category: Secure .NET Coding

Good Reads For Information Security Domain

For February 2016 OpenSSL Releases Security Advisory for Several Vulnerabilities https://mta.openssl.org/pipermail/openssl-announce/2016-March/000066.html https://drownattack.com/ Drupal Releases Critical Security Advisory for Multiple Vulnerabilities https://www.drupal.org/SA-CORE-2016-001 Google Project Zero: The Definitive Guide on Win32 to NT Path Conversion https://googleprojectzero.blogspot.com/2016/02/the-definitive-guide-on-win32-to-nt.html Angler Attempts to Slip The Hook http://blog.talosintel.com/2016/03/angler-slips-hook.html?f_l=s

Posted in ASP.NET, Azure, Database, iPhone Apps, JQUERY, JSON, LINQ, Operating System, Programming Language, Secure .NET Coding, Security, Sharepoint, Sharepoint Security, Silverlight, SQL Server, Visual Studio, WCF (Windows Communication Framework), Windows 7, WPF (Windows Presentation Framework), XML Tagged with: , ,

0wn!ng using xp_cmdshell

Background Well we all know “xp_cmdshell” and its history. It is a windows shell that gets spawns and uses string argument for command execution. The point is what the big deal? Impact The moment you get the access of the

Posted in Database, Secure .NET Coding, Security, SQL Server Tagged with: ,

Run Code by impersonating user privilege

Background In my previous post I have explained that how to perform operations on local system using ASP.NET. After using it and putting the same code in testing environment I realize that I throws access denied error when normal user

Posted in ASP.NET, Programming Language, Secure .NET Coding, Security, Sharepoint Security Tagged with: ,

Set ComboBox Item color

Background Not sure when this is useful, but its handy code to have when developing windows forms applications. The need can arise when we have to color code the data that we are displaying like status, severity, types, etc. As

Posted in Programming Language, Secure .NET Coding, Security, Visual Studio, WPF (Windows Presentation Framework) Tagged with: ,

Visual Studio is not debugging

Background It was a very normal day of development for me. As we know that luck does not favors us always, so for me as well. I was doing some coding on my project and wanted to debug the code

Posted in Programming Language, Secure .NET Coding, Security, Visual Studio, WPF (Windows Presentation Framework) Tagged with: ,

Enabling Session State in SharePoint 2010

Background Don’t know when this will be needed, but whenever required it important to know that how do we enable Session State in SharePoint 2010. Basically after enabling this we would be able to use session variables in our SharePoint

Posted in Secure .NET Coding, Security, Sharepoint, Sharepoint Security Tagged with: , ,

Web Part’s custom Properties in ToolPart

Its is there on my cards for long time to write on customizing Web Part’s properties. Now, finally I am writing. The basic idea behind this article is to add our own logic and controls in web part. There could

Posted in ASP.NET, Secure .NET Coding, Security, Sharepoint, Sharepoint Security Tagged with: , , ,

Race Condition in SharePoint 2010

Background On the other day I have been told write a code on event handler to update fields value based on condition. I thought it would be very simple, but it was not. Though the implementation was very simple with

Posted in Secure .NET Coding, Security, Sharepoint, Sharepoint Security Tagged with: , ,

Working with Multiple Cookies

Background When we build our web-application, we all use cookies for some of the other reason. Reasons could be keeping session id, certain user information, or any other page related data, etc. Whatever purpose it may be, as the best

Posted in ASP.NET, Programming Language, Secure .NET Coding, Security Tagged with: ,

DO NOT Install * aCt!v3X

You must be wondering with the topic title that why it is so weird, “DO NOT” for actually DO NOT J and “Install” is strikeout means that not to install and “*” in SQL means ALL. “aCt!v3X” is nothing but

Posted in ASP.NET, Programming Language, Secure .NET Coding, Security Tagged with: ,