Practical Programming

One of the drives in the programmers.org server decided to die last night as I was running defrag. Not a big deal, figured I could hot swap it out since I have plenty machiens to pull parts from. Unfortunately I discovered since the drive, while nearly exact in size and speed, was not compatible with an automatic-rebuild for this paticular raid card (PERC something or other).

After beating my head against the wall looking for a rebuild utility in the controller configuration application, I eventually discovered when the auto-rebuild fails you have to perform a manual rebuild with Dell’s OpenManage Software. I didn’t have this installed, go figure.

My apologies if you experienced any noticeable outtages.

Uncategorized

If you find yourself using terminal services a lot to manage various systems you will undoubtedly forget to logout of your sessions from time to time. Depending on the number of allowed and active sessions you could find yourself in a jam and unable to login.

I found myself in a jam and needed to restart terminal services remotely. Here is how I did it.

Yesterday evening, It occurred to me that a simple solution to this is to just restart the services from the command line. You might be wondering, since you can’t get in to run the command how this would work. You have two options:

1. Execute a command from a web script (if you have ftp or rds access to an application server like ColdFusion or ASP .NET) *see below for more info

2. Use PsExec (or PsService) part of the PsTools package from Microsoft. A nice collection of command line utilities for server administration I recommend you take the time to checkout.

To execute a command from a web script you will need to do two things. First create a batch file with the commands you wish to execute. Second write a script to securely execute those commands.

[remote.bat]

net stop “Terminal Services”

net start “Terminal Services”

REM echo reboot the machine

REM shutdown -r -t 0

[/remote.cfm]

<cfparam name=”url.key” default=”">

<cfif url.key eq “xya58IE9tsr”>

<cfexecute name=”#expandPath(”remote.bat”)#” variable=”foo”></cfexecute>

<cfoutput>#foo#</cfoutput>

</cfif>

—–

You will see the above script checks for a specific url.key in order to execute… you could easily limit this to a paticular IP or integrate another security method. Just remember not to leave it wide open or you just might have an unauthorized user executing your batch (probably on accident).

*Note that in this case the batch and cfm file reside in the same directory and execute permissions are given by default to each folder in CF. With ASP .NET you will need to make sure you have the ACL set correctly for IUSR or the Impersonated Account inside web.config.

—–

If you don’t have access to an application server, rember to consider PsExec as an option. It is a free tool from Sysinternals, but I recommend you download it as part of a collection of PsTools.

To stop Terminal Services remotely, run :

psexec \\servername net stop “terminal services”

To start Terminal Services remotely, run :

psexec \\servername net start “terminal services”

*don’t forget to add your user account information for this to work. its [-u] & [-p] respectively. See /? or check out the July 2004 issue of Windows IT Pro Magazine for Mark’s article that covers advanced usage of PsExec.

Uncategorized coldfusion, Microsoft, Remote, Server Administration

If you manage lots of SQL Servers no doubt you will have some DTS Packages to work with…. my new install of Sql Server 2008 did not come with the features necessary to work with legacy DTS. (nord did 2005, I understand its depreciated, but this is annoying.)

Don’t be fooled by the install… the Compatibility Tools aren’t enough to get up and running. I found these instructions by Microsoft, which require MANUAL copying of DLLS and such.

http://msdn.microsoft.com/en-us/library/ms143755.aspx

But although I was able to get DTS to work in 2005, the same is not true for me in 2008… It’s time for me to fire up a new VM, hopefully you will have better luck.

Uncategorized

10 years in the making, but the standards body finally agreed. Here it is:

http://www.ecma-international.org/publications/files/ECMA-ST/ECMA-262.pdf

Uncategorized

Ten years late, Macromedia/Adobe releases the next-gen ColdFusion Studio. The beta2 is available for free now so grab it while you can:

http://labs.adobe.com/technologies/coldfusionbuilder/

Uncategorized

In addition to the provided dictionaries being great for spell-checking routines, if you have a large library of backed up files and ever forget the password you used on an archive your in for a long road ahead. Assuming an inability to discover any binary hack, and there is no alternative method, you might want to consider a Dictionary Attack as your next choice for recovery. Put simply, a Dictionary Attack is where you try a large list of previously generated words until you find one that works.

Since everyone has their own style and pattern to passwords you need to approach this with some careful planning… but here are some general-use dictionaries and word lists I found online.

• http://coast.cs.purdue.edu/pub/dict/wordlists/
• http://coast.cs.purdue.edu/pub/dict/

you may want to consider utilizing this dictionary (and the other wordlists) as a starting point. You can then “upgrade” them by converting it to upper-case or a combination of cases subjectively depending on how you typically create your passwords. Either way, it’s a start in the right direction!

If a Dictionary Attack fails, your only option is going to be a Brute Force attack… which will take lots and i mean LOTS of time. You will need to consider every combination of lower-case/upper-case/numeric/symbol one at a time. If I recall my high school math correctly it’s the number of different characters (DC) to the power of the total number of characters (TC) in the password or DC^TC.  Think about that, thats something like over 4.7 trillion combinations for an eight character password And thats assuming you KNOW the password is a full eight characters… otherwise its much more!

That having been said I’ve always been interested in this method since its pretty much an absolute guarantee, theoretically anyway, that it will at some point discover your old password even if it takes a thousand years with todays technology. In general though, most passwords, especially those of home users can be reasonably brute-cracked with enough know how. Large distributed systems are often if not as a rule always necessary and can help by spreading the workload, but you’ll need to have the know how to create the software, the equipment to manage it, and the network of people to help you run it.

Be very cautious about using any prebuilt “cracking” software… it takes too much time to isolate and make sure its not sending all your passwords to a hacker or doing something else that creates a huge security risk.. but if you can’t write your own software and have absolutely no other choice make sure you use an open source library with good references. Otherwise consider installing it on a virtual machine and lock it into an “island” where its on a completely different subnet or whatever.

For information on algorithums, and additional references:

• http://en.wikipedia.org/wiki/Brute-force_search

Peace, and keep on coding!

Uncategorized

I recently realized just how incapable notepad is.. if you need to open large text files you can forget it! A friend recommended NotePad++ as a replacement utility and I can say it works extremely well. I recommend checking it out if you do any computer work.

http://notepad-plus.sourceforge.net

Uncategorized

I am excited to announce that the programmers.org ColdFusion UDF Extension Library is now freely available.

Part of being a good developer is the act of working smarter and not harder. And there is no better way to accomplish this than through code reuse. Adding your own Extension Library to ColdFusion is a direct and powerful way to increase the speed and consistency of your development.

Uncategorized

No matter what type of application you are building if your users are going to be uploading files it is to your advantage (and that of your users) that you integrate real time virus checking. Before I proceed remember this:

1. Virus checking is free/low cost  (depending upon the product and wether you are an individual or business)
2. It is relatively easy to build into your applications

Looking around the web you will find various virus checking applications, some free, some not. Some things to consider when selecting antivirus software will be: 

• Does the program support a CLI (execution from the command line)
• How reliable the software is
• How easily manageable the virii definitions are
   

@echo off
cd\program files\grisoft\avg free\
avgscan.exe %1 /heur /ext=* /arc /report c:\%2.txt
cd\
type %2.txt
rem del %2.txt

You can decide on your own set of options by reviewing the avgscan /? command as shown below:

C:\Program Files\Grisoft\AVG Free>avgscan /?
AVG7 Anti-Virus command line scanner
Copyright (c) 2006 GRISOFT, s.r.o.
/SCAN        Scan test /path,path/
/HEUR        Heuristic Analysis /path,path/
/EXCLUDE     Exclude path or files from scan
/@           Command file /file name/|
/EX          test these extensions /for example EXT=*/
/NOEXT       do not test these extensions /for example NOEXT=JPG/
/SMART       Smart scan
/ARC         test archives
/RT          test run-time compressions
/CLEAN       clean automatically
/TRASH       Move infected files to the Virus vault
/QT          Quick Test
/LOG         Generate a test result file
/MACROW      report macros
/PWDW        Report password-protected files
/IGNLOCKED   Ignore locked files
/REPORT      Report to file /file name/
/REPAPPEND   Append to the report file
/REPOK       report uninfected files as OK
/STOPLEVEL   Pause on detection /1-n/
/NOBREAK     Do not allow CTRL-BREAK to abort
/NOBOOT      Skip MBR/BOOT check
/NOMEM       Do not test memory
/MEM         Scan active processes
/NOHIMEM     Do not test upper memory
/NOSELF      Do not self-check AVG
/SKIPRP      Skip reparse points (NTFS only)
/SPY         Use Anti-Spyware Scanner
/SMS         Generate report in Management Information File (MIF) format
/?           Display help on this topic
/HELP        Display help on this topic
/DELAY       Cooperative mode (sleep during scanning)

[4 Integrate this batch file into your cold fusion program]

Obviously we need to have CF call our batch file (vscan.bat). CFEXECUTE to the rescue:

<cfexecute
    name="c:\documentready\_bin\vscan.bat"
    arguments="#tmpFile# #session.user_key#"
    variable="getOutput" timeout="15"></cfexecute>

Thanks to our /report switch and the Type from our batch file the results of our virus scan is dumped to the screen allowing us to parse the results returned in getOutput. Pretty neat eh?

To help you get an idea of what you will be parsing, and what information is available, here is a sample output (take note that the file input parameter must be a full path, and the output you are viewing here is for a file that is not infected with a virus):

C:\DocumentReady\_bin>vscan.bat c:\foo.txt foo
AVG7 Anti-Virus command line scanner
Copyright (c) 2006 GRISOFT, s.r.o.
Program version 7.5.549, engine 442
Virus Database: Version 270.9.0/1771  2008-11-06
Tested: 1 files, 2 sectors
Infections: 0
Errors: 0
AVG  7.5
Copyright (c) GRISOFT,s.r.o. 2006
Program version 7.5.438  Engine: 442 database version 270.9.0/1771
Command line: [c:\foo.txt /heur /ext=* /arc /report c:\foo.txt]
------------------------------------------------------------
Test start 11/6/2008 12:10:15
Elapsed time 4 sec.
------------------------------------------------------------
Scanned         files      :    1
Scanned         sectors    :    2
No viruses found.
------------------------------------------------------------

To do our parsing we will be using Regular Expressions. If you aren’t famlair with regular expressions, they are essentially the hottest tool you can use to parse through text and although they appear duanting at first, with practice they become both second nature and essential to your programming needs.

<cftry>
	<cfexecute
            name="c:\documentready\_bin\vscan.bat"
            arguments="#tmpFile# #session.user_key#"
            variable="getOutput"
            timeout="15"></cfexecute>
<cfcatch>
      <cfset void = showError("Upload failed, virus check timed out.")>
</cfcatch>
</cftry>
<cfset infectedFiles = "Infected        files      :    (\d+?)?">
<cfset pos = REFindNoCase(infectedFiles,getOutput,1,true)>
<cfif ArrayLen(pos.pos) gte 2>
       <cfset infectedCount = mid(getOutput,pos.pos[2],pos.len[2])>
<cfelse>
       <cfset infectedCount = 0>
</cfif>
<cfif infectedCount>
       <cfset virusname = ListGetAt(getOutput,5,chr(10)&chr(13))>
       <cfset virusname = ReplaceNoCase(virusname,"""#tmpFile#"" ...
                                        Virus identified ","","ONE")>
       <cffile action="delete" file="#tmpFile#">

       <cfset void = showError("Virus Found, " & virusname)>
</cfif>

For more information on Regular Expressions check out the Introduction to Regular Expressions (Scripting) on MSDN.

Uncategorized Virus Scanning