Search Results

Search found 312 results on 13 pages for 'hashes'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 11/13 | < Previous Page | 7 8 9 10 11 12 13  | Next Page >

  • dll injection using C

    - by AJINKYA
    hey i m trying to inject a dll into a process i.e lsass.exe to get hashes.Its a bit hacky but cant help its my project. I have a code of dll injection but in visual C++ it gives errors such as.. at TEXT("LoadLibraryA"))))----argument const wchar incompatible with LPCSTR at lpFuncAddr-----------argument type "LPVOID" incompatible with parameter type "LPTHREAD_START ROUTINE" CODE: BOOL InjectDLL(DWORD dwProcessId, LPCSTR lpszDLLPath) { HANDLE hProcess, hThread; LPVOID lpBaseAddr, lpFuncAddr; DWORD dwMemSize, dwExitCode; BOOL bSuccess = FALSE; HMODULE hUserDLL; //convert char to wchar char *lpszDLLPath = "hash.dll"; size_t origsize = strlen(orig) + 1; const size_t newsize = 100; size_t convertedChars = 0; wchar_t dllpath[newsize]; mbstowcs_s(&convertedChars, dllpath, origsize, orig, _TRUNCATE); if((hProcess = OpenProcess(PROCESS_CREATE_THREAD|PROCESS_QUERY_INFORMATION|PROCESS_VM_OPERATION |PROCESS_VM_WRITE|PROCESS_VM_READ, FALSE, dwProcessId))) { dwMemSize = wcslen(dllpath) + 1; if((lpBaseAddr = VirtualAllocEx(hProcess, NULL, dwMemSize, MEM_COMMIT, PAGE_READWRITE))) { if(WriteProcessMemory(hProcess, lpBaseAddr, lpszDLLPath, dwMemSize, NULL)) { if((hUserDLL = LoadLibrary(TEXT("kernel32.dll")))) { if((lpFuncAddr = GetProcAddress(hUserDLL, TEXT("LoadLibraryA")))) { if((hThread = CreateRemoteThread(hProcess, NULL, 0, lpFuncAddr, lpBaseAddr, 0, NULL))) { WaitForSingleObject(hThread, INFINITE); if(GetExitCodeThread(hThread, &dwExitCode)) { bSuccess = (dwExitCode != 0) ? TRUE : FALSE; } CloseHandle(hThread); } } FreeLibrary(hUserDLL); } } VirtualFreeEx(hProcess, lpBaseAddr, 0, MEM_RELEASE); } CloseHandle(hProcess); } return bSuccess; } int WINAPI WinMain(HINSTANCE hThisInstance, HINSTANCE hPrevInstance, LPSTR lpszCmdLine, int nCmdShow) { if(InjectDLL(PROCESSID, "hash.dll")) { MessageBox(NULL, TEXT("DLL Injected!"), TEXT("DLL Injector"), MB_OK); }else { MessageBox(NULL, TEXT("Couldn't inject DLL"), TEXT("DLL Injector"), MB_OK | MB_ICONERROR); } return 0; } i m a beginner to dll and windows programming so will appreciate your help.

    Read the article

  • Download-from-PyPI-and-install script

    - by zubin71
    Hello, I have written a script which fetches a distribution, given the URL. After downloading the distribution, it compares the md5 hashes to verify that the file has been downloaded properly. This is how I do it. def download(package_name, url): import urllib2 downloader = urllib2.urlopen(url) package = downloader.read() package_file_path = os.path.join('/tmp', package_name) package_file = open(package_file_path, "w") package_file.write(package) package_file.close() I wonder if there is any better(more pythonic) way to do what I have done using the above code snippet. Also, once the package is downloaded this is what is done: def install_package(package_name): if package_name.endswith('.tar'): import tarfile tarfile.open('/tmp/' + package_name) tarfile.extract('/tmp') import shlex import subprocess installation_cmd = 'python %ssetup.py install' %('/tmp/'+package_name) subprocess.Popen(shlex.split(installation_cmd) As there are a number of imports for the install_package method, i wonder if there is a better way to do this. I`d love to have some constructive criticism and suggestions for improvement. Also, I have only implemented the install_package method for .tar files; would there be a better manner by which I could install .tar.gz and .zip files too without having to write seperate methods for each of these?

    Read the article

  • CS 50- Pset 1 Mario Program

    - by boametaphysica
    the problem set asks us to create a half pyramid using hashes. Here is a link to an image of how it should look- I get the idea and have written the program until printing the spaces (which I have replaced by "_" just so that I can test the first half of it. However, when I try to run my program, it doesn't go beyond the do-while loop. In other words, it keeps asking me for the height of the pyramid and does not seem to run the for loop at all. I've tried multiple approaches but this problem seems to persist. Any help would be appreciated! Below is my code- # include <cs50.h> # include <stdio.h> int main(void) { int height; do { printf("Enter the height of the pyramid: "); height = GetInt(); } while (height > 0 || height < 24); for (int rows = 1; rows <= height, rows++) { for (int spaces = height - rows; spaces > 0; spaces--) { printf("_"); } } return 0; } Running this program yields the following output- Enter the height of the pyramid: 11 Enter the height of the pyramid: 1231 Enter the height of the pyramid: aawfaf Retry: 12 Enter the height of the pyramid:

    Read the article

  • Why might stable_sort be affecting my hashtable values?

    - by zebraman
    I have defined a struct ABC to contain an int ID, string NAME, string LAST_NAME; My procedure is this: Read in a line from an input file. Parse each line into first name and last name and insert into the ABC struct. Also, the struct's ID is given by the number of the input line. Then, push_back the struct into a vector masterlist. I am also hashing these to a hashtable defined as vector< vector , using first name and last name as keywords. That is, If my data is: Garfield Cat Snoopy Dog Cat Man Then for the keyword cash hashes to a vector containing Garfield Cat and Cat Man. I insert the structs into the hashtable using push_back again. The problem is, when I call stable_sort on my masterlist, my hashtable is affected for some reason. I thought it might be happening since the songs are being ordered differently, so I tried making a copy of the masterlist and sorting it and it still affects the hashtable though the original masterlist is unaffected. Any ideas why this might be happening?

    Read the article

  • How to pull one commit at a time from a remote git repository?

    - by Norman Ramsey
    I'm trying to set up a darcs mirror of a git repository. I have something that works OK, but there's a significant problem: if I push a whole bunch of commits to the git repo, those commits get merged into a single darcs patchset. I really want to make sure each git commit gets set up as a single darcs patchset. I bet this is possible by doing some kind of git fetch followed by interrogation of the local copy of the remote branch, but my git fu is not up to the job. Here's the (ksh) code I'm using now, more or less: git pull -v # pulls all the commits from remote --- bad! # gets information about only the last commit pulled -- bad! author="$(git log HEAD^..HEAD --pretty=format:"%an <%ae>")" logfile=$(mktemp) git log HEAD^..HEAD --pretty=format:"%s%n%b%n" > $logfile # add all new files to darcs and record a patchset. this part is OK darcs add -q --umask=0002 -r . darcs record -a -A "$author" --logfile="$logfile" darcs push -a rm -f $logfile My idea is Try git fetch to get local copy of the remote branch (not sure exactly what arguments are needed) Somehow interrogate the local copy to get a hash for every commit since the last mirroring operation (I have no idea how to do this) Loop through all the hashes, pulling just that commit and recording the associated patchset (I'm pretty sure I know how to do this if I get my hands on the hash) I'd welcome either help fleshing out the scenario above or suggestions about something else I should try. Ideas?

    Read the article

  • Binding a date string parameter in an MS Access PDO query

    - by harryg
    I've made a PDO database class which I use to run queries on an MS Access database. When querying using a date condition, as is common in SQL, dates are passed as a string. Access usually expects the date to be surrounded in hashes however. E.g. SELECT transactions.amount FROM transactions WHERE transactions.date = #2013-05-25#; If I where to run this query using PDO I might do the following. //instatiate pdo connection etc... resulting in a $db object $stmt = $db->prepare('SELECT transactions.amount FROM transactions WHERE transactions.date = #:mydate#;'); //prepare the query $stmt->bindValue('mydate', '2013-05-25', PDO::PARAM_STR); //bind the date as a string $stmt->execute(); //run it $result = $stmt->fetch(); //get the results As far as my understanding goes the statement that results from the above would look like this as binding a string results in it being surrounded by quotes: SELECT transactions.amount FROM transactions WHERE transactions.date = #'2013-05-25'#; This causes an error and prevents the statement from running. What's the best way to bind a date string in PDO without causing this error? I'm currently resorting to sprintf-ing the string which I'm sure is bad practise. Edit: if I pass the hash-surrounded date then I still get the error as below: Fatal error: Uncaught exception 'PDOException' with message 'SQLSTATE[22018]: Invalid character value for cast specification: -3030 [Microsoft][ODBC Microsoft Access Driver] Data type mismatch in criteria expression. (SQLExecute[-3030] at ext\pdo_odbc\odbc_stmt.c:254)' in C:\xampp\htdocs\ips\php\classes.php:49 Stack trace: #0 C:\xampp\htdocs\ips\php\classes.php(49): PDOStatement-execute() #1 C:\xampp\htdocs\ips\php\classes.php(52): database-execute() #2 C:\xampp\htdocs\ips\try2.php(12): database-resultset() #3 {main} thrown in C:\xampp\htdocs\ips\php\classes.php on line 49

    Read the article

  • Http Digest Authentication, Handle different browser char-sets...

    - by user160561
    Hi all, I tried to use the Http Authentication Digest Scheme with my php (apache module) based website. In general it works fine, but when it comes to verification of the username / hash against my user database i run into a problem. Of course i do not want to store the user´s password in my database, so i tend to store the A1 hashvalue (which is md5($username . ':' . $realm . ':' . $password)) in my db. This is just how the browser does it too to create the hashes to send back. The Problem: I am not able to detect if the browser does this in ISO-8859-1 fallback (like firefox, IE) or UTF-8 (Opera) or whatever. I have chosen to do the calculation in UTF-8 and store this md5 hash. Which leads to non-authentication in Firefox and IE browsers. How do you solve this problem? Just do not use this auth-scheme? Or Store a md5 Hash for each charset? Force users to Opera? (Terms of A1 refer to the http://php.net/manual/en/features.http-auth.php example.) (for digest access authentication read the according wikipedia entry)

    Read the article

  • Python - Why use anything other than uuid4() for unique strings?

    - by orokusaki
    I see quit a few implementations of unique string generation for things like uploaded image names, session IDs, et al, and many of them employ the usage of hashes like SHA1, or others. I'm not questioning the legitimacy of using custom methods like this, but rather just the reason. If I want a unique string, I just say this: >>> import uuid >>> uuid.uuid4() 07033084-5cfd-4812-90a4-e4d24ffb6e3d And I'm done with it. I wasn't very trusting before I read up on uuid, so I did this: >>> import uuid >>> s = set() >>> for i in range(5000000): # That's 5 million! >>> s.add(uuid.uuid4()) ... ... >>> len(s) 5000000 Not one repeater (I didn't expect one considering the odds are like 1.108e+50, but it's comforting to see it in action). You could even half the odds by just making your string by combining 2 uuid4()s. So, with that said, why do people spend time on random() and other stuff for unique strings, etc? Is there an important security issue or other regarding uuid?

    Read the article

  • Password Cracking in 2010 and Beyond

    - by mttr
    I have looked a bit into cryptography and related matters during the last couple of days and am pretty confused by now. I have a question about password strength and am hoping that someone can clear up my confusion by sharing how they think through the following questions. I am becoming obsessed about these things, but need to spend my time otherwise :-) Let's assume we have an eight-digit password that consists of upper and lower-case alphabetic characters, numbers and common symbols. This means we have 8^96 ~= 7.2 quadrillion different possible passwords. As I understand there are at least two approaches to breaking this password. One is to try a brute-force attack where we try to guess each possible combination of characters. How many passwords can modern processors (in 2010, Core i7 Extreme for eg) guess per second (how many instructions does a single password guess take and why)? My guess would be that it takes a modern processor in the order of years to break such a password. Another approach would consist of obtaining a hash of my password as stored by operating systems and then search for collisions. Depending on the type of hash used, we might get the password a lot quicker than by the bruteforce attack. A number of questions about this: Is the assertion in the above sentence correct? How do I think about the time it takes to find collisions for MD4, MD5, etc. hashes? Where does my Snow Leopard store my password hash and what hashing algorithm does it use? And finally, regardless of the strength of file encryption using AES-128/256, the weak link is still my en/decryption password used. Even if breaking the ciphered text would take longer than the lifetime of the universe, a brute-force attack on my de/encryption password (guess password, then try to decrypt file, try next password...), might succeed a lot earlier than the end of the universe. Is that correct? I would be very grateful, if people could have mercy on me and help me think through these probably simple questions, so that I can get back to work.

    Read the article

  • How would you go about parsing markdown?

    - by John Leidegren
    You can find the syntax here. The thing is, the source that follows with the download is written in perl. Which I have no intentions of honoring. It is riddled with regex and it relies on MD5 hashes to escape certain characters. Something is just wrong about that! I'm about to hard code a parser for markdown and I'm wonder if someone had some experience with this? Edit: If you don't have anything meaningful to say about the actual parsing of markdown, spare me the time. (This might sound harsh, but yes, I'm looking for insight, not a solution i.e. third-party library). To help a bit with the answers, regex are meant to identify patterns! NOT to parse an entire grammar. That people consider doing so is foobar. If you think about markdown, it's fundamentally based around the concept of paragraphs. As such, a reasonable approach might be to split the input into paragraphs. There are many kinds of paragraphs e.g. heading, text, list, blockquote, code. The challenge is thus to identify these paragraphs and in what context they occur. I'll be back with a solution, once I find it's worthy to be shared.

    Read the article

  • Password hashing, salt and storage of hashed values

    - by Jonathan Leffler
    Suppose you were at liberty to decide how hashed passwords were to be stored in a DBMS. Are there obvious weaknesses in a scheme like this one? To create the hash value stored in the DBMS, take: A value that is unique to the DBMS server instance as part of the salt, And the username as a second part of the salt, And create the concatenation of the salt with the actual password, And hash the whole string using the SHA-256 algorithm, And store the result in the DBMS. This would mean that anyone wanting to come up with a collision should have to do the work separately for each user name and each DBMS server instance separately. I'd plan to keep the actual hash mechanism somewhat flexible to allow for the use of the new NIST standard hash algorithm (SHA-3) that is still being worked on. The 'value that is unique to the DBMS server instance' need not be secret - though it wouldn't be divulged casually. The intention is to ensure that if someone uses the same password in different DBMS server instances, the recorded hashes would be different. Likewise, the user name would not be secret - just the password proper. Would there be any advantage to having the password first and the user name and 'unique value' second, or any other permutation of the three sources of data? Or what about interleaving the strings? Do I need to add (and record) a random salt value (per password) as well as the information above? (Advantage: the user can re-use a password and still, probably, get a different hash recorded in the database. Disadvantage: the salt has to be recorded. I suspect the advantage considerably outweighs the disadvantage.) There are quite a lot of related SO questions - this list is unlikely to be comprehensive: Encrypting/Hashing plain text passwords in database Secure hash and salt for PHP passwords The necessity of hiding the salt for a hash Clients-side MD5 hash with time salt Simple password encryption Salt generation and Open Source software I think that the answers to these questions support my algorithm (though if you simply use a random salt, then the 'unique value per server' and username components are less important).

    Read the article

  • Why are references compacted inside Perl lists?

    - by parkan
    Putting a precompiled regex inside two different hashes referenced in a list: my @list = (); my $regex = qr/ABC/; push @list, { 'one' => $regex }; push @list, { 'two' => $regex }; use Data::Dumper; print Dumper(\@list); I'd expect: $VAR1 = [ { 'one' => qr/(?-xism:ABC)/ }, { 'two' => qr/(?-xism:ABC)/ } ]; But instead we get a circular reference: $VAR1 = [ { 'one' => qr/(?-xism:ABC)/ }, { 'two' => $VAR1->[0]{'one'} } ]; This will happen with indefinitely nested hash references and shallowly copied $regex. I'm assuming the basic reason is that precompiled regexes are actually references, and references inside the same list structure are compacted as an optimization (\$scalar behaves the same way). I don't entirely see the utility of doing this (presumably a reference to a reference has the same memory footprint), but maybe there's a reason based on the internal representation Is this the correct behavior? Can I stop it from happening? Aside from probably making GC more difficult, these circular structures create pretty serious headaches. For example, iterating over a list of queries that may sometimes contain the same regular expression will crash the MongoDB driver with a nasty segfault (see https://rt.cpan.org/Public/Bug/Display.html?id=58500)

    Read the article

  • Why does iOS 5 fail to connect to a server running JDK 1.6, but not JDK 1.5

    - by KC Baltz
    We have a Java Socket Server listening on an SSLSocket (port 443) and an iOS application that connects with it. When running on iOS 5.1, the application stopped working when we upgraded the Java version of the server from JDK 1.5 to 1.6 (or 1.7). The app connects just fine to JDK 5 and 6 when running on iOS 6. The iOS app is reporting an error: -9809 = errSSLCrypto. On the Java side, we get javax.net.ssl.SSLException: Received fatal alert: close_notify. On the Java server side, we have enabled all the available cipher suites. On the client side we have tested enabling several different suites, although we have yet to complete a test involving each one individually enabled. Right now, it is failing when we use TLS_DH_anon_WITH_AES_128_CBC_SHA although it has failed with others and we are starting to think it's not the suite. Here is the debug output. It makes it all the way to ServerHelloDone and then fails shortly thereafter: Is secure renegotiation: false [Raw read]: length = 5 0000: 16 03 03 00 41 ....A [Raw read]: length = 65 0000: 01 00 00 3D 03 03 50 83 1E 0B 56 19 25 65 C8 F2 ...=..P...V.%e.. 0010: AF 02 AD 48 FE E2 92 CF B8 D7 A6 A3 EA C5 FF 5D ...H...........] 0020: 74 0F 1B C1 99 18 00 00 08 00 FF 00 34 00 1B 00 t...........4... 0030: 18 01 00 00 0C 00 0D 00 08 00 06 05 01 04 01 02 ................ 0040: 01 . URT-, READ: Unknown-3.3 Handshake, length = 65 *** ClientHello, Unknown-3.3 RandomCookie: GMT: 1333992971 bytes = { 86, 25, 37, 101, 200, 242, 175, 2, 173, 72, 254, 226, 146, 207, 184, 215, 166, 163, 234, 197, 255, 93, 116, 15, 27, 193, 153, 24 } Session ID: {} Cipher Suites: [TLS_EMPTY_RENEGOTIATION_INFO_SCSV, TLS_DH_anon_WITH_AES_128_CBC_SHA, SSL_DH_anon_WITH_3DES_EDE_CBC_SHA, SSL_DH_anon_WITH_RC4_128_MD5] Compression Methods: { 0 } Unsupported extension signature_algorithms, data: 00:06:05:01:04:01:02:01 *** [read] MD5 and SHA1 hashes: len = 65 0000: 01 00 00 3D 03 03 50 83 1E 0B 56 19 25 65 C8 F2 ...=..P...V.%e.. 0010: AF 02 AD 48 FE E2 92 CF B8 D7 A6 A3 EA C5 FF 5D ...H...........] 0020: 74 0F 1B C1 99 18 00 00 08 00 FF 00 34 00 1B 00 t...........4... 0030: 18 01 00 00 0C 00 0D 00 08 00 06 05 01 04 01 02 ................ 0040: 01 . %% Created: [Session-1, TLS_DH_anon_WITH_AES_128_CBC_SHA] *** ServerHello, TLSv1 RandomCookie: GMT: 1333992972 bytes = { 100, 3, 56, 153, 7, 2, 251, 64, 41, 32, 66, 240, 227, 181, 55, 190, 2, 237, 146, 0, 73, 119, 70, 0, 160, 9, 28, 207 } Session ID: {80, 131, 30, 12, 241, 73, 52, 38, 46, 41, 237, 226, 199, 246, 156, 45, 3, 247, 182, 43, 223, 8, 49, 169, 188, 63, 160, 41, 102, 199, 50, 190} Cipher Suite: TLS_DH_anon_WITH_AES_128_CBC_SHA Compression Method: 0 Extension renegotiation_info, renegotiated_connection: <empty> *** Cipher suite: TLS_DH_anon_WITH_AES_128_CBC_SHA *** Diffie-Hellman ServerKeyExchange DH Modulus: { 233, 230, 66, 89, 157, 53, 95, 55, 201, 127, 253, 53, 103, 18, 11, 142, 37, 201, 205, 67, 233, 39, 179, 169, 103, 15, 190, 197, 216, 144, 20, 25, 34, 210, 195, 179, 173, 36, 128, 9, 55, 153, 134, 157, 30, 132, 106, 171, 73, 250, 176, 173, 38, 210, 206, 106, 34, 33, 157, 71, 11, 206, 125, 119, 125, 74, 33, 251, 233, 194, 112, 181, 127, 96, 112, 2, 243, 206, 248, 57, 54, 148, 207, 69, 238, 54, 136, 193, 26, 140, 86, 171, 18, 122, 61, 175 } DH Base: { 48, 71, 10, 213, 160, 5, 251, 20, 206, 45, 157, 205, 135, 227, 139, 199, 209, 177, 197, 250, 203, 174, 203, 233, 95, 25, 10, 167, 163, 29, 35, 196, 219, 188, 190, 6, 23, 69, 68, 64, 26, 91, 44, 2, 9, 101, 216, 194, 189, 33, 113, 211, 102, 132, 69, 119, 31, 116, 186, 8, 77, 32, 41, 216, 60, 28, 21, 133, 71, 243, 169, 241, 162, 113, 91, 226, 61, 81, 174, 77, 62, 90, 31, 106, 112, 100, 243, 22, 147, 58, 52, 109, 63, 82, 146, 82 } Server DH Public Key: { 8, 60, 59, 13, 224, 110, 32, 168, 116, 139, 246, 146, 15, 12, 216, 107, 82, 182, 140, 80, 193, 237, 159, 189, 87, 34, 18, 197, 181, 252, 26, 27, 94, 160, 188, 162, 30, 29, 165, 165, 68, 152, 11, 204, 251, 187, 14, 233, 239, 103, 134, 168, 181, 173, 206, 151, 197, 128, 65, 239, 233, 191, 29, 196, 93, 80, 217, 55, 81, 240, 101, 31, 119, 98, 188, 211, 52, 146, 168, 127, 127, 66, 63, 111, 198, 134, 70, 213, 31, 162, 146, 25, 178, 79, 56, 116 } Anonymous *** ServerHelloDone [write] MD5 and SHA1 hashes: len = 383 0000: 02 00 00 4D 03 01 50 83 1E 0C 64 03 38 99 07 02 ...M..P...d.8... 0010: FB 40 29 20 42 F0 E3 B5 37 BE 02 ED 92 00 49 77 .@) B...7.....Iw 0020: 46 00 A0 09 1C CF 20 50 83 1E 0C F1 49 34 26 2E F..... P....I4&. 0030: 29 ED E2 C7 F6 9C 2D 03 F7 B6 2B DF 08 31 A9 BC ).....-...+..1.. 0040: 3F A0 29 66 C7 32 BE 00 34 00 00 05 FF 01 00 01 ?.)f.2..4....... 0050: 00 0C 00 01 26 00 60 E9 E6 42 59 9D 35 5F 37 C9 ....&.`..BY.5_7. 0060: 7F FD 35 67 12 0B 8E 25 C9 CD 43 E9 27 B3 A9 67 ..5g...%..C.'..g 0070: 0F BE C5 D8 90 14 19 22 D2 C3 B3 AD 24 80 09 37 ......."....$..7 0080: 99 86 9D 1E 84 6A AB 49 FA B0 AD 26 D2 CE 6A 22 .....j.I...&..j" 0090: 21 9D 47 0B CE 7D 77 7D 4A 21 FB E9 C2 70 B5 7F !.G...w.J!...p.. 00A0: 60 70 02 F3 CE F8 39 36 94 CF 45 EE 36 88 C1 1A `p....96..E.6... 00B0: 8C 56 AB 12 7A 3D AF 00 60 30 47 0A D5 A0 05 FB .V..z=..`0G..... 00C0: 14 CE 2D 9D CD 87 E3 8B C7 D1 B1 C5 FA CB AE CB ..-............. 00D0: E9 5F 19 0A A7 A3 1D 23 C4 DB BC BE 06 17 45 44 ._.....#......ED 00E0: 40 1A 5B 2C 02 09 65 D8 C2 BD 21 71 D3 66 84 45 @.[,..e...!q.f.E 00F0: 77 1F 74 BA 08 4D 20 29 D8 3C 1C 15 85 47 F3 A9 w.t..M ).<...G.. 0100: F1 A2 71 5B E2 3D 51 AE 4D 3E 5A 1F 6A 70 64 F3 ..q[.=Q.M>Z.jpd. 0110: 16 93 3A 34 6D 3F 52 92 52 00 60 08 3C 3B 0D E0 ..:4m?R.R.`.<;.. 0120: 6E 20 A8 74 8B F6 92 0F 0C D8 6B 52 B6 8C 50 C1 n .t......kR..P. 0130: ED 9F BD 57 22 12 C5 B5 FC 1A 1B 5E A0 BC A2 1E ...W"......^.... 0140: 1D A5 A5 44 98 0B CC FB BB 0E E9 EF 67 86 A8 B5 ...D........g... 0150: AD CE 97 C5 80 41 EF E9 BF 1D C4 5D 50 D9 37 51 .....A.....]P.7Q 0160: F0 65 1F 77 62 BC D3 34 92 A8 7F 7F 42 3F 6F C6 .e.wb..4....B?o. 0170: 86 46 D5 1F A2 92 19 B2 4F 38 74 0E 00 00 00 .F......O8t.... URT-, WRITE: TLSv1 Handshake, length = 383 [Raw write]: length = 388 0000: 16 03 01 01 7F 02 00 00 4D 03 01 50 83 1E 0C 64 ........M..P...d 0010: 03 38 99 07 02 FB 40 29 20 42 F0 E3 B5 37 BE 02 .8....@) B...7.. 0020: ED 92 00 49 77 46 00 A0 09 1C CF 20 50 83 1E 0C ...IwF..... P... 0030: F1 49 34 26 2E 29 ED E2 C7 F6 9C 2D 03 F7 B6 2B .I4&.).....-...+ 0040: DF 08 31 A9 BC 3F A0 29 66 C7 32 BE 00 34 00 00 ..1..?.)f.2..4.. 0050: 05 FF 01 00 01 00 0C 00 01 26 00 60 E9 E6 42 59 .........&.`..BY 0060: 9D 35 5F 37 C9 7F FD 35 67 12 0B 8E 25 C9 CD 43 .5_7...5g...%..C 0070: E9 27 B3 A9 67 0F BE C5 D8 90 14 19 22 D2 C3 B3 .'..g......."... 0080: AD 24 80 09 37 99 86 9D 1E 84 6A AB 49 FA B0 AD .$..7.....j.I... 0090: 26 D2 CE 6A 22 21 9D 47 0B CE 7D 77 7D 4A 21 FB &..j"!.G...w.J!. 00A0: E9 C2 70 B5 7F 60 70 02 F3 CE F8 39 36 94 CF 45 ..p..`p....96..E 00B0: EE 36 88 C1 1A 8C 56 AB 12 7A 3D AF 00 60 30 47 .6....V..z=..`0G 00C0: 0A D5 A0 05 FB 14 CE 2D 9D CD 87 E3 8B C7 D1 B1 .......-........ 00D0: C5 FA CB AE CB E9 5F 19 0A A7 A3 1D 23 C4 DB BC ......_.....#... 00E0: BE 06 17 45 44 40 1A 5B 2C 02 09 65 D8 C2 BD 21 ...ED@.[,..e...! 00F0: 71 D3 66 84 45 77 1F 74 BA 08 4D 20 29 D8 3C 1C q.f.Ew.t..M ).<. 0100: 15 85 47 F3 A9 F1 A2 71 5B E2 3D 51 AE 4D 3E 5A ..G....q[.=Q.M>Z 0110: 1F 6A 70 64 F3 16 93 3A 34 6D 3F 52 92 52 00 60 .jpd...:4m?R.R.` 0120: 08 3C 3B 0D E0 6E 20 A8 74 8B F6 92 0F 0C D8 6B .<;..n .t......k 0130: 52 B6 8C 50 C1 ED 9F BD 57 22 12 C5 B5 FC 1A 1B R..P....W"...... 0140: 5E A0 BC A2 1E 1D A5 A5 44 98 0B CC FB BB 0E E9 ^.......D....... 0150: EF 67 86 A8 B5 AD CE 97 C5 80 41 EF E9 BF 1D C4 .g........A..... 0160: 5D 50 D9 37 51 F0 65 1F 77 62 BC D3 34 92 A8 7F ]P.7Q.e.wb..4... 0170: 7F 42 3F 6F C6 86 46 D5 1F A2 92 19 B2 4F 38 74 .B?o..F......O8t 0180: 0E 00 00 00 .... [Raw read]: length = 5 0000: 15 03 01 00 02 ..... [Raw read]: length = 2 0000: 02 00 .. URT-, READ: TLSv1 Alert, length = 2 URT-, RECV TLSv1 ALERT: fatal, close_notify URT-, called closeSocket() URT-, handling exception: javax.net.ssl.SSLException: Received fatal alert: close_notify FYI, this works in iOS 6.0

    Read the article

  • GNU Make - Dependencies on non program code

    - by Tim Post
    A requirement for a program I am writing is that it must be able to trust a configuration file. To accomplish this, I am using several kinds of hashing algorithms to generate a hash of the file at compile time, this produces a header with the hashes as constants. Dependencies for this are pretty straight forward, my program depends on config_hash.h, which has a target that produces it. The makefile looks something like this : config_hash.h: $(SH) genhash config/config_file.cfg > $(srcdir)/config_hash.h $(PROGRAM): config_hash.h $(PROGRAM_DEPS) $(CC) ... ... ... I'm using the -M option to gcc, which is great for dealing with dependencies. If my header changes, my program is rebuilt. My problem is, I need to be able to tell if the config file has changed, so that config_hash.h is re-generated. I'm not quite sure how explain that kind of dependency to GNU make. I've tried listing config/config_file.cfg as a dependency for config_hash.h, and providing a .PHONY target for config_file.cfg without success. Obviously, I can't rely on the -M switch to gcc to help me here, since the config file is not a part of any object code. Any suggestions? Unfortunately, I can't post much of the Makefile, or I would have just posted the whole thing.

    Read the article

  • Why are symbols not frozen strings?

    - by Alex Chaffee
    I understand the theoretical difference between Strings and Symbols. I understand that Symbols are meant to represent a concept or a name or an identifier or a label or a key, and Strings are a bag of characters. I understand that Strings are mutable and transient, where Symbols are immutable and permanent. I even like how Symbols look different from Strings in my text editor. What bothers me is that practically speaking, Symbols are so similar to Strings that the fact that they're not implemented as Strings causes a lot of headaches. They don't even support duck-typing or implicit coercion, unlike the other famous "the same but different" couple, Float and Fixnum. The mere existence of HashWithIndifferentAccess, and its rampant use in Rails and other frameworks, demonstrates that there's a problem here, an itch that needs to be scratched. Can anyone tell me a practical reason why Symbols should not be frozen Strings? Other than "because that's how it's always been done" (historical) or "because symbols are not strings" (begging the question). Consider the following astonishing behavior: :apple == "apple" #=> false, should be true :apple.hash == "apple".hash #=> false, should be true {apples: 10}["apples"] #=> nil, should be 10 {"apples" => 10}[:apples] #=> nil, should be 10 :apple.object_id == "apple".object_id #=> false, but that's actually fine All it would take to make the next generation of Rubyists less confused is this: class Symbol < String def initialize *args super self.freeze end (and a lot of other library-level hacking, but still, not too complicated) See also: http://onestepback.org/index.cgi/Tech/Ruby/SymbolsAreNotImmutableStrings.red http://www.randomhacks.net/articles/2007/01/20/13-ways-of-looking-at-a-ruby-symbol Why does my code break when using a hash symbol, instead of a hash string? Why use symbols as hash keys in Ruby? What are symbols and how do we use them? Ruby Symbols vs Strings in Hashes Can't get the hang of symbols in Ruby

    Read the article

  • Algorithm for assigning a unique series of bits for each user?

    - by Mark
    The problem seems simple at first: just assign an id and represent that in binary. The issue arises because the user is capable of changing as many 0 bits to a 1 bit. To clarify, the hash could go from 0011 to 0111 or 1111 but never 1010. Each bit has an equal chance of being changed and is independent of other changes. What would you have to store in order to go from hash - user assuming a low percentage of bit tampering by the user? I also assume failure in some cases so the correct solution should have an acceptable error rate. I would an estimate the maximum number of bits tampered with would be about 30% of the total set. I guess the acceptable error rate would depend on the number of hashes needed and the number of bits being set per hash. I'm worried with enough manipulation the id can not be reconstructed from the hash. The question I am asking I guess is what safe guards or unique positioning systems can I use to ensure this happens.

    Read the article

  • How to map (large) integer on (small in size( alphanumeric string with PHP? (Cantor?)

    - by Glooh
    Dear all, I can't figure out how to optimally do the following in PHP: In a database, I have messages with a unique ID, like 19041985. Now, I want to refer to these messages in a short-url service but not using generated hashes but by simply 'calculate' the original ID. In other words, for example: http://short.url/sYsn7 should let me calculate the message ID the visitor would like to request. To make it more obvious, I wrote the following in PHP to generate these 'alphanumeric ID versions' and of course, the other way around will let me calculate the original message ID. The question is: Is this the optimal way of doing this? I hardly think so, but can't think of anything else. $alphanumString = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ-_'; for($i=0;$i < strlen($alphanumString);$i++) { $alphanumArray[$i] = substr($alphanumString,$i,1); } $id = 19041985; $out = ''; for($i=0;$i < strlen($id);$i++) { if(isset($alphanumString["".substr($id,$i,2).""]) && strlen($alphanumString["".substr($id,$i,2).""]) 0) { $out.=$alphanumString["".substr($id,$i,2).""]; } else { $out.=$alphanumString["".substr($id,$i,1).""]; $out.=$alphanumString["".substr($id,($i+1),1).""]; } $i++; } print $out;

    Read the article

  • Digitally sign MS Office (Word, Excel, etc..) and PDF files on the server

    - by Sébastien Nussbaumer
    I need to digitally sign MS Office and PDF files that are stored on a server. I really mean a digital signature that is integrated in the document, according to each specific file formats. This is the process I had in mind : Create a hash of the file's content Send the hash to a custom written java applet in the browser The user encrypts the hash with his/her private key (on an usb token via PKCS#11 for example), thus effectively signing the file. The applet then sends the signature to the server On the server I would then incorporate the signature in the file's (MS Office and PDF files can do that without changing the file's content, probably by just setting some metadata field) What is cool is that you never have to download and upload the complete file to the server again. What is even cooler, the customer doesn't need Office or PDF Writer to sign the files. Parts 2, 3 and 4 are OK for me, my company bought all the JAVA technology I need for that for a previous project I worked on. Problem : I can't seem to find any documentation/examples to do parts 1 and 5 for Office files . Are my google skills failing me this time ? Do you have any pointers to documentation or examples for doing that for MS Office files ? The underlying technology isn't that important to me : I can use Java, .Net, COM, any working technology is OK ! Note : I'm 95% sure I can nail points 1 and 5 for PDF files using iText Thanks ** Edit : If I can't do that with hashes and must download the complete file to the client, it's also possible. But then I still need the documentation to be able to sign Office file... in java this time (from an applet)

    Read the article

  • Double hashing passwords - client & server

    - by J. Stoever
    Hey, first, let me say, I'm not asking about things like md5(md5(..., there are already topics about it. My question is this: We allow our clients to store their passwords locally. Naturally, we don't want them stored in plan text, so we hmac them locally, before storing and/or sending. Now, this is fine, but if this is all we did, then the server would have the stored hmac, and since the client only needs to send the hmac, not the plain text password, an attacker could use the stored hashes from the server to access anyone's account (in the catastrophic scenario where someone would get such an access to the database, of course). So, our idea was to encode the password on the client once via hmac, send it to the server, and there encode it a second time via hmac and match it against the stored, two times hmac'ed password. This would ensure that: The client can store the password locally without having to store it as plain text The client can send the password without having to worry (too much) about other network parties The server can store the password without having to worry about someone stealing it from the server and using it to log in. Naturally, all the other things (strong passwords, double salt, etc) apply as well, but aren't really relevant to the question. The actual question is: does this sound like a solid security design ? Did we overlook any flaws with doing things this way ? Is there maybe a security pattern for something like this ?

    Read the article

  • Structuring the UI code of a single-page EXTjs Web app using Rails?

    - by Daniel Beardsley
    I’m in the process of creating a large single-page web-app using ext-js for the UI components with Rails on the backend. I’ve come to good solutions for transferring data using Whorm gem and Rails support of RESTful Resources. What I haven’t come to a conclusion on is how to structure the UI and business logic aspects of the application. I’ve had a look at a few options, including Netzke but haven’t seen anything that I really think fits my needs. How should a web-application that uses ext-js components, layouts, and controls in the browser and Rails on the server best implement UI component re-use, good organization, and maintainability while maintaining a flexible layout design. Specifically I’m looking for best-practice suggestions for structuring the code that creates and configures UI components (many UI config options will be based on user data) Should EXT classes be extended in static JS for often re-used customizations and then instantiated with various configuration options by generated JS within html partials? Should partials create javascript blocks that instantiate EXT components? Should partials call helpers that return ruby hashes for EXT component config which is then dumped to Json? Something else entirely? There are many options and I'd love to hear from people who've been down this road and found some methodology that worked for them.

    Read the article

  • Do I need to Salt and Hash a randomly generated token?

    - by wag2639
    I'm using Adam Griffiths's Authentication Library for CodeIgniter and I'm tweaking the usermodel. I came across a generate function that he uses to generate tokens. His preferred approach is to reference a value from random.org but I considered that superfluous. I'm using his fall back approach of randomly generating a 20 character long string: $length = 20; $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'; $token = ''; for ($i = 0; $i < $length; $i++) { $token .= $characters[mt_rand(0, strlen($characters)-1)]; } He then hashes this token using a salt (I'm combing code from different functions) sha1($this->CI->config->item('encryption_key').$str); I was wondering if theres any reason to to run the token through the salted hash? I've read that simply randomly generating strings was a naive way of making random passwords but is the sh1 hash and salt necessary? Note: I got my encryption_key from https://www.grc.com/passwords.htm (63 random alpha-numeric)

    Read the article

  • Geohashing - recursively find neighbors of neighbors

    - by itsme
    I am now looking for an elegant algorithm to recursively find neighbors of neighbors with the geohashing algorithm (http://www.geohash.org). Basically take a central geohash, and then get the first 'ring' of same-size hashes around it (8 elements), then, in the next step, get the next ring around the first etc. etc. Have you heard of an elegant way to do so? Brute force could be to take each neighbor and get their neighbors simply ignoring the massive overlap. Neighbors around one central geohash has been solved many times (here e.g. in Ruby: http://github.com/masuidrive/pr_geohash/blob/master/lib/pr_geohash.rb) Edit for clarification: Current solution, with passing in a center key and a direction, like this (with corresponding lookup-tables): def adjacent(geohash, dir) base, lastChr = geohash[0..-2], geohash[-1,1] type = (geohash.length % 2)==1 ? :odd : :even if BORDERS[dir][type].include?(lastChr) base = adjacent(base, dir) end base + BASE32[NEIGHBORS[dir][type].index(lastChr),1] end (extract from Yuichiro MASUI's lib) I say this approach will get ugly soon, because directions gets ugly once we are in ring two or three. The algorithm would ideally simply take two parameters, the center area and the distance from 0 being the center geohash only (["u0m"] and 1 being the first ring made of 8 geohashes of the same size around it (= [["u0t", "u0w"], ["u0q", "u0n"], ["u0j", "u0h"], ["u0k", "u0s"]]). two being the second ring with 16 areas around the first ring etc. Do you see any way to deduce the 'rings' from the bits in an elegant way?

    Read the article

  • How to mock/stub a directory of files and their contents using RSpec?

    - by John Topley
    A while ago I asked "How to test obtaining a list of files within a directory using RSpec?" and although I got a couple of useful answers, I'm still stuck, hence a new question with some more detail about what I'm trying to do. I'm writing my first RubyGem. It has a module that contains a class method that returns an array containing a list of non-hidden files within a specified directory. Like this: files = Foo.bar :directory => './public' The array also contains an element that represents metadata about the files. This is actually a hash of hashes generated from the contents of the files, the idea being that changing even a single file changes the hash. I've written my pending RSpec examples, but I really have no idea how to implement them: it "should compute a hash of the files within the specified directory" it "shouldn't include hidden files or directories within the specified directory" it "should compute a different hash if the content of a file changes" I really don't want to have the tests dependent on real files acting as fixtures. How can I mock or stub the files and their contents? The gem implementation will use Find.find, but as one of the answers to my other question said, I don't need to test the library. I really have no idea how to write these specs, so any help much appreciated!

    Read the article

  • Why doesn't String's hashCode() cache 0?

    - by polygenelubricants
    I noticed in the Java 6 source code for String that hashCode only caches values other than 0. The difference in performance is exhibited by the following snippet: public class Main{ static void test(String s) { long start = System.currentTimeMillis(); for (int i = 0; i < 10000000; i++) { s.hashCode(); } System.out.format("Took %d ms.%n", System.currentTimeMillis() - start); } public static void main(String[] args) { String z = "Allocator redistricts; strict allocator redistricts strictly."; test(z); test(z.toUpperCase()); } } Running this in ideone.com gives the following output: Took 1470 ms. Took 58 ms. So my questions are: Why doesn't String's hashCode() cache 0? What is the probability that a Java string hashes to 0? What's the best way to avoid the performance penalty of recomputing the hash value every time for strings that hash to 0? Is this the best-practice way of caching values? (i.e. cache all except one?) For your amusement, each line here is a string that hash to 0: pollinating sandboxes amusement & hemophilias schoolworks = perversive electrolysissweeteners.net constitutionalunstableness.net grinnerslaphappier.org BLEACHINGFEMININELY.NET WWW.BUMRACEGOERS.ORG WWW.RACCOONPRUDENTIALS.NET Microcomputers: the unredeemed lollipop... Incentively, my dear, I don't tessellate a derangement. A person who never yodelled an apology, never preened vocalizing transsexuals.

    Read the article

  • Not crawling the same content twice

    - by sirrocco
    I'm building a small application that will crawl sites where the content is growing (like on stackoverflow) the difference is that the content once created is rarely modified. Now , in the first pass I crawl all the pages in the site. But next, the paged content of that site - I don't want to re-crawl all of it , just the latest additions. So if the site has 500 pages, on the second pass if the site has 501 pages then I would only crawl the first and second pages. Would this be a good way to handle the situation ? In the end, the crawled content will end up in lucene - creating a custom search engine. So, I would like to avoid crawling multiple times the same content. Any better ideas ? EDIT : Let's say the site has a page : Results that will be accessed like so : Results?page=1 , Results?page=2 ...etc I guess that keeping a track of how many pages there were at the last crawl and just crawl the difference would be enough. ( maybe using a hash of each result on the page - if I start running into the same hashes - I should stop)

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 7 8 9 10 11 12 13  | Next Page >