Syntax highlighting for code blocks.

My blog used to have ugly display of source code, and I've always been a bit jealous of sites with pretty syntax highlighting for their source code. Well jealous no longer, I've now started using SyntaxHighlighter in my blog. You can find howto directions here. Here' a small sample: C Sharp: ![CDATA[Console.Writeline("Hello World!")]]>Python: ![CDATA[print "Hello World"]]>If there is demand I'll go through some of the old posts and re-highlight th...

Read More

Using wireshark to trace localhost traffic on windows.

(If you don’t care why this works and just need a recipe, switch to this post) Capturing network packets on localhost doesn't work on windows. The reason is windows doesn't send loopback traffic far enough down the networking stack for wireshark to see it. To make sniffing work on localhost you can route your ip traffic to your default gateway. I'll walk you through this, and along the way you'll see: netcat - telnet on steroids (nc.exe) tshark - command line network sniffer from the wireshark package. powershell jobs - background jobs from the shell! Step 1 - launch the server...

Read More

That's fast

Geeks born before the 80's had wet dreams about getting a T1 line. A T1 was 1.5 Mbps ~ 0.19 MB/s. Here's a picture of a large download on my home wireless network which connects to the world via cable:Gotta love technology. How long before 1 MB/s is sl...

Read More

Why twitter can be awesome

If you were born before the 80's (heck maybe before the 90's) you have some idea what twitter is but can't understand what it is for.   Well, I've been thinking about twitter and I have a few ideas. A tweet (a message on twitter) is a short (140 char max) thought you broadcast to the world.  Now the 'magic' of twitter is this: people can decide to listen to your message, only if they want to.  If you think a tweet is stupid, it is because it isn't written for you, instead of complaining about the tweet, you ignore it '.' This should sounds familiar, it is how broadcast works...

Read More

Pretty Printing XML on Windows.

It happens to the best of us, we get some ugly XML string with no formatting, and we need to view it, ideally in a formatted fashion. XMLLint is the answer. Ugly XML is the input, nicely formatted XML is the output. Finding a version of XMLLint for windows was a challenge till I found this project: http://code.google.com/p/xmllint. Unfortunately this xmllint requires an xml filename as input, and I wanted a version that takes xml on stdin, and produces pretty xml on stdout(*). Luckily this project...

Read More

Using Vim and Ctags to edit Powershell

To use vim with a new language you need a few things firstly: indent, syntax and file type plugins. These can be found here .Next, you need ctags support (this is how vim implements 'goto function'). Ctags doesn't natively support powershell yet, but luckily ctags supports adding languages dynamically. From the command line you can add powershell support to ctags via:c:\> ctags.exe --langdef=powershell --langmap=powershell:.ps1 --regex-powershell="/^function[\t ]*([a-zA-Z0-9_]+)/\1/d,definition/" --regex-powershell="/^filter[\t ]*([a-zA-Z0-9_]+)/\1/d,definition/" * Alternatively you can pass...

Read More

The Performance of Everyday Things

I've spent much time fixing code optimizations that added no business value (with often matching performance value). Please do not try to make your code faster unless you need to. The way I handle performance issues on my projects: Define acceptable performance. Write my code as simply as possible. Measure performance: against definition, if performance > acceptable - goto DONE. /*Performance not acceptable*/ Profile; Fix as simply as possible; goto Measure. DONE To be explicit: I'm comfortable using slower patterns if they are clear and simple. As soon as I've...

Read More

Do your certificate management in Powershell

I do a lot of security work, and that means lots of time poking at certificates. Tooling for certificates was never something I was happy with until I stumbled upon powershell. Let me give you a demo: PS C:\> cd cert:PS cert:\> cd .\LocalMachine\MyPS cert:\LocalMachine\My> dir Directory: Microsoft.PowerShell.Security\Certificate::LocalMachine\MyThumbprint Subject---------- -------4EE3FDE4FFF422935CAA0CA2783EF2CA601D6DE5 CN=NonSecretGlobalEncryptKey272BDAC53C26CC5A8067FE6076D2F74797F69AF7 CN=igordm1, OU=Workstations, OU=Machines,...

Read More

Need another monitor? Try a USB Video Card.

I use 3 monitors at work and it is awesome. My laptop only drives two monitors so for the 3rd monitor I picked up a USB video card,  the  EVGA 100-US-UV16A1 . This thing works (*). The device installs drivers automatically and works like a charm on Windows 7. It only supports upto 1600x1200.  Also, I don't play games so I can't tell you how well that works, but for reading email and viewing OneNote  I can't tell this is a USB video card.(*) If you're not impressed...

Read More

Using TShark

Today I realized this blog lost its google analytics (GA) tracking. Ooops, I accidentally erased the javascript that talks to Google Analytics in my blog template. I fixed the template on my blog, and wanted to verify my browser was sending data to GA. It takes the GA UI a while to show you data is coming in, so I decided to use tshark to see if my tracker code is working.Tshark is the command line version of Wireshark, an Ethernet level packet sniffer. Lets see what HTTP GETs occur when I connect to one of my posts:C:\Program Files\Wireshark>tshark.exe | findstr GETCapturing on Microsoft1)...

Read More

Query the windows event logs via the command line

Today someone told me "You can find if bibblebob happened by looking in the event viewer". I automate things so I went hunting for a CLI tool to accomplish this task. wevtutil is its name-o. The query language for wevtutil is confusing. I recommend using the eventvwr.exe GUI to build a custom query, and then pass that query to wevtutil. Here's an example of finding all the times DHCP started:C:\Windows\System32>wevtutil qe System /rd:true /f:text /q:"*[System[(EventID=50036)]]" |moreEvent[0]: Log Name: System Source: Microsoft-Windows-Dhcp-Client Date: 2009-09-22T17:42:54.667 Event ID:...

Read More

Use cdb to see what files your application is opening.

In this post I'll show you how to use CDB to intercept CreateFile and see what files your application is opening. For this problem, Process Monitor is often a better tool, but the techniques I demonstrate work for any API you should learn them. This won't take much time, so if you've never done this before I recommend you follow along.First Load CDB against cmd: C:\Program Files\Debugging Tools for Windows (x64)>cdb.exe cmd.exe Microsoft (R) Windows Debugger Version 6.12.0000.526 AMD64 Copyright (c) Microsoft Corporation. All rights reserved. CommandLine: cmd.exe Symbol search...

Read More

Copying files across parallel directory structures.

It happens to all of us, you've made a change in branch2, now you need to copy it to branch1. Here's a trick I use to accomplish this task:C:\src\branch1\mydir\mydir2\mydir3\mydir4>xcopy %cd:branch1=branch2%\foo*Overwrite C:\src\branch1\mydir\mydir2\mydir3\mydir4\foo.txt (Yes/No/All)? yC:\src\branch2\mydir\mydir2\mydir3\mydir4\foo.txt1 File(s) copiedHow'd that work? Use echo to find out what happened:C:\src\branch1\mydir\mydir2\mydir3\mydir4>echo %cd:branch1=branch2%C:\src\branch2\mydir\mydir2\mydir3\mydir4For more information run help s...

Read More

Finding CLR exceptions without visual studio

(If you want to understand what exception code 0xe0434352 is, read this post) Often exceptions are thrown and caught and you don't see them. You probably know how to debug this in Visual Studio, so let me show you how to do it in cdb.Sample Code:class Program{ static void Main(string[] args) { foreach (var x in Enumerable.Range(0,2000)) { Thread.Sleep(TimeSpan.FromSeconds(1)); Console.WriteLine("Hello World"); ThrowAndCatchException(); } } private static void ThrowAndCatchException() { try { throw new NotImplementedException(); } catch(Exception)...

Read More

Why write programs that don't modify variables?

Slews of bugs happen because variable have values you aren't expecting. To minimize this class of bugs I use a technique a lot of people find surprising. I try to only assign and never modify variables. In C++, I make almost all my variables const. C++ people are now saying -- Um if all your values are const how do you write a for loop? In C++ I can't help myself, I'm stuck with a variable modification eg: for (size_t x=0;x<6;x++) printf("%d",x) In python the for loop naturally iterates over a sequence so you don't need to modify a value: for x in range(6): print x In C#, you can use...

Read More

How to attach to an already running debugger target using cdb.

For the last year when I wanted to attach to a process using cdb, I'd attach by PID. This meant i'd need to the following dance: C:\Program Files\Debugging Tools for Windows (x64)>tlist |findstr firefox 9128 cmd.exe findstr firefox 276 firefox.exe Restore Session - Vimperator C:\Program Files\Debugging Tools for Windows (x64)>cdb -p 276It turns out you can just do: C:\Program Files\Debugging Tools for Windows (x64)>cdb -pn firefox.exe Microsoft (R) Windows Debugger Version 6.11.0001.404 AMD64 Copyright (c) Microsoft Corporation. All rights reserved.If...

Read More