Wednesday, June 26, 2019

Useful Web Development Hacks and Useful Tips

Javascript, HTML and PHP Tips and Shortcuts

Change the URL in the browser address bar.  A useful hack to so that when you have an <A HREF="#" > and an OnClick handler, your browser addressbar will get cleaned up.

Changing only what's after hash - old browsers
document.location.hash = 'lookAtMeNow';
Changing full URL. Chrome, Firefox, IE10+
history.pushState('data to be passed', 'Title of the page', '/test');
The above will add a new entry to the history so you can press Back button to go to the previous state. To change the URL in place without adding a new entry to history use
history.replaceState('data to be passed', 'Title of the page', '/test');

Sunday, June 23, 2019

How to Make A Keymaker in C-Sharp

You can reverse engineer .Net programs to find out how other software developers protect their applications.  It is a good exercise that will teach you how to make a better software protection scheme.  The first thing to do is get a good set of reverse engineering programs. I recommend dotPeek32. DotPeek32 can open up a .Net program and show you the source code.  Dot.net programs are merely interpreted and not true machine code. They are Microsoft's famous JustInTime compiled with CLR run time code. Using DotPeek or RedGate .Net Reflector, you can easily reverse engineer any application.  My simple keymaker serves as an example of how you can make keymakers using one that I found inside an obscure industrial service application.  You could use the same things in your own application, although I would recommend extending it to 32 characters.

The Simple keymaker UI
the code shown below is the called Sample_Keygen.Form1. It is the event handler for the "Get Key" button.  It works by taking a four digit customer number and 2 digit major version number as inputs, then applying an offset to the customer number strings and version number strings and spreading them over nine (9) characters of an char array.  The second and fourth characters are just random characters that are not used.   In actual operation, the output is stored in TextBox3 and is then given to the customer to use in his own application.  This same function is used in the protected application, and the second and fourth characters are not compared against the inputted key value.  It is a simple and effective way to protect an application against software piracy.


using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using Microsoft.VisualBasic;
using Microsoft.VisualBasic.CompilerServices;

// using this dll
// C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.0
//
namespace Sample_Keygen
{
    public partial class Form1 : Form
    {
        public Form1()
        {
            InitializeComponent();
        }

        private void button1_Click(object sender, EventArgs e)
        {
            int num1;
            object obj1;
            int num2;
            int CustNum = 0;
            int VersionAPP = 1;
            string Num, Ver;
            char[] chArray = new char[9];
            Num = textBox1.Text.ToString();
            Ver = textBox2.Text.ToString();
            if (!Int32.TryParse(Num, out NumNaja))
            {
                NumNaja = 0;
            }
            if (!Int32.TryParse(Ver, out VersionAPP))
            {
                VersionAPP = 1;
            }

            VBMath.Randomize();
            string str1 = Microsoft.VisualBasic.Strings.Format((object)(double)CustNum, "0000");
            string str2 = Microsoft.VisualBasic.Strings.Format((object)(double)VersionAPP, "00");
            chArray[0] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked(Conversions.ToDouble(Microsoft.VisualBasic.Strings.Mid(str1, 1, 1)) * 2.0 + 65.0))));
            chArray[1] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked((double)VBMath.Rnd() * 26.0 + 65.0))));
            chArray[2] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked(Conversions.ToDouble(Microsoft.VisualBasic.Strings.Mid(str1, 3, 1)) * 2.0 + 65.0))));
            chArray[3] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked((double)VBMath.Rnd() * 26.0 + 65.0))));
            chArray[4] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked(Conversions.ToDouble(Microsoft.VisualBasic.Strings.Mid(str1, 2, 1)) * 2.0 + 65.0))));
            chArray[5] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked(Conversions.ToDouble(Microsoft.VisualBasic.Strings.Mid(str1, 4, 1)) * 2.0 + 65.0))));
            chArray[6] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked(Conversions.ToDouble(Microsoft.VisualBasic.Strings.Mid(str2, 1, 1)) * 2.0 + 65.0))));
            chArray[7] = Microsoft.VisualBasic.Strings.Chr(checked((int)Math.Round(unchecked(Conversions.ToDouble(Microsoft.VisualBasic.Strings.Mid(str2, 2, 1)) * 4.0 + 65.0))));
            chArray[8] = Microsoft.VisualBasic.Strings.Chr(checked(unchecked(checked(Microsoft.VisualBasic.Strings.Asc(chArray[0]) - 65 + Microsoft.VisualBasic.Strings.Asc(chArray[1]) - 65 + Microsoft.VisualBasic.Strings.Asc(chArray[2]) - 65 + Microsoft.VisualBasic.Strings.Asc(chArray[3]) - 65 + Microsoft.VisualBasic.Strings.Asc(chArray[4]) - 65 + Microsoft.VisualBasic.Strings.Asc(chArray[5]) - 65) % 26) + 65));
            obj1 = (object)(Conversions.ToString(chArray[0]) + Conversions.ToString(chArray[1]) + Conversions.ToString(chArray[2]) + Conversions.ToString(chArray[3]) + Conversions.ToString(chArray[4]) + Conversions.ToString(chArray[5]) + Conversions.ToString(chArray[6]) + Conversions.ToString(chArray[7]) + Conversions.ToString(chArray[8]));

            textBox3.Text = obj1.ToString();
        }
    }
}

Wednesday, June 19, 2019

Shoretel Read-Only VB.Net Database Connect Strings for custom CDR Applications

Shoretel read-only Database Passwords

Shoretel Logo
Have you ever wanted to write your own custom Shoretel/Mitel CDR database reporting application?  If you need root access to the database for read-write operations see this blog entry.   In visual basic dot net, the connect string would look like this:

Dim conn1Str As String = "server=shoretel64;user=st_cdrreport;database=shorewarecdr;port=4309;password=passwordcdrreport;"
Dim conn2Str As String = "server=shoretel64;user=st_configread;database=shoreware;port=4308;password=passwordconfigread;"

Pretty Formatted:

Dim conn1Str As String = "server=shoretel64;user=st_cdrreport;database=shorewarecdr;port=4309;password=passwordcdrreport;"
Dim conn2Str As String = "server=shoretel64;user=st_configread;database=shoreware;port=4308;password=passwordconfigread;"

Assuming your server is just called shoretel64

Tuesday, June 18, 2019

Sudden Magento Failure - The session id is too long or contains illegal characters + Can't retrieve entity config

Magento Failure

You'll be cooking soon.
Suddenly, your magento starts showing error reports instead of shopping carts. Your product pages just show an error exception. And you cannot logon. One of the basic skills that a good Magento cart builder needs to know is how to recover their server from near death.  We are quite skilled at all things Magento. Here's how to fix it by deleting the cache and session pool, once you do this, you will be cooking with gas again.

So, you look in var/report and find the report file, and the first things it says is:

a:5:{i:0;s:46:"Can't retrieve entity config: sales/quote_item";i:1;s:4545:"#0 /home/needfulthings/public_html/app/code/core/Mage/Core/Model/Resource.php(282): Mage::throwException('Can't retrieve ...')
#1 /home/needfulthings/public_html/app/code/core/Mage/Core/Model/Resource/Db/Abstract.php(276): Mage_Core_Model_Resource->getTableName('sales/quote_ite...')

Plus in ./var/log/system.log, you see this:

...
2019-06-17T02:49:35+00:00 ERR (3): Warning: session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'  in /home/needfulthings/public_html/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php on line 134
2019-06-17T02:49:35+00:00 ERR (3): Warning: session_start(): The session id is too long or contains illegal characters, valid characters are a-z, A-Z, 0-9 and '-,'  in /home/needfulthings/public_html/app/code/core/Mage/Core/Model/Session/Abstract/Varien.php on line 134

It happens because there is junk in the magento cache.
clean out your cache and delete your sessions from:

Delete the contents of the following directories, assuming your magento is installed in ~/

~/public_html/var/cache
~/public_html/var/session



Tuesday, June 4, 2019

Using The Shoretel 90V Serial Console to Factory Reset

How to Connect to the Shoretel 90V Serial Console Like a Boss

You just bought a pre-owned Shoretel 90V from a grey market source, and now you find that you cannot logon anymore as anonymous.  Shoretel is full of hidden and secret passwords, including a secret CDR database with its own passwords. The Shoretel switch is no exception.  You may need to factory reset it, or you just need to set the root password.  Well, here are some ways to get in.  First step is to get a RS232 serial port added to your computer. You can use a USB to Serial adapter or you can just use the built in port. On most computers, it looks like a DB9 connector. Here are some pictures that will help you get in.  I buy and sell these grey market Shoretel switches all the time and this is often the first thing you need to do to clear them out and get them ready for the next user.  There is no user called anonymous, that was a feature from the previous generation of switches. The user is called "root" and his password is "ShoreTel"  The previous generation used Wind River VXWorks, The 90V runs Linux.  Curiously enough, there is removable compact flash drive inside the 90V that contains the ext4 file system. You can always remove it and mount it in ubuntu and them edit the /etc/shadow file

root@Default:/root# fdisk -l /dev/kcfa

Disk /dev/kcfa: 2096 MB, 2096898048 bytes

16 heads, 63 sectors/track, 4063 cylinders
Units = cylinders of 1008 * 512 = 516096 bytes
Disk identifier: 0xdbe3ac07

    Device Boot      Start         End      Blocks   Id  System

/dev/kcfa1               1        4063     2047720+  83  Linux


how to factory reset:  reboot, then use the option to stop auto boot, (press a key) and then type:
> bootc static flash vxworks
> saveenv
> reset

or just change the IP address and set to DHCP
All tests passed
Hit any key to stop autoboot:  0
=> printenv
serial#=90VF13152E94F4
ethaddr=00:10:49:2E:94:F4
bootdelay=3
user=anonymous
pass=tsk
autoload=FLASH
partition=nand0,1
flags=0x0000
gatewayip=10.90.2.1
ipaddr=10.90.2.30
netmask=255.255.255.0
serverip=10.70.2.32
cntrlsrv=10.70.2.32
bootfile=vImage
bootcmd=jboot;bootm

Environment size: 267/492 bytes
=> setenv flags 0x40
=> setenv host 10.0.11.45
=> setenv serverip 10.0.11.45
=> saveenv
Saving Environment to EEPROM...


Use a Cisco DB9 to RJ45 Cable with a Null Modem

Connect it to the bottom port /maint port using a gender changer

Set your RS232 port to 19200 Baud,8 bits, 1 stop bit, no parity

Use Putty with the serial port option

Power up your 90V, press a key when prompted to stop in env console

Logon as root, with password ShoreTel

As you can see, it just runs Wind River Linux
Thats all you need to do. I recommend pressing the reset button and holding it for 10 seconds to reset the root password back to ShoreTel.

Saturday, June 1, 2019

SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data

SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data

Suddenly it happens, your PHP page shows this message in red: "SyntaxError: JSON.parse: unexpected character at line 1 column 1 of the JSON data" and you don't know why.

Somewhere in your code, you were using curl and were playing with the headers. You must have inserted this command:

header('Content-Type: application/json'); 

To Fix this error: you need to insert this statement right after you are done with JSON.

header('Content-Type: text/html; charset=utf-8');



Install a SSL Certificate into Remote Desktop / Terminal Server using MMC

How to Install a SSL Certificate into Remote Desktop / Terminal Server

Step 1 convert it from PEM to PKFS/12,
Step 2 Open MMC, add the Certificates plugin, as Computer Account
Step 3 Import the new certificate into your Personal Store
Step 4 Copy the new certificate into the Remote Desktop Branch
Step 5 Use this magic command to finalize it

Get the thumbprint from the certificate. It will look like this:
‎3b a2 15 ac 85 a3 ee 56 9b 2e 55 73 de 22 55 29 cb d4 8a 05

Put the thumbprint without spaces in the following command below. Be sure to use PowerShell wmic /namespace:\\root\CIMV2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="PUT-the-THUMB-print-HERE"  copy this command to a administrative command prompt or powershell and hit enter. It should say successful and will now use the certificate you choose.

Screenshots from the import a SSL certificate process
Here's a great video that shows the process.