net – Page 18 – WindowsTechs.com

Microsoft Releases .NET Core 3.0

Posted on September 23, 2019 by Paul Thurrott

As promised, Microsoft today released .NET Core 3.0 with new versions of ASP.NET, EFC Core 3.0, C# 8.0, F# 4.7, and Visual Studio.
The post Microsoft Releases .NET Core 3.0 appeared first on Thurrott.com.
Continue reading Microsoft Releases .NET Core 3.0→

Microsoft Launches New .NET Core Video Series

Posted on September 23, 2019 by Paul Thurrott

Microsoft today released a new series of developer videos explaining the entire .NET Core stack.
The post Microsoft Launches New .NET Core Video Series appeared first on Thurrott.com.
Continue reading Microsoft Launches New .NET Core Video Series→

Disassembling a .NET manually

Posted on September 22, 2019 by user218182

I would like to statically sign a malware, specifically MSIL Crypter, with a YARA rule. I want to sign specific functions (Assembly.Load for example) but I couldn’t find an informative documentation about how to disassemble a… Continue reading Disassembling a .NET manually→

.NET Core 3.0 Hits Release Candidate Phase

Posted on September 17, 2019 by Paul Thurrott

Microsoft has announced the release of .NET Core 3.0 Release Candidate (RC1), a near-final version of its portable software platform.
The post .NET Core 3.0 Hits Release Candidate Phase appeared first on Thurrott.com.
Continue reading .NET Core 3.0 Hits Release Candidate Phase→

Should HTTP_COOKIE, __RequestVerificationToken, _RequestVerificationToken and .ASPXAUTH be kept secret?

Posted on September 9, 2019 by TEST tEsT

Inside our ASP.NET MVC-4 web application, we have added the Elmah error logging, and I wrote a code to prevent the Elmah from exposing the user password inside the error file. But inside the Elmah error file, I can see other … Continue reading Should HTTP_COOKIE, __RequestVerificationToken, _RequestVerificationToken and .ASPXAUTH be kept secret?→

Stealth Falcon Targets Middle East with Windows BITS Feature

Posted on September 9, 2019 by Tom Spring

Cyberespionage attackers have ditched their PowerShell backdoor in favor of the Windows BITS ‘notification’ feature. Continue reading Stealth Falcon Targets Middle East with Windows BITS Feature→

Using Selenium to automate data entry

Posted on August 29, 2019 by kabichan

We have a report that generates ~100 rows daily and our customers have to enter the data into third-party software. We hoped that the software allows some kind of data upload so that our customers don’t have to do the tedious… Continue reading Using Selenium to automate data entry→

Am I using RfcDeriveBytes correctly, when the salt I’m providing it contains the password?

Posted on August 26, 2019 by SpiritBob

I’m using Rfc2898DeriveBytes in my application to encrypt a password with a randomly generated salt, and with a set iterator count for slowness.

Before, I just grabbed the generated salt and put it as a parameter for Rfc2898… Continue reading Am I using RfcDeriveBytes correctly, when the salt I’m providing it contains the password?→

Securing DB connection string and other configuration files in RCE scenario

Posted on August 26, 2019 by Raimonds Liepiņš

Environment:

Microsoft Windows
IIS Web server
MSSQL DB

Let’s say an application gets compromised with an RCE, what’s the best scenario of protecting the database connection string file or any other sensitive configurati… Continue reading Securing DB connection string and other configuration files in RCE scenario→

CWE-611: Improper Restriction of XML External Entity Reference with XSL include

Posted on August 23, 2019 by Hoppe

Veracode reports that the below code is susceptible to CWE-611: Improper Restriction of XML External Entity Reference.

XslCompiledTransform transform = new XslCompiledTransform();
transform.Load(xslwithospath);
StringWriter … Continue reading CWE-611: Improper Restriction of XML External Entity Reference with XSL include→