Dump Analysis via WinDbg

31-01-2015

In computing, a core dump (in Unix parlance), memory dump, or system dump consists of the recorded state of the working memory of a computer program at a specific time, generally when the program has terminated abnormally (crashed). In practice, other key pieces of program state are usually dumped at the same time, including the processor registers, which may include the program counter and stack pointer, memory management information, and other processor and operating system flags and information. Core dumps are often used to assist in diagnosing and debugging errors in computer programs. – from Wikipedia’s Core Dump page.

This article figures out the steps to investigate a dump file for exception information and stack trace via WinDbg.

Read More »

EditorTemplate with Customizable HTML Attributes

30-01-2015

When using EditorTemplate, we wouldn’t set some attributes (e.g. the Bootstrap grid width col-md-* ) of the widget in the template, so they can be customized via the second parameter of HtmlHelper.EditorFor for different contexts/pages. On the other hand, to avoid duplication, it’s the widget’s responsibility to set the attributes that the widget always has or belong to the widget rather than its container.

This article illustrates how to pass the HTML attributes to the EditorTemplate and merge with the attributes reside in the EditorTemplate itself.

Read More »

Get Recent SQLServer Queries from the Server Side via DMV

29-01-2015

This article discusses how to get the recent queries as well as the last or current running query for a specific SPID.

Get Recent Queries from the Query Cache

The idea is to find the sql_handle for the recently executed queries from the dm_exec_query_stats table and then find the underlying SQL text from the dm_exec_sql_text table for the sql_handles. Below shows the query to achieve the goal:

SELECT  sql_text.text, last_execution_time, creation_time
FROM    sys.dm_exec_query_stats AS stats
        CROSS APPLY sys.dm_exec_sql_text(stats.sql_handle) AS sql_text
order by last_execution_time DESC

Read More »

WinDbg Commands Cheatsheet

27-01-2015

k

Shows the stack of the current thread.

kb : Displays the first three arguments passed to each stack entry.

kp : Displays more information including the name and type of the parameters for each stack entry.

~

Shows all threads, the current been debugging thread will have a dot ahead like the thread 2 shown below.

0:002> ~
0  Id: 5a0.1f8 Suspend: 1 Teb: 7ffdd000 Unfrozen
1  Id: 5a0.158 Suspend: 1 Teb: 7ffdc000 Unfrozen
.  2  Id: 5a0.b28 Suspend: 1 Teb: 7ffdb000 Unfrozen

We can use ~*kb(or ~*kp) to enumerate all threads and print their stack trace information.

Read More »

Avoid Mass Assignment in ASP.NET MVC

10-01-2015

Copied from here

One of the scenarios that I always demonstrate during an ASP.NET MVC class is how to create a mass assignment vulnerability and then execute an over-posting attack. It is a mass assignment vulnerability that led to a severe problem on github last week.

Let’s say you have the following model.

public class User
{
    public string FirstName { get; set; }
    public bool IsAdmin { get; set; }
}

When you want to let a regular user change their first name, you give them the following form.

@using (Html.BeginForm()) {
     @Html.EditorFor(model => model.FirstName)
    <input type="submit" value="Save" />
}

There is no input in the form to let a user set the IsAdmin flag, but this won’t stop someone from crafting an HTTP request with IsAdmin in the query string or request body. Maybe they saw the “IsAdmin” name somewhere in a request displaying account details, or maybe they just got lucky and guessed the name.

Read More »