WJD

by William Davis

Software Developer, BBQ Enthusiast, Soldier, Parent.

Read this first

Our Move to Dot Net Core

I work at Synovia Solutions LLC. creators of the Silverlining Fleet Management software and Here Comes The Bus. Our solution installs hardware devices on vehicles that then report back over cellular to us. During peak times we are processing about 3000 messages / second over UDP.

Our current system includes a monolithic windows service that handles pretty much all aspects of message processing. Its written in .NET (currently 4.6.1) and runs on several physical machines located in a local Data Center. It uses SQL Server as a backend data store.

When I was brought on board one of my primary tasks was to migrate the existing queuing infrastructure, several Sql Server Tables, into a new queuing solution. We chose RabbitMq via the hosted provider CloudAMQP. This was a pretty new paradigm for me, as I had never worked with anything other than MSMQ (GAG!) .

After the initial implementation

Continue reading →


Comcast Blocks VPN Traffic

So I’m sitting at a friend’s restaurant today, helping him out with some various business topics. He currently doesnt have an Internet connection, but, thankfully, another tenant in the building has Comcast’s XFinity service, and Comcast likes to create public wifi hotspots automatically if you use their equipment.

I signed in and verified that I was connected to the Internet, great! Habitally the next thing I do is try to connect to the VPN out of my house, which is a pretty basic PPTP connection. Not the secure thing in the world, but its good enough for me. I wasnt too surprised when it failed to connect, PPTP is often blocked, I’m used to that.

Next I open up my Private Internet Access.com VPN, which uses an SSL connection. I selected the default, US Midwest, endpoint and hit connect. The connection went through pretty quick and I was successfully connected to PIA. Imagine my

Continue reading →


BentBox.co Security Concerns

Please note that as of this writing, the majority of the problems discussed below have been addressed by the BentBox.co team. I will point out that they were fairly responsive and thankful for the issues that I presented them.

However there are still some of these problems that exist on their site.

On or around June 25th I discovered several security issues with the website BentBox.co. This website provides a platform for photographers and other artists to sell their work. I reached out to a well known security researcher whose name I wont mention until I get permission.

Following that individuals guidance I contacted the folks at BentBox.co where I provided them with the details of my findings. Over the course of the next few weeks we emailed a few times.

Below are the details of my findings.

 BentBox.co vulnerability

 Overview

Cookies are used to store session information. The

Continue reading →


Motorola Surfboard Hack

So I just found the article here:
http://thehackernews.com/2016/04/hack-modem-internet.html

That describes an CSRF attack to reboot, or worse, factory reset your cable modem. I wanted to see if my SB6121 was also vulnerable.

I quickly browsed to:

192.168.100.1

and was greeted with this screen:

2016-04-11_23-54-32.png

So I dug into the configurations page and found this:

a.png

So? I clicked it (REBOOT that is). And within a few short moments my modem rebooted…. Ok yep that worked.

So I put together this test:

curl 'http://192.168.100.1/reset.htm?reset_modem=Restart+Cable+Modem' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8' -H 'Referer: http://192.168.100.1/cmConfigData.htm' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36' --compressed

(Actually I

Continue reading →


BitTorrent VPN

Since doing this project I’ve discovered NetworkManger’s dispatcher.d scripts. I’m currently working on a follow-up article using them.

 Backstory

I recently spun up a new Ubuntu instance (VM) to serve as my dedicated Bit Torrent client. I have an older Dell server that runs Virtual Box, which is what I’m using as the host. The Dell server also hosts my Plex instance. The main motivator behind the dedicate BT client was the Plex instance. A few friends and I share our libraries and they were constantly telling me my Plex server was unreachable. This was b/c I use a VPN service, PrivateInternetAccess.com to mask my use of bit torrent from the world. The problem was that Plex isnt reliabley reachable behind the VPN. Sometimes I could tweak the port and get it to work, but the solution was always short lived.

 Requirements

A few requirements for my final product:
-The VM should auto

Continue reading →


Pork Ribs 2/22/16

I wanted to do some pork ribs in much the same manner that I did the last pork butt. I’ve never injected my ribs before and I thought this would be a good week to try it out.

 Ingredients

 The Meat

1 Rack St Louis Style Pork Ribs

 The Injection

  • Apple Juice Concentrate (Frozen)
  • Cinnamon
  • Garlic powder
  • Salt/Pepper
  • Cumin
  • Red Wine Vinegar (half cup)

 The Rub

  • Mayonnaise
  • Light dusting of Most Powerful Stuff - Amazon
  • Light dusting of Zero to Hero - Amazon

 Wood

Cherry Chips - Amazon

 Sauce

Blues Hog Original - Amazon

 Smoker

Masterbuilt Electric - Amazon

 Process

  • Remove the membrane from the underside of the ribs
  • Rinse and dry the meat
  • Inject, make sure to saturate the meat on both sides.
  • Coated the ribs with a light mayo covering
  • Dusted the ribs with the combination of rubs
  • Smoked at 270 for 3 hours uncovered, no water bowl.

 Results

These ribs were pretty good. They

Continue reading →


Superbowl Pork Shoulder

Date: February 7th 2016

The Superbowl pork shoulder was iconic for a couple reasons:

  • Smoked shoulder of the year
  • It was the best one to date

tldr;

17# shoulder smoked over Cherry @ 270 for 5 hours - wrapped and placed in oven for 2 hours.

Anyway here is the quick ingredients list:

  • 17# pork shoulder (Costco) - $34

Injection

  • Apple Juice Concentrate (Frozen)
  • Cinnamon
  • Garlic powder
  • Salt/Pepper
  • Cumin
  • Red Wine Vinegar (half cup)

Rub

  • Light dusting of Butt Rub. - Amazon
  • Light dusting of Most Powerful Stuff - Amazon
  • Light dusting of Zero to Hero - Amazon

Wood

Cherry Chips - Amazon

Smoker

Masterbuilt Electric - Amazon

Process

Start this one by give the shoulder a good trim. Removing excess outer fat etc. It was a boneless shoulder, which I do not prefer, but, it was decent looking.

Next was a rinse and dry, just run the should under water and rub it down, removing

Continue reading →


Just want my Netflix and Chill

Its been a rough evening. I’ve talked to ~7 different “support” folks at Netflix, and 1 Person from Comcast.

It all started when I tried to watch some Netflix:

From there things just escalated…

I admit it. I got carried away

At one point I was on 3 chats and a phone call with Netflix. Im Sorry.

But seriously why are they asking me to do a DNS Flush? I’m hoping somebody can learn me on this one. What does Flushing my DNS Resolver Cache have to do with Netflix perceiving my connection as being a VPN.

Anyway it just kept getting worse:

Continue reading →


Why the story of Russia and Turkey just doesn’t add up

Cross Posted from a write-up I did on medium.com

According to an article published on the NYTimes the stories coming out of Turkey and Russia are not meshing very well (shocking).
The image below outlines the flight path of the shot down aircraft from both Russia (red) and from Turkey (purple).

styled-plane-path-map-720.jpg

According to the map the section of turkey that was violated is ~2mi across.
Keep that figure in the back of your head — 2 Miles.
The aircraft that was shot down was an SU-24

Sukhoi_Su-24_inflight_Mishin-2.jpg

According to WikiPedia. The SU-24 is a
“…supersonic, all-weather bomber aircraft…”
According to AxleGeeks.com the SU-24 has a Cruise Speed of 710 knots — That’s 817.053 MPH. Not to say that it is incapable of slower flight. According to the same website the average military jet is capable of an average cruise speed of 560 knots — Or 644.436 MPH.
Lets assume the jet was traveling at the slower, average speed of 560

Continue reading →


Using Moq to override calls to App.config

The other day I was working on a new implementation in our product to re do logging. I’m taking us from a custom File Writer to using Log4Net wrapped in a Facade.

To make this transition a bit smoother, and allow us to roll back to the old style if something breaks, I also implemented a Factory Pattern to provide the correct logger based upon the current App.Config settings.

To clarify, we are using Ninject for DI, and usually I would use the DI container to inject the correct implementation. However, we are also using the NinjectModule interface to setup bindings at runtime, based upon a compiled assembly. So instead, I’m using DI to inject the factory and it can provide the correct implementation.
I’m sure there will be countless opinions both ways here, but its convenient and makes sense in our project

I had sketched up my interfaces and got ready to write unit tests, when I

Continue reading →

Subscribe to WJD

Don’t worry; we hate spam with a passion.
You can unsubscribe with one click.

sCvVyj1Bhe3XkFDXbbL
ssl yes