Lazy Diary @ Hatena Blog

PowerShell / Java / miscellaneous things about software development, Tips & Gochas. CC BY-SA 4.0/Apache License 2.0

Default ClassLoader configuration in several Application Servers

Java application uses ClassLoaders in parent-first mode. On the other hand, some JavaEE Application Servers are not parent-first mode in default, and/or have preferences to configure ClassLoader behavior. # Application Server Default mode …

CEH Certified Ethical Hacker Practice Exams, Third Edition (All-In-One) Chapter 1 Notes (日本語)

CEH

CEH Certified Ethical Hacker Practice Exams, Third Edition (All-In-One)を使ってCEH v9のテスト勉強をしている。Chapter 1 (pp.3-7)を解いたときのメモ。 もう一度解いた方がよい問題 2, 3, 7, 8, 10, 11, 12, 15, 16, 19, 25 むずかしい単語 residual …

CEH v9 Practice Tests 2 Notes (日本語)

CEH

CEH v9: Certified Ethical Hacker Version 9 Practice Testsを使ってCEH v9のテスト勉強をしている。Practice Test 2 (pp.28-52)を解いたときのメモ。 もう一度解いた方がよい問題 8, 11, 16, 17, 18, 21, 28, 29, 32, 33, 34, 35, 39, 40, 42, 44, 45, 52,…

CEH v9 Practice Tests 1 Notes (日本語)

CEH

CEH v9: Certified Ethical Hacker Version 9 Practice Testsを使ってCEH v9のテスト勉強をしている。Practice Test 1 (pp.2-25)を解いたときのメモ。 もう一度解いた方がよい問題 4, 11, 14, 15, 17, 20, 21, 33, 34, 37, 39, 46, 48, 51, 54, 60, 64, 68, …

CEH v9 Practice Tests 1 Notes (1)

CEH

Notes for CEH v9: Certified Ethical Hacker Version 9 Practice Tests Practice Test 1 (pp.2-25). ECC means Elliptic Curve Cryptography, not Error Check and Correction (e.g. ECC memory). Smurf attack and Fraggle attack are both using request …

Memory Consumption to Read XMLs in PowerShell

Background PowerShell has an useful function to read and parse XML files: [XML]. But reading XML files and (especially) building DOMs are memory consuming function. Question How much memory do you need to read XML files with [XML]? Methods…

Pause before HTTP redirect (302) and get redirection URI with Chrome developer tools

Context When you try to attack to OAuth2 Authorization Code Flow with CSRF (See RFC 6749 "10.12. Cross-Site Request Forgery"), you have to pause before redirect in order to get redirection URI, because the redirection URI is unique and wil…

Push source to GitHub/GitLab repository without type password

Background The passphrase stored in ssh-agent is invalidated when the git client machine is rebooted. If you want to access GitHub/GitLab without type password (e.g. push/pull source in Jenkins), you have to use a ssh public/public key pai…

How to escape special characters in PowerShell

Ways to escape special characters in PowerShell are different between its context, and so complecated... # Context Escaped char " ' \ ` `` 1 String with " " ✓ ✘ ✘ ✓ ✘ 2 String with " $ ✘ ✘ ✘ ✓ ✘ 3 String with " ' - - - - - 4 String wi…

Invoke-RestMethod to GitLab API causes mojibake

Context In PowerShell, You can call REST API with Invoke-RestMethod like: Invoke-RestMethod -Headers $headers -Method Get -Timeout 10 -Uri "https://api.github.com/users/octocat/orgs" Problem The result of Invoke-RestMethod causes mojibake …

Format operator with string contains "{" and "}"

Context In PowerShell, you can format a string with -F operator like: Get-Content foo.csv | ConvertFrom-Csv -Header Name,Code,Address | ` ForEach-Object { "{0} `n {1} {2}" -F $_.Name,$_.Code,$_.Address } Problem -F operator returns error l…

How to see an AOP pointcut matches to a method signature

Situation You are developing an Java application with Spring Framework. You are trying to write an AOP pointcut to weave some logic into a method invocation, but the weaved logic doesn't seems be running. Problem Mistakes are sometimes in …

There are no properties for ordinary characters in PropList.txt

Problem When run the script in next URL with PropList.txt on unicode.org, result file did not contain character properties for ordinary characters like 'x', 'y', or 'z'. http://satob.hatenablog.com/entry/2017/11/21/002957 Reason PropList.t…

Get CodePoint-Property Pair from Scripts.txt on Unicode.org

Context You want to make a list of pair of unicode codepoint and its character property, like below: 00009,Cc 00020,Zs 00021,Po 00024,Sc ... Solution with PowerShell You can make the list from ftp://ftp.unicode.org/Public/UNIDATA/PropList.…

Ordinaly SELECT clause returns ORA-00904 error on Oracle in SQL Fiddle

SQL

Context The "Text to DDL" feature on SQL Fiddle generates DDL like below for Oracle 11g R2. CREATE TABLE Table1 ("value1" int) ; INSERT ALL INTO Table1 ("value1") VALUES (1) SELECT * FROM dual ; Problem This ordinal SELECT clasuse returns …

Return value of comparison operator in SELECT clause

SQL

Background Some RDBMS can contain the result of comparison operator in SELECT clause. However, the returned values are different between RDBMS. Result MySQL I used MySQL 5.6 on SQL Fiddle. DDL (MySQL) CREATE TABLE Table1 (`value1` int, `va…

Convert deeply nested hash or array to JSON with ConvertTo-Json

Context You can read a JSON file like below with ConvertFrom-Json, and write with ConvertTo-Json properly. PS > Get-Content ./foo.json { "outerHash": { "innerHash": { "key": "value" } } } PS > Get-Content ./foo.json | ConvertFrom-Json | Co…

Convert an array to CSV with PowerShell

Problem You cannot convert an array with just pipeline the array to ConvertTo-Csv. PS > $array = ("a", "b", "c", "a", "d") PS > $array | ConvertTo-Csv "Length" "1" "1" "1" "1" "1" ... or just passing the array to ConvertTo-Csv. PS > Conver…

XmlNode.SelectNodes() always returns List in PowerShell 2.0

Problem: In PowerShell, by using XML DOM API in .NET, you can access to a child element in XML as a ordinary property. PS > $xml = New-Object System.Xml.XmlDocument PS > $xml.LoadXml('<a><b id="1">foo</b></a>') PS > $xml.SelectNodes('//a').b id #text -- ----- …

How to get a #text in XML even if the tag doesn't have attributes

Background: In PowerShell (even in C# or VB.NET?), you can get a body of the tag (text content) with '#text#' property. > $xml = New-Object System.Xml.XmlDocument > $xml.LoadXml('<a><b id="1">foo</b></a>') > $xml.SelectNodes('//a').b.'#text' foo Problem: If a …

Who does recommend to encrypt the attachments in email

In Japan, so many companies have their own security policy like "When you send email with attachments, you must zip all the attachments with password, and send the password in another email". Some say this policy is pointless, but on the o…

What can you do with account lockout and its unlock

Purpose of account lockout These are some purpose for account lockout, such as: Detect login attempts 1 Example: Logging 2 Slow down login attempts Example: Duration-based lockout, scrypt, Argon2 Interrupt login attempts Example: Requires …

A List of What Cannot JCache do

JCache cannot save the order of insertion. You should use LinkedHashMap for that purposes. JCache cannot update whole entries in a cache atomically. You should use AtomicReference or some locking mechanisms for that purpose. (Ofcourse you …

The meanings of word "cache" in software engineering

I think the word "cache" has so many different meanings in different contexts like below. Note: In this list, the word "invalidated" means the source of cached value might be changed. Something like the cache in web browsers. The cache sto…

Difference of GitHub API and GitLab API

Format of Personal Access Tokens In GitHub, personal access tokens are hex string, like e72e16c7e42f292c6912e7710c838347ae178b4a. In GitLab, personal access tokens are like Base62 string, like 9koXpg98eAheJpvBs5tK. Personal Access Tokens a…

情報システムの受託開発中に発見されたバグの情報の行方

情報システムの受託開発で、OSSに依存するアプリを開発したとしよう。さらに、そのアプリの開発中に、当該OSSのバグを見つけたとしよう。この場合、条件によっては、発見者はパッチの投稿も、バグの報告もできず、そのバグの情報は永遠にお蔵入りになるので…

You should disable Adblock Plus (Chrome) in Alfresco

Context: You are using Alfresco Community v5.2.0. You are using Chrome with Adblock Plus. Problem: “New Topic” button on the discussion forum disappear. Reason: Adblock Plus added “display: none” to the area that has the “New Topic” button…

Chrome sends another request for "View page source"

Context: You are developing a web application that has anti-CSRF function (transaction tokens). You are using Chrome to test and debug the application. Problem: Once you had viewed the HTML source with “View page source” on the context men…

三重は中部か近畿か、静岡は東海か関東かみたいな表

三重県のサイトに「三重県は中部地方?近畿地方?」という面白い情報があった。 同様の話は静岡県などにも言える(警察庁としては関東管区警察局の管轄区域だが、国土交通省としては中部地方整備局の管轄区域)。 他にも、Chakuwikiには「もし道州制の境界線…

How to reduce the size of monochrome almost-binary image from scanners

I scanned a B4-size monochrome paper document with Epson EP-805A through Epson iPrint iOS app, and resulted a 1.9MB jpeg file (It’s too big, isn’t it?). You can reduce the size of monochrome almost-binary image with Imagemagick convert com…