Resolving version conflicts on MsBuild projects with dep.exe

I’ve recently came accross a surprisingly painful task which were about removing a warning.
One of them were the famous “MSB3247: Found conflicts between different version of same dependent assembly”.

After hours of manual troubleshooting I finally created a command line tool called dep.exe to dump the nested dependencies of every assemblies inside a directory to easily

  • Know which assemblies are referenced (directly or indirectly) with more than one version
  • Understand the dependency chain which pulled those assemblies in your bin folder

Everything is explained on the README of dep.exe.
dep.exe output sample
If you happen to have any question or suggestions, just post them in the comment section.

How to Create a Virtual Machine with Ubuntu 15.04 Vivid and VMBuilder?

The need of a Virtual Machine

I recently decided to migrate my dedicated server from Online to OVH and realized that installing a server is extremely painful.
Then I realized that one way to avoid this mess again could be to setup a Virtual Machine so that I could just move that VM to another host later.

How to do it with the command line?

There are plenty of tutorials which explain how to do so. But it looks like the options change every six months. So after hours of experimentation here is what worked for me:

  • a VM with Ubuntu Trusty as Guest OS run by KVM and controllable with virsh later
  • a NATed network with static IPs
    (the doc doesn’t mention that you need to specify –net and –mask for –ip to be taken into account)
    Note that 192.168.122.0/24 is the default IP range available so you kind of have to choose an IP in that range
  • An automatic startup

Brute force on a .p12 password with c#

It started with a VPN problem

The other day, I had an issue with my VPN and someone from the IT service remotely connected to my machine to put a certificate on it. While he manipulated the certificate manager, he exported a certificate and typed a password of 4 characters that I couldn’t see (characters were obfuscated). Just after that he requested me to use another wifi connection to test the VPN so we had to stop the chat and the remote session. Unfortunatly for me it didn’t work and the guy went to lunch.

So now, I was stuck with no VPN and a certificate which were not working! I decided to delete all the personal certificates having my name from my computer and to re-import the p12 file that the IT guy left on my desktop. I tried to do so but then I was requested to type the password – remember? it was only 4 chars. I tried all the stupid 4 letters password I got in mind (“test”, “1234”, “0000”, “aaaa”, “azer”, “qwert” …) but none of them worked.

Let’s brute force that weak p12 password

So here is the interesting part. I decided to try that very famous thing called “brute force” a password. I was saying in my mind “With my years of programming experience, it should take me 10 minutes to code it and few second to run”.
But actually it took me up to one hour to make the stuff to actually work without obvious bug in C#:

The result

The app was testing 2k passwords per seconds and found the password in less than 3 minutes :) !

p12-brute-force

The conclusions are

  • don’t use a 4 letters password, obviously, especially on your p12 files which can used to act on your behalf
  • coding simple things can take more time than we expect (think hiring interview questions)
  • The method I’m using to check the password (X509Certificate2Collection.Import) throws an exception when the password is wrong. This makes the process extremelly slow (15x). When you happen to completely ignore the exception (catch(Exception) with a variable), it becomes reasonably faster if you activate the code optimization (Release mode)

That’s it, the code is on Github.  If you happen to spot obvious bugs in the enumerator of passwords, don’t hesitate to let me know with a comment.

 

Dfp tests

Sky Ad Unit

Criteo Code of Duty 2

Après une première session pleine de succès, Criteo remet ça.

Quoi

Criteo organise un concours de programmation ouvert à tous les passionnés de programmation. Il y a 20 000 € à partager entre les 10 premiers (le premier empochant 10 000 €).

Quand et Ou

La première phase se fait sur le site de programmation codility.com le 02 Juin 2012 à midi. Pour vous inscrire il faut aller :

Comment ça se passe ?

Les qualificatifs

Les qualificatifs se dérouleront sur codility.com et voici le principe de fonctionnement :

  • vous ecrivez votre code sur le site directement (les languages autorisés sont : Java, C++, C#, Javascript, Pascal, Perl, PHP, Python, Ruby, VB.NET, Objective-C et Lua)
  • vous choisissez vos données d’entrées (en général des tableaux d’entiers ou de chaines de caractères, vous pouvez créer plusieurs jeux de données)
  • vous cliquez sur un bouton pour compiler votre code et le tester avec les données d’entrées
  • le site vous informe si votre code a fonctionné avec les données saisies et si ce n’est pas le cas, vous avez du details sur les raisons de l’echec.

La finale

Quant à la finale, vous serez invité à venir au siège de Criteo (Paris) et cette étape se passera dans nos locaux directement.

Donc voila, il ne vous reste plus qu’à vous inscrire : labs.criteo.com/code-of-duty-2