If you want to have nice 2-3 or 5 outgoing IP’s for your app service, instead of 456 ones, you need just 5 simple steps.

1. Create Azure V-Net.
2. Create Subnet for your App Service.
3. Connect your app service with Subnet.
4. Create NAT Gateway and add IP addresses to it.
5. Go to V-Net subnet settings and assign NAT Gateway.

That’s it!

Someone hired me. It was a local development company in Armenia. I had about 2 years of experience in engineering. Not counting 1 year in University after which I dropped out and was sent to serving in the army for 2 years. For all male species in our country serving in the army is mandatory. Anyway, I wanted to tell a different story. We were working on some useless projects for the Central Bank of Armenia. The project was useless, I don’t even know whether they used it or not, probably yes, because they just paid for it, but it was not solving any issues. The good thing is that now I can say: “yo, motherfucker I worked on projects for the Central bank of Armenia, what have you achieved, loser?!”. Of Course, as always, details are hidden: nonsense projects, no serious technical difficulties, nothing valuable, it’s just a fancy line that you throw and hide all the important details. This is what we always do, but refuse to accept that we are this kind of pieces of shit. If you are offended, I am really sorry, but leave this post asap, it’s going to get worse.

Probably you know the feeling when you can’t get rest for your mind. Maybe from suspecting that your GF is cheating on you, or one of your ‘friends’ bought Mercedes S class and you keep envying him, you know that it’s not right, but you still continue doing it and get more terrified because you know that’s wrong. Some people get terrified from other people’s Instagram accounts and start eating themselves from inside, other people eat themselves finding purpose in life, and so on. Did you get the point? We are different, we get terrified from different things, but getting terrified is common, we all get terrified.

The title is Pretty. Much. And explanatory.

- Who are we?

- We are developers!

- What we need?

- Access to production databases!

Ok, our task is pretty simple. Create a virtual network for the production environment. Then create an Azure PostgreSQL Database and join it to v-net. And in the end, create VPN Gateway to this v-net so developers can get access to production databases through it. Sounds simple and straightforward. Let’s start:

• How to Create Virtual Network

• How to Create Azure PostgreSQL Database

• How to Integrate PostgreSQL database with V-Net

• How to Create VPN Gateway to V-Net

Don’t you say you were expecting a huge useless novel about all these “how to”-s? Go and hit those links. Microsoft document ninjas did a really good job. Thank you, Microsoft. #mymicrosoft #microsoftloveslinux #microsoftloveslinkedin #microsoftlovesgithub #microsoftlovesnatasha #microsoftlovesyou

So let’s go underwater to find those stones.

Unfurtunatly there is no built in way of downsizing managed disks in azure. So we need to create new ones and copy existing data to them.

CAUTION: Do this at your own risk. Althrought you will not lose any data, until you dont remove those disks, but recheck/verify each step during process.

Connect to Host VM and modify fstab.

Connect to host VM with SSH. Backup fstab sudo cp /etc/fstab /etc/fstab_old Open fstab sudo pico /etc/fstab You should see your attached disks, like this:

UUID=f1655714-111e-11fe-c583-cfe26cfd7966   /data/data1 ext4 rw,relatime 0 0
UUID=f44862e3-222d-1184-8b0f-a88713d9f9a2   /data/data2 ext4 rw,relatime 0 0
UUID=c481e1de-3337-1e73-ad64-6586660b072e   /data/data3 ext4 rw,relatime 0 0

Remove them.

Probabbly you should also stop any services that are using those drives.

Stop Host VM and deatach managed disks.

Create new copy of deatached managed disks with prefered configurations

az disk create -g beta -n disk-new-name --source disk-old-name --sku StandardSSD_LRS --size-gb 1023

This will create new disk with copiing data from old one.

Attach newly created disks to Host VM.

Run Host VM.

Connect with SSH.

Now we need to mount new attached disks: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/attach-disk-portal

In the like above, there is section about updating fstab. Open it and update, keep in mind to map to same folder, in order to not break any application using those directories.

Cleanup

Enable previously disabled any service. Remove fstab backup sudo rm -rf /etc/fstab_old

It is possible. Even in working on free time. Yeah, yeah, now you think that this idiot is lying, or he built something horrible. Ok have a look at this:

You think this is something horrible? Dumb asshole. I don’t understand, what is a purpose of searching something horrible…ok, ok, if it is very important for you, search through source code. I’m pretty sure you will find something horrible for you.

How did it start? My friend informed me about Windows Developer Day Sweepstakes and, and have you seen prizes? “Custom Xbox controller with engraving” this was my motivation for starting development of just another file manager who believes he is the best in the world, like you, me and another guy next to you. Oh, sorry for calling file manager he, maybe she? Fuck this sexism, It…It!

In Part 1 we cleaned our protected assembly and now it is decompilable and runnable.

In this part, we will try to remove activation checking.

Ok, Let’s do it.

Do you know what is fun in RE? It’s like playing chess with a developer of the program. It is necessary to guess his steps or start thinking like a developer.

In my case it isn’t just a ordinary developer, it is an author of a strong crypter.

Does it make sense? If you answered yes, I have some bad news for you, you are talking with text.

Do you ever have the feeling that you are a piece of shit and you are just a man who knows how to combine source codes found from StackOverflow?

No ? Then go fuck yourself. Personally, I periodically have that feeling.

This feeling challenges me to learn new things, find ways to test my brain and playing with reverse engineering was a just the right thing for me to start feeling like a hard-core developer (or just something bit different from shit) again.

Here is my secret of learning new things:

1. Feel like a shit.
2. Do some “cool” stuff.
3. Wait 15 minutes and go to point 1. ( Don’t use gotos in source codes. )

Ok, when you are in the right mood, let’s start with the main topic.

Lastelly we have been obfuscating a crypter that was written with VB.NET. Our main goal was to find out the logic and methods of encryption. I think that one of the hardest parts of reverse enginneering is determining logic, not just writing a patch or finding out a secret key from the program.

In this part:

1. Removing various anti-reversing protections.
2. Make program decompilable and runnable.

What we are going to archive?

1. ProjectA (Class Library) with custom configuration file foo.config (with configuration transformations)
2. ProjectB (WebProject or ConsoleApplication, …) that references ProjectA and includes the ProjectA’s transformed configuration file foo.config (in output folder of ProjectB)

What we are going to do?

1. Setup and configuration of the IdentityServer3.
2. Creating a client for the IdentityServer3 with Flows.Other and AllowedCustomGrantTypes: "windows".
3. Setup and configuration of the WindowsAuthenticationService.
4. Creating a custom grant validator in IdentityServer3 for windows grant type.
5. Creating a console client and get a token from IdentityServer3 by using the current Windows principal.

How does this all communicate?

The client (in our case a WPF-based desktop application) calls WindowsAuthenticationService for converting his/her current windows principal to jwt token, which is trusted by IdentityServer3. On the next step, the Client calls the IdentityServer’s /token endpoint (using custom grant: windows ), including in the request the jwt token got from WindowsAuthenticationService. IdentityServer3 will then issue a new token with requested scopes, custom claims and etc.

What are we going to achieve?

This configuration allows us to authenticate users in IdentityServer3 with windows authentication. In addition, we can add roles, claims to these users by using the IdentityManager.

There are thousands of “success story” materials on the internet. If we combine and sum up majority of them, we will get a story like this:

… Today I woke up and felt that today is a day of a successful startup. I called my friend John, and we started creating our product for months: without sleeping, without eating and without sex. Our road to success was very hard. We have got tons of problems, but we handled all of them because we are smart and have the necessary capacity. Now we have a service that helps people find correct time for feeding their cats. …

Who cares guys? No really…

If you can read this title, it means that you know just about everything about asynchronous programming.

You can leave this post alone and don’t bother.

Still here? OK, let’s dive in. To explain my understanding of asynchronous programming, I have decided to write a whole post in an asynchronous manner (like the title).
OK, I know what you think an another blog post about asynchronous bla-bla-bla. OK, you got me, this isn’t that kind of movie blog post, I am not going to waste your time and explain asynchronous programming, there are dozens of good materials you can find on the net.

You know me. Today I woke up and felt that today will be the day of asynchronous programming. Then I got notified about the “Your coffee is ready, my lord” event and scheduled the event handler to the thread pool. After a few context switches I finally drank my coffee, went to work and woke up and all this in a single OS time slice and started writing this post.

What is the purpose of writing this post if I am not going to explain what is asynchronous programming?

I just want to give you some real world examples of asynchronous things and share some code snippets that can be reused in multiple any WinForm or WPF desktop applications.

It’s hard to believe, but today I woke up. Just trust me, I am not lying, I really woke up. I mean the feeling when you fell that you had a great sleep, and not just opened your eyes and went to work.

Anyway…..

Have you heard about asp.net WEBApi and new OData library for it?

I hope you know, otherwise, I am sure you can find more interesting things to waste your precious time on it. Like watching porn. By the way there is a bug-bounty program at Pornhub. And I can swear that I think there is a SQL Injection when uploading your homemade videos :)

As usual I woke up from the smell of an unexploited hole. Today is the day of the second hacking experience.

Now I have an access to the admin panel, but what now? Oh yeah sure you are right. But just please stop for a second and think are you going to become a hacker too?

Oh, yes, we need to find something special, something extraordinary, something…something like file input.

Yes, thank you, I know that I am very smart indeed.

Today I woke up and smelt that today is the day of the first hacking experience.

Find your target by smell. It usually stinks.

First I searched for input forms. e.g. a simple search form of a stincky website. And input the most dangereous symbol ever created by a human: the apostrophe.

url: /search/?'

We get the following result:

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version.

Whoozay!!! Seems like this query is vulnerable to SQL Injection attack. Now we must determine type of attack we can use for injection.