digital sanitation engineering

Thursday, April 11, 2013

SQLi and Implicit type conversion in MySQL

String Operator Different String

`SELECT "A" AND "B" = "C"`	False
`SELECT "A" && "B" = "C"`	False
`SELECT "A" = "B" = "C"`	True
`SELECT "A" := "B" = "C"`	Error
`SELECT "A" BINARY "B" = "C"`	Error
`SELECT "A" & "B" = "C"`	True
`SELECT "A" ~ "B" = "C"`	Error
`SELECT "A" \| "B" = "C"`	True
`SELECT "A" ^ "B" = "C"`	True
`SELECT "A" CASE "B" = "C"`	Error
`SELECT "A" DIV "B" = "C"`	False
`SELECT "A" / "B" = "C"`	False
`SELECT "A" <=> "B" = "C"`	True
`SELECT "A" >= "B" = "C"`	True
`SELECT "A" > "B" = "C"`	True
`SELECT "A" IS NOT NULL "B" = "C"`	Error
`SELECT "A" IS NOT "B" = "C"`	Error
`SELECT "A" IS NULL "B" = "C"`	Error
`SELECT "A" IS "B" = "C"`	Error
`SELECT "A" << "B" = "C"`	True
`SELECT "A" <= "B" = "C"`	False
`SELECT "A" < "B" = "C"`	False
`SELECT "A" LIKE "B" = "C"`	True
`SELECT "A" - "B" = "C"`	True
`SELECT "A" % "B" = "C"`	False
`SELECT "A" MOD "B" = "C"`	False
`SELECT "A" != "B" = "C"`	False
`SELECT "A" <> "B" = "C"`	False
`SELECT "A" NOT LIKE "B" = "C"`	False
`SELECT "A" NOT REGEXP "B" = "C"`	False
`SELECT "A" NOT "B" = "C"`	Error
`SELECT "A" ! "B" = "C"`	Error
`SELECT "A" !! "B" = "C"`	Error
`SELECT "A" OR "B" = "C"`	False
`SELECT "A" + "B" = "C"`	True
`SELECT "A" REGEXP "B" = "C"`	True
`SELECT "A" >> "B" = "C"`	True
`SELECT "A" RLIKE "B" = "C"`	True
`SELECT "A" SOUNDS LIKE "B" = "C"`	True
`SELECT "A" * "B" = "C"`	True
`SELECT "A" XOR "B" = "C"`	False

String Operator Same String

`SELECT "A" & "A" = "C"`	True
`SELECT "A" \| "A" = "C"`	True
`SELECT "A" ^ "A" = "C"`	True
`SELECT "A" > "A" = "C"`	True
`SELECT "A" << "A" = "C"`	True
`SELECT "A" < "A" = "C"`	True
`SELECT "A" - "A" = "C"`	True
`SELECT "A" != "A" = "C"`	True
`SELECT "A" <> "A" = "C"`	True
`SELECT "A" NOT LIKE "A" = "C"`	True
`SELECT "A" NOT REGEXP "A" = "C"`	True
`SELECT "A" NOT RLIKE "A" = "C"`	True
`SELECT "A" + "A" = "C"`	True
`SELECT "A" >> "A" = "C"`	True
`SELECT "A" * "A" = "C"`	True

String Operator String-That-Starts-With-A-Number

Note: the example used "1" but "9foobar" or "1.foobar" or ".1foobar" or "-9foobar" or "+.4foobar" will work too.

`SELECT "A" = "1" = "C"`	True
`SELECT "A" & "1" = "C"`	True
`SELECT "A" DIV "1" = "C"`	True
`SELECT "A" / "1" = "C"`	True
`SELECT "A" <=> "1" = "C"`	True
`SELECT "A" << "1" = "C"`	True
`SELECT "A" <= "1" = "C"`	True
`SELECT "A" < "1" = "C"`	True
`SELECT "A" LIKE "1" = "C"`	True
`SELECT "A" % "1" = "C"`	True
`SELECT "A" MOD "1" = "C"`	True
`SELECT "A" REGEXP "1" = "C"`	True
`SELECT "A" >> "1" = "C"`	True
`SELECT "A" RLIKE "1" = "C"`	True
`SELECT "A" SOUNDS LIKE "1" = "C"`	True
`SELECT "A" * "1" = "C"`	True

String Operator String, Both Strings are Numeric, Not Zero

`SELECT "123A" = "-3A" = "C"`	True
`SELECT "123A" <=> "-3A" = "C"`	True
`SELECT "123A" << "-3A" = "C"`	True
`SELECT "123A" <= "-3A" = "C"`	True
`SELECT "123A" < "-3A" = "C"`	True
`SELECT "123A" LIKE "-3A" = "C"`	True
`SELECT "123A" % "-3A" = "C"`	True
`SELECT "123A" MOD "-3A" = "C"`	True
`SELECT "123A" OR "-3A" = "C"`	True
`SELECT "123A" \|\| "-3A" = "C"`	True
`SELECT "123A" REGEXP "-3A" = "C"`	True
`SELECT "123A" >> "-3A" = "C"`	True
`SELECT "123A" RLIKE "-3A" = "C"`	True
`SELECT "123A" XOR "-3A" = "C"`	True

Single Empty String

`SELECT "A" = "" = "C"`	True
`SELECT "A" & "" = "C"`	True
`SELECT "A" \| "" = "C"`	True
`SELECT "A" ^ "" = "C"`	True
`SELECT "A" <=> "" = "C"`	True
`SELECT "A" << "" = "C"`	True
`SELECT "A" <= "" = "C"`	True
`SELECT "A" < "" = "C"`	True
`SELECT "A" LIKE "" = "C"`	True
`SELECT "A" - "" = "C"`	True
`SELECT "A" + "" = "C"`	True
`SELECT "A" >> "" = "C"`	True
`SELECT "A" SOUNDS LIKE "" = "C"`	True
`SELECT "A" * "" = "C"`	True

Double Empty String

`SELECT "" & "" = "C"`	True
`SELECT "" \| "" = "C"`	True
`SELECT "" ^ "" = "C"`	True
`SELECT "" > "" = "C"`	True
`SELECT "" << "" = "C"`	True
`SELECT "" < "" = "C"`	True
`SELECT "" - "" = "C"`	True
`SELECT "" != "" = "C"`	True
`SELECT "" <> "" = "C"`	True
`SELECT "" NOT LIKE "" = "C"`	True
`SELECT "" + "" = "C"`	True
`SELECT "" >> "" = "C"`	True
`SELECT "" * "" = "C"`	True

Monday, June 4, 2012

php unsigned integers and beyond

When you have to work with binary data and unsigned integers in PHP, the following routines my be useful. bytes2bcmath takes a binary string and turns into a bcmath compatible decimal string.

// (1>>64)-1 or 0xFFFFFFFFFFFFFFFF
$val = '18446744073709551615';
$bytes = bcmath2bytes($val);  // returns 8 byte string
$dec = bytes2bcmath($bytes);  // and back again

    function bytes2bcmath($bytes) {
        $val = '0';
        for ($i = 0; $i < strlen($bytes); $i++) {
            $val = bcadd(bcmul($val, 256), ord($bytes[$i]));
        }
        return $val;
    }

    function bcmath2bytes($dec) {
        $str = '';
        do {
            $byte = bcmod($dec, 256);
            $str .= chr($byte);
            $dec = bcdiv($dec, 256, 0);
        } while ($dec != '0');

        return strrev($str);
    }

python websockets client

You are looking for websocket-client by lirss available on pypi ( sudo easy_install websocket-client ). Or pull from source via github.

Google gives bad answers for "python websocket client" and "python websockets client". Hopefully this helps.

Saturday, June 2, 2012

LD_PRELOAD on Mac OS X

You want

DYLD_INSERT_LIBRARIES=/path/to/your.dyld command.

If that doesn't work, make sure the linker is finding your library by trying:

DYLD_PRINT_LIBRARIES=1 DYLD_INSERT_LIBRARIES=/path/to/your.dyld command.

Once you've confirmed that your library is being loaded, but it's still not working, try this

DYLD_FORCE_FLAT_NAMESPACE=1 DYLD_INSERT_LIBRARIES=/path/to/your.dyld command

man dyld is full of more details.

See also:

Where is ldd on Mac OS X

The Mac OS X equivalent of the Linux ldd command is otool -L. See the manage for more details, and checkout man dyld for more details.

See also:

Making shared libraries on Mac OS X 10.7

Compile with -fPIC -fno-common and link with -dynamiclib -flat_namespace and use the suffix .dyld for the library (e.g. libfoo.dyld). At least this worked under Mac OS X 10.7.4 using gcc 4.2.1. Find out more on the linker by typing man dyld.

See also:

Monday, May 28, 2012

Slide Show Font Sampler and Shootout

If you are doing a lot of slide presentations, you might be wondering how to share them, and how improve your "HEO" -- Human Engine Optimization. In other words:

How do the slideshow presentations look online?
Is black-on-white or white-on-black more legible?
What fonts are best? For plain-text? For computer code?
How do the different embeddings look like? How are the thumbnail images?
How does it look on a washed-out projector?

To help answer these questions I made a "font sampler" in both white-on-black and black-on-white versions, containing a number of different fonts sans-serif fonts suitable for presentations and monospace fonts for computer code. To my amazement, every service was correctly able to render every font I used.

SlideShare.net

SlideShare.net is still the gold standard for sharing presentations. It can import directly from PowerPoint, Keynote, and PDF, has lots of integration with social media, and has an active community.

Slide show font sampler, white on black

View more presentations from Nick Galbreath

Slide show font sampler, black on white

View more presentations from Nick Galbreath

Speakerdeck.com

Speakerdesk.com is offshoot from GitHub. It's quite snazzy, but it's still new and can't tell if it's orphaned or not (e.g. home page doesn't change, copyright says 2011 when it's June 2012, minor bugs here and there, where are the stats?). That said, the slide presentation and embedding is quite nice.

Scribd

Scribd can be repurposed for showing slides and presentations. It's quite nice, but as you can see it works a little differently.

Slide Show Font Sampler WoB

Slide Show Font Sampler BoW

Google Docs/Drive

One can upload PDF slide shows to Google Docs/Drive and share them that way. Google does not convert raw Keynote files, nor does it allow you to embed the doc in a web page. The PDF is converted to a series of images.