Skip to content

Commit

Permalink
better organization
Browse files Browse the repository at this point in the history
  • Loading branch information
@kelvinrfr
kelvinrfr committed Jan 20, 2022
1 parent c84cce8 commit c23d009
Show file tree
Hide file tree
Showing 11 changed files with 174 additions and 115 deletions.
132 changes: 17 additions & 115 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,127 +1,29 @@
# docs
Repo to hold important notes, links and guides to help throughout the carrer

# GENERAL RESEARCH
## CERTIFICATES
1. [How to generate certificates](/certificates/how_to_generate_certificates.md)

## .NET FORMS AUTHENTICATION & SESSION
### Forms Authentication cookie and Ticket
https://support.microsoft.com/en-ca/help/910443/understanding-the-forms-authentication-ticket-and-cookie
## DOCKER
1. [How to run bash on docker container](/docker/how_to_run_bash_in_container.md)
1. [How to run specific docker step](/docker/how_to_run_docker_step.md)

### FormsAuthentication cookieless
With cookieless forms authentication, if the browser is closed, the ticket is lost and a new ticket will be generated on the next request. - https://docs.microsoft.com/en-us/dotnet/api/system.web.configuration.formsauthenticationconfiguration.cookieless?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Configuration_FormsAuthenticationConfiguration_Cookieless
## ENTITY FRAMEWORK
1. [How to run Entity Framework migrations](/entity_framework/how_to_run_migrations.md)

### Forms Authentication Ticket class
IsPersistent = true if a durable cookie (a cookie that is saved across browser sessions) was issued; otherwise, false. - https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthenticationticket?redirectedfrom=MSDN&view=netframework-4.8
## COOKIES
1. [.NET FORMS AUTHENTICATION & SESSION](/cookies/net_forms_authentication_n_session.md)

### SAME SITE COOKIE
https://web.dev/samesite-cookies-explained/

### Types of cookies
- There are two different types of cookies - session cookies and persistent cookies. If a cookie does not contain an expiration date, it is considered a session cookie. Session cookies are stored in memory and never written to disk. When the browser closes, the cookie is permanently lost from this point on. If the cookie contains an expiration date, it is considered a persistent cookie. On the date specified in the expiration, the cookie will be removed from the disk. - https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117925-technote-csc-00.html#:~:text=If%20a%20cookie%20does%20not,is%20considered%20a%20persistent%20cookie.
## GIT
1. [How to perform empty commit](/git/how_to_empty_commit.md)
1. [How to manage git configuration (username/email)](/git/how_to_manage_config.md)

### SameSite=Lax not possible for NET < 4.7.2
Strict (http header) https://docs.microsoft.com/en-us/aspnet/samesite/system-web-samesite#net-versions-earlier-than-472
## MYSQL
1. [How to insert blob](/mysql/how_to_insert_blob.md)

### SESSION STATE https://docs.microsoft.com/en-us/dotnet/api/system.web.sessionstate.httpsessionstate?view=netframework-4.8#remarks
- ASP.NET provides session-state management to enable you to store information associated with a unique browser session across multiple requests.
- Session data is associated with a specific browser session using a unique identifier. By default, this identifier is stored in a non-expiring session cookie in the browser
- Sessions are started during the first request and session values will persist as long as a new request is made by the browser before the number of minutes specified in the Timeout property pass
- Session state does not persist across ASP.NET application boundaries. If a browser navigates to another application, the session information is not available to the new application.
- Session values are stored in memory on the Web server, by default. [..]

### SESSION ABADON https://docs.microsoft.com/en-us/dotnet/api/system.web.sessionstate.httpsessionstate.abandon?view=netframework-4.8#remarks
- Session identifiers for abandoned or expired sessions are recycled by default.
- That is, if a request is made that includes the session identifier for an expired or abandoned session, a new session is started using the same session identifier. You can disable this by setting regenerateExpiredSessionId attribute of the sessionState configuration element to true.
### SESSION ID https://docs.microsoft.com/en-us/dotnet/api/system.web.sessionstate.httpsessionstate.sessionid?view=netframework-4.8#remarks
- The SessionID property is used to uniquely identify a browser with session data on the server.
The SessionID value is randomly generated by ASP.NET and stored in a non-expiring session cookie in
the browser. The SessionID value is then sent in a cookie with each request to the ASP.NET application.
- The SessionID is sent between the server and the browser in clear text, either in a cookie or in the URL.
As a result, an unwanted source could gain access to the session of another user by obtaining the SessionID
value and including it in requests to the server. If you are storing private or sensitive information in session
state, it is recommended that you use SSL to encrypt any communication between the browser and server
that includes the SessionID.
- When using cookie-based session state, ASP.NET does not allocate storage for session data until the Session object is used.
As a result, a new session ID is generated for each page request until the session object is accessed. If your
application requires a static session ID for the entire session, you can either implement the Session_Start method
in the application's Global.asax file and store data in the Session object to fix the session ID,
or you can use code in another part of your application to explicitly store data in the Session object.

# JSON Web Encryption (JWE)
https://tools.ietf.org/html/rfc7516#page-15
https://openid.net/specs/draft-jones-json-web-encryption-02.html

# GIT
-- empty commit
```
git commit --allow-empty -m "Commit with empty content" && git push
```

# DOCKER
```
docker build -t image . --no-cache
docker container run -e ENV_VAR="value" --rm -p 3001:80 --name container_name image_name:latest
docker container exec -it [container] "/bin/bash"
```

## RUN A SPECIFIC STEP ON DOCKER
```
docker build -t image-tag:test --target=test .
docker run image-tag:test
docker build -t temp-test:test --target=test . & docker run temp-test:test
```
## POWERSHELL
1. [Powershell commands](/powershell/powershell_commands.md)

## REDIS
```
docker run --name my-redis -d redis redis-server --appendonly yes
docker container run -p 6379:6379 redis -d
docker container exec -it my-redis "/bin/bash"
redis-cli
127.0.0.1:6379> set farhad likes:stackoverflow
OK
127.0.0.1:6379> get farhad
"likes:stackoverflow"
```

## MiB Mebibyte
one mebibyte is equal to 1048576 bytes
512 MiB = 536,870,912 bytes


# ENTITY FRAMEWORK MIGRATIONS
```
add-migration MIGRATION_NAME >> adds a new migratin
dotnet ef migrations add MIGRATION_NAME -o OUTPUT_PATH -c DB_CONTEXT_NAMESPACE
remove-migration >> remove the latest migration
update-database >> updates the current database with the latest migration version on the project selected
update-database MIGRATION_NAME >> rollback/upgrade current database with this migration version
dotnet ef migrations script <FROM> <TO> -o OUTPUT_FILE_PATH -c CONTEXT
```

# CERTIFICATES
```
openssl genrsa -out privatekey.pem 1024 --SHA-1
openssl genrsa -out privatekey.pem 2048 --SHA-256
openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 10000
openssl pkcs12 -export -out public_privatekey.pfx -inkey privatekey.pem -in publickey.cer
```

# GET HEX (Powershell)
```
$ Format-Hex .\pfx\publickey.cer
```

# INSERT BLOB MYSQL
```
SELECT UNHEX('HEX STRING');
```

# Encode bytes
```
$FilePath = "c:\setup\foo.exe"
$File = [System.IO.File]::ReadAllBytes($FilePath);
$Base64String = [System.Convert]::ToBase64String($File);
```
1. [How to run redis through docker](/redis/how_to_run_redis_through_docker.md)
9 changes: 9 additions & 0 deletions certificates/how_to_generate_certificates.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# How to generate certificates

To create certificate files use `openssql`
```
openssl genrsa -out privatekey.pem 1024 --SHA-1
openssl genrsa -out privatekey.pem 2048 --SHA-256
openssl req -new -x509 -key privatekey.pem -out publickey.cer -days 10000
openssl pkcs12 -export -out public_privatekey.pfx -inkey privatekey.pem -in publickey.cer
```
45 changes: 45 additions & 0 deletions cookies/net_forms_authentication_n_session.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
# .NET FORMS AUTHENTICATION & SESSION

## Forms Authentication cookie and "Ticket"
https://support.microsoft.com/en-ca/help/910443/understanding-the-forms-authentication-ticket-and-cookie

## FormsAuthentication cookieless
With cookieless forms authentication, if the browser is closed, the ticket is lost and a new ticket will be generated on the next request - https://docs.microsoft.com/en-us/dotnet/api/system.web.configuration.formsauthenticationconfiguration.cookieless?redirectedfrom=MSDN&view=netframework-4.8#System_Web_Configuration_FormsAuthenticationConfiguration_Cookieless

## Forms Authentication Ticket class
`IsPersistent = true` if a durable cookie (a cookie that is saved across browser sessions) was issued; otherwise, false. - https://docs.microsoft.com/en-us/dotnet/api/system.web.security.formsauthenticationticket?redirectedfrom=MSDN&view=netframework-4.8

## Types of cookies - SESSION and PERSISTENT
- There are two different types of cookies - session cookies and persistent cookies. If a cookie does not contain an expiration date, it is considered a session cookie. Session cookies are stored in memory and never written to disk. When the browser closes, the cookie is permanently lost from this point on. If the cookie contains an expiration date, it is considered a persistent cookie. On the date specified in the expiration, the cookie will be removed from the disk. - https://www.cisco.com/c/en/us/support/docs/security/web-security-appliance/117925-technote-csc-00.html#:~:text=If%20a%20cookie%20does%20not,is%20considered%20a%20persistent%20cookie.

## SAME SITE COOKIE
https://web.dev/samesite-cookies-explained/

### SameSite=Lax not possible for NET < 4.7.2
Strict (http header) https://docs.microsoft.com/en-us/aspnet/samesite/system-web-samesite#net-versions-earlier-than-472

## SESSION STATE https://docs.microsoft.com/en-us/dotnet/api/system.web.sessionstate.httpsessionstate?view=netframework-4.8#remarks
- ASP.NET provides session-state management to enable you to store information associated with a unique browser session across multiple requests.
- Session data is associated with a specific browser session using a unique identifier. By default, this identifier is stored in a non-expiring session cookie in the browser
- Sessions are started during the first request and session values will persist as long as a new request is made by the browser before the number of minutes specified in the Timeout property pass
- Session state does not persist across ASP.NET application boundaries. If a browser navigates to another application, the session information is not available to the new application.
- Session values are stored in memory on the Web server, by default. [..]

## SESSION ABADON https://docs.microsoft.com/en-us/dotnet/api/system.web.sessionstate.httpsessionstate.abandon?view=netframework-4.8#remarks
- Session identifiers for abandoned or expired sessions are recycled by default.
- That is, if a request is made that includes the session identifier for an expired or abandoned session, a new session is started using the same session identifier. You can disable this by setting regenerateExpiredSessionId attribute of the sessionState configuration element to true.

## SESSION ID https://docs.microsoft.com/en-us/dotnet/api/system.web.sessionstate.httpsessionstate.sessionid?view=netframework-4.8#remarks
- The SessionID property is used to uniquely identify a browser with session data on the server.
The SessionID value is randomly generated by ASP.NET and stored in a non-expiring session cookie in
the browser. The SessionID value is then sent in a cookie with each request to the ASP.NET application.
- The SessionID is sent between the server and the browser in clear text, either in a cookie or in the URL.
As a result, an unwanted source could gain access to the session of another user by obtaining the SessionID
value and including it in requests to the server. If you are storing private or sensitive information in session
state, it is recommended that you use SSL to encrypt any communication between the browser and server
that includes the SessionID.
- When using cookie-based session state, ASP.NET does not allocate storage for session data until the Session object is used.
As a result, a new session ID is generated for each page request until the session object is accessed. If your
application requires a static session ID for the entire session, you can either implement the Session_Start method
in the application's Global.asax file and store data in the Session object to fix the session ID,
or you can use code in another part of your application to explicitly store data in the Session object.
9 changes: 9 additions & 0 deletions docker/how_to_run_bash_in_container.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# How to run bash in docker container

Offen we need to start the docker container and run the bash CLI on it to check and query the image that is being built. The steps bellow translate how to do that.

```
docker build -t image . --no-cache
docker container run -e ENV_VAR="value" --rm -p 3001:80 --name container_name image_name:latest
docker container exec -it [container] "/bin/bash"
```
9 changes: 9 additions & 0 deletions docker/how_to_run_docker_step.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
## How to run specific docker step

To run specific docker steps we can run the following commands

```
docker build -t image-tag:test --target=test .
docker run image-tag:test
docker build -t temp-test:test --target=test . & docker run temp-test:test
```
27 changes: 27 additions & 0 deletions entity_framework/how_to_run_migrations.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
# How to run Entity Framework migrations

To add migration
```
add-migration MIGRATION_NAME >> adds a new migratin
dotnet ef migrations add MIGRATION_NAME -o OUTPUT_PATH -c DB_CONTEXT_NAMESPACE
```

To remove the latest migration
```
remove-migration
```

Updates the current database with the latest migration version on the project selected
```
update-database
```

rollback/upgrade current database with this migration version
```
update-database MIGRATION_NAME
```

Translate migrations to SQL script
```
dotnet ef migrations script <FROM> <TO> -o OUTPUT_FILE_PATH -c CONTEXT
```
7 changes: 7 additions & 0 deletions git/how_to_empty_commit.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# How to perform empty commit

Empty commit is sometimes necessary to trigger something based on commit or to just test permissions.

```
git commit --allow-empty -m "Commit with empty content" && git push
```
19 changes: 19 additions & 0 deletions git/how_to_manage_config.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
# How to manage git configuration (username/email)

To list the current repository configuration
```
git config -l
```

To list global configuration
```
git config --global -l
```

To set username and email
```
git config --global user.name "Your Name"
git config --global user.email "[email protected]"
```

IMPORTANT: emails and usernames are exposed publically on github history
6 changes: 6 additions & 0 deletions mysql/how_to_insert_blob.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# How to insert blob

Transform the blob into a HEX string first and then UNHEX.
```
SELECT UNHEX('HEX STRING');
```
12 changes: 12 additions & 0 deletions powershell/powershell_commands.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Powershell Commands

## GET HEX
```
$ Format-Hex .\pfx\publickey.cer
```
## Encode bytes
```
$FilePath = "c:\setup\foo.exe"
$File = [System.IO.File]::ReadAllBytes($FilePath);
$Base64String = [System.Convert]::ToBase64String($File);
```
14 changes: 14 additions & 0 deletions redis/how_to_run_redis_through_docker.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
## How to run redis through docker

Its possible to run redis on any machine using docker containers. So its possible to start the redis container image and then start bash, and then start redis cli.

```
docker run --name my-redis -d redis redis-server --appendonly yes
docker container run -p 6379:6379 redis -d
docker container exec -it my-redis "/bin/bash"
redis-cli
127.0.0.1:6379> set farhad likes:stackoverflow
OK
127.0.0.1:6379> get farhad
"likes:stackoverflow"
```

0 comments on commit c23d009

Please sign in to comment.