Network Programming in .NET

The UK have a very open attitude to their Company registration data, they have bulk data downloads, and a very open API that allows you to read lots of public domain data about UK companies. This is an example in C# that uses this API to return a list of officers (Board memebers) of a UK company, given a UK company number.

private static List GetOfficers(string companyNumber)
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var strUrl = “https://api.companieshouse.gov.uk/company/{0}/officers”;
strUrl = string.Format(strUrl, companyNumber);
var credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(“xxxxxxxx:”));
var wc = new WebClient();
wc.Headers[HttpRequestHeader.Authorization] = string.Format(“Basic {0}”, credentials);
try
{
var strResult = wc.DownloadString(strUrl);
var jResult = JObject.Parse(strResult);
return jResult[“items”].Select(jOfficer => new Officer(jOfficer)).ToList();
}
catch (WebException ex)
{
var resp = new StreamReader(ex.Response.GetResponseStream()).ReadToEnd();
Console.WriteLine(resp);
return null;
}
}

You will need your own API key, and change the “xxxxxxxx” in the code above. Also, you’ll need to implement your own Officer class, which is outside the scope of this example.

If you are providing a freemium service online, and you find yourself giving away repeated free trials to users registering with disposable email addresses, then you can find yourself loosing money.

There will always be a cat-and-mouse game between service providers and disposable email address providers, so this particular “mouse trap” will not last long. However, I do welcome comments on other temp email providers, and detection mechanisms

Most temporary email addresses can be spotted by using a simple (long) list of known domains, which you can get from github here; https://gist.github.com/adamloving/4401361

However, certain providers, such as temp-mail.org register new domains every day, so yesterday’s domains are already obsolete. So, for the cost of a few thousand domain registrations a year, they can bypass most static detection.

If you check the Whois of the domains registered by this company, you can see that the domains they use are only 5 days old, i..e they are registered, then used on their website within 5 days, then disposed. They also use DNSOwl as a nameserver, which is operated by NameSilo, but is shared by a million other domains, so this could lead to false positives. – see https://securitytrails.com/list/ns/ns1.dnsowl.com

However, what I discovered is that the mail. subdomain points to the IP address 89.38.99.80, which appears to be their hosting provider, WorldStream BV. The mail. subdomain, is not necessarily their MX (Mail Exchanger), but the domain seems to be present. This could be a default DNS setup, but it’s a give away, and specific enough that it’s unlikely to lead to many false positives.

Here’s some C# code to check this

private void CheckForBlacklistedMX(string domain)
{
try
{
var address = System.Net.Dns.GetHostAddresses(“mail.” + domain)[0].ToString();
if (address != “89.38.99.80”) return; // black-listed https://temp-mail.org/en/
… Do something to warn user.
}
catch {}
}

If you’re trying to run a Flask based Python Web app in IIS, and you get the following error,

Traceback (most recent call last):
File “C:\Python37\wfastcgi.py”, line 790, in main
env, handler = read_wsgi_handler(response.physical_path)
File “C:\Python37\wfastcgi.py”, line 630, in read_wsgi_handler
handler = get_wsgi_handler(os.getenv(“WSGI_HANDLER”))
File “C:\Python37\wfastcgi.py”, line 613, in get_wsgi_handler
raise ValueError(‘”%s” could not be imported%s’ % (handler_name, last_tb))
ValueError: “index.app” could not be imported: Traceback (most recent call last):
File “C:\Python37\wfastcgi.py”, line 597, in get_wsgi_handler
handler = __import__(module_name, fromlist=[name_list[0][0]])
File “.\index.py”, line 1, in <module>
from flask import Flask
ModuleNotFoundError: No module named ‘flask’

Then, here was my solution.

1. Activate the virtualenv by typing myApp\Flask\Scripts>activate
2. open a Python terminal, by typing python
3. type import sys
4. type print(sys.path)
5. Copy all the paths (remove the escaping, and put ;’s instead of commas)
6. Go to IIS > FastCGI Settings > Edit > Environment variables
7. Then enter all the paths into the PYTHONPATH variable.

For reference, here is the github repo:

https://github.com/infiniteloopltd/HelloWorldFlask