Archive for November, 2020

Using #ARP to determine other devices on your users network.

ARP is a low level protocol, that is used to provide mapping between IP addresses and MAC (Hardware) addresses. Using a command such as “Arp -a” on Windows will determine what devices are on the network.

From the MAC address, it it possible to determine the manufacturer of the Device, such as in this case, 3C-15-C2-* is Apple. So this could be a mac, or an iPhone, or an apple TV.

The interesting thing is that the Arp table is available on Android without Rooting, by reading the file


This means that any android app, could build up a picture of it’s users home devices, once connected to the home WIFI.

This means, that an advertiser could tell what type of printer you have, to advertise the right brand of Ink.

If your phone connects to multiple networks, it could build up a picture of your Office network. How many computers are at your office? – Is it a design studio with 50 apple macs ?

iOS has the ARP cache locked down to developers, and in my mind, rightly so.

Categories: Uncategorized

Unspecified error when connecting to a Network Share on Windows 10 #Emtec

There is probably a million fixes for this online, but perhaps this may be one of the more obscure fixes. I got a new network hard drive, from Emtec, which would connect to every other device in the house (mac, old PC, Android TV, Apple TV) but not my main Windows PC. So why?

Not a very helpful error message, when I simply tried to connect to \\emtec, since I just got a “Unspecified error”. I could ping the device, and even the path \\emtec\data worked, but this didn’t grant write access.

So when I tried \\emtec\WiFiDisk1_Volume1 it told me that it was using a deprecated version of SMB, SMB 1 instead of SMB 2. Thankfully, this was at last a meaningful error message, so I could use “Add Windows Features” to add SMB 1 support to my PC, and it finally worked.

A lesson for developers … give descriptive error messages. Something may seem super-obvious to you, but if you just swallow the error, then you give your end users nothing to go on.

I can’t say if the problem is with Emtec, using an old version of SMB, or with Windows for not describing the error properly. But the easier fix would be at the Windows level.

Categories: Uncategorized

Evaluate #Javascript in the cloud with #AWS #Lambda


Evaluating Javascript on the server side is a bit of an unusual ask, but perhaps you have an application that you’d like to be highly user-configurable, like you want to support fields that are supplied as complex mathematical formulae, or with complex if/else conditions.

Now, this opens a Pandora’s box of problems. What happens if someone writes malicious or simply bad code that could potentially damage or expose private data on your server, in which case, it’s good to run this in an isolated environment like Lambda (Running under a least-privilege IAM Role)

So, I first create a super simple lambda function as follows

exports.handler = async (event) => {
     const response = {
         statusCode: 200,
         body: JSON.stringify(eval(event.body)),
     return response;

And then create an API gateway as a Trigger, which means that I can now evaluate Javascript on the server side, using a CURL command as follows;

curl -X POST "" -d "1+5" -H "Content-Type: application/json"

Where xxxx is dynamically assigned during the API gateway setup, and eval was the name of my Lambda function

The result of “1+5” is returned as “6” in the response.

Now, be aware, that the inner workings of your lambda can be exposed by executing Javascript like “process.env”, but as long as the Lambda itself has little permissions, then the damage it can do is limited also. Also, the running time and memory limits are capped, so it is unlikely to cost much.

Categories: Uncategorized

CRUD with #AWS #DynamoDB in .NET Core

One of the true benefits of DynamoDB is that it’s great for mini-projects, where you have to run on virtually zero budget. It doesn’t charge per-hour like the amazon RDS options, or Document DB options. It charges per storage >25GB and per million requests.

So, I set up a DynamoDB via the UI, and named it “test”. It’s much better if you name this something more meaningful, but I was just messing. I added a primary key of ID which is a number.

Then, as you create a new .NET Core project, you’ll need a Nuget package as follows;

Install-Package AWSSDK.DynamoDBv2

So with any Database, the first thing is to connect to it, which you’ll need to set up your IAM credentials, and then write some code like;

var credentials = new BasicAWSCredentials(AWS_USER, AWS_KEY);
 var client = new AmazonDynamoDBClient(credentials, RegionEndpoint.EUWest1);
 var tableResponse = client.ListTablesAsync().Result;
 var context = new DynamoDBContext(client);

I’ve written everything synchronously here, not best design, but it makes it easy to follow the flow. The ListTablesAsync is optional, but helps verify that it’s working.

The Object I defined, named “test” is as follows;

class test
     public int id { get; set; }
     public string animal { get; set; }


context.SaveAsync(new test {id = 4, animal = "Frog"}).Wait();


var conditions = new List
     new ScanCondition("id", ScanOperator.Equal, 4)
 var allDocs = context.ScanAsync(conditions).GetRemainingAsync().Result;
 allDocs.ForEach(t => Console.WriteLine(t.animal));


context.SaveAsync(new test { id = 4, animal = "Lion" }).Wait();


context.DeleteAsync(new test {id = 4, animal = "Lion"}).Wait();

Categories: Uncategorized

Send #APNS #Push notifications using #RapidAPI

TLDR; Go Here:

This is a simple tutorial to send an APNS (Apple Push Notification Service), to production using C# (RestSharp) and Rapid API. It uses HTTP/2, so will continue to work after the March 31st deadline.

To do this, you will need:

  • The P12 production certificate, and it’s password
  • An APNS token of an iOS app, that has subscribed to push notifications.
  • A subscription Key to this RapidAPI service.

Create a new project in Visual Studio, and add your p12 certificate to the project. Change it’s build properties to “copy always”.

From the Package management panel, Install Rest Sharp via Nuget with “Install-Package RestSharp”

Add the following code;

public static string Push(string destination, string message, string certFile, string certPassword, string rapidApiKey)
            var certificate = File.ReadAllBytes(certFile);
            var client = new RestClient("");
            var request = new RestRequest(Method.POST);
            request.AddHeader("x-rapidapi-key", rapidApiKey);
            request.AddHeader("x-rapidapi-host", "");
            var response = client.Execute(request);
            return response.Content;

The calling code will be up to you, but it will be in the form;

        var destination = "8ec378164725d019fce12c420cea7......";
        var message = "hello, this is rapidAPI!";
        var certPassword = "XXXXX";
        var certFile = "XXXXX.p12";
        var rapidApiKey = "PUB#XXXXXXXX";
        var pushResponse = Push(destination, message, certFile, certPassword, rapidApiKey);
Categories: Uncategorized
%d bloggers like this: