Regular expressions and Visual Studio

It can take a while to get to know how to use regular expressions well. After all most of us are used to


as our wild card language. It’s the old DOS style filtering that’s still used in windows to this day. Or perhaps you’re more used to SQL wild cards, eg:

‘%some text%’

Well, just because we didn’t have enough wild card standards now there’s regular expressions! They look more like:

^.*[a-zA-Z0-9 ]*

Regular expressions, though they do come with a bit of a learning curve, are actually a really great improvement on wild card languages. The biggest problem I’ve had with them so far is that the standard is not completely solid. The way they work in .Net, Java, Perl is very similar, but not exact! This can lead to some huge headaches when trying to write / port them.

One of the greatest features of Regular expressions is it’s ability to search and replace strings in files. If you’ve ever had a strange pattern that you needed to search for and didn’t know how, that’s where RegExp would come in.

Say you had a whole bunch of html that had href’s that looked like this:

<a href="/page?queryItem=1234">content</a>
<a href="/page?queryItem=125">content</a>
<a href="/page?queryItem=3456">content</a>
<a href="/page?queryItem=1289834">content</a>

and you were given a project that required those url’s change from
you would have allot of work on your hands! Well not any more. In Visual studio you can do a search and replace like this:
Find what:
Replace with:

What is happening here is the curly brackets {} are creating groups. These groups are numbered in the order they show up in the RegExp so the replace text is all just hardcoded text with two exceptions:
1) \1 this means use the content found in group 1 from the find
2) \. this is just the escape sequence for a period. A period in a RegExp means “any character” and must be escaped if you actually need a period.

What if you wanted to do it in another Regular expression parser you say? Well, it depends on the parser. I’ve found that the same replacement in another parser I regularly use requires the grouping not use curly braces {}, but round ones (). So the replacement would change to:

Find what:
Replace with:

That’s the only difference, of course it matters what your Regular expression contains. Some parsers require


if you want both upper and lower case, other parser allow one and call it case insensitive. In that case


are the same thing.

Best of luck with your Regular expressions.

Good reference:



If you’re new to programming you may not know what Recursion is.  Think file / folder structure in windows.  If you had to find every file in a folder and all it’s sub folders how would you do it?  Answer: recursion.

Here’s a handy little pattern snippit if you’re looking to do recursion on files / folders in .net:

        static void SomeRecursiveFunction(string sFolderPath)
            foreach (string sFile in System.IO.Directory.EnumerateFiles(sFolderPath))
                //Do work here
            foreach (string sDir in System.IO.Directory.EnumerateDirectories(sFolderPath))

OFCP – Offensive Security Certification

I joined a security mailing list some time ago, recently they got to talking about what the ‘best’ certification to get for security training is. A certification to be a professional hacker? Who knew there was such a thing? One of the most notable ones they mentioned was OFCP (Offensive Security Certification). I took a look at their website, there are a couple good demos on there and the price to get certified appears reasonable enough. Apparently passing the test is difficult with “90% of people failing the first time”, or so says one of the folks on the mailing list.

Check it out:

Here are a couple more sites they shared that look interesting:
Hacker High School

How to reset the Administrator password in Windows

Forgot your Administrator password? Or locked it out due to trying the wrong one too many times? This is the place for you.

I worked for a client recently that made a classic personnel mistake. After parting ways with a disgruntled employee they failed to change the Administrator password on their production server. This server is available publicly via remote desktop. As I was working on a issue for them one day I stopped being able to log in. It turns out their disgruntled employee had logged on and re-set their password, Oops!

If you find yourself in such a conundrum here is how I got them back into their machine. There is a great (free) app called PogoStick that you download as an ISO and burn to a CD, it’s available here: Just download it, burn it to a CD and then insert into the affected machine. Couple of notes here:
1) Be sure the machine your fixing is set up to boot from your CD rom first. This is done by going into your bios and finding the section related to boot devices. Every bios is different so that’s as specific of instructions as I can give.
2) Read through the screens. The app can do a number of things but many of them are experimental and some only work on certain versions of Windows. Play it safe and only reset the password to blank, setting it to a value didn’t work for me. Also be sure to unsuspend the id if it’s not already.
3) This one is important, and not so obvious in my opinion. After you’ve fixed the id you’re not done. You have to exit using the menu. It will eventually ask if you want to commit the changes to which you’ll answer (y)es.

That’s it. In case you’re not paying enough attention, you can now re-set the Administrator password from blank to some useful value in Windows itself. No need to use a command line app as I’ve heard some people have.

NOTE: If you need to reset an admin id on a domain controller that is an entirely different beast. The solution above works for local machine accounts only! If you want more info, or want to try to fix a account for a domain controller these look like useful websites. Caveat emptor though, it is possible to make the situation worse with some of these suggestions.
How to reset the Domain Admin Password under Windows 2003 Server
Unlocking Windows NT/2000/2003 Domain Controllers
Forgot your Windows password? No problems : Password resetting and recovering techniques

Syntax highlighting – Posting Source Code on WordPress

Crikey! I’ve finally found a good way to get syntax highlighting on my code posts on WordPress! Here is the WordPress article on the tag to use for syntax highlighting, thanks WP!

To summarize, to outline your code include this around it:

[sourcecode language=”css”]
your code here

where language can be many things (check the link for a full list), these are some:
sql, csharp, vb, xml, javascript, java, html, css, powershell

This code highlighter is pretty neat, it’s client side JavaScript that does the highlighting. Written by Alex Gorbatchev, available on his site here. I have noticed a couple bugs in the sql parser, but overall I quite like it.

SQL Server – Get data between two dates

This is the SQL to get data between two dates, I know lots of people find datediff() confusing so this is a nice cut and paste script to have handy:

select * from
where datediff(day,'2011-06-27 12:28:34.480',theDate)>=0 and
datediff(day,'2011-06-28 12:28:34.480',theDate)<=0

The first date in that string is the start date and the second is the end date. You can change the ‘day’ parameter to any amount you wish (second, month, year). You should always use datediff() to get the difference between dates in SQL Server as it will handle issues like 30, 31 and 28 day months, leap years, etc. datediff() is odd in that if you run this:

select datediff(day,'2011-06-27 12:28:34.480','2011-06-28 12:28:34.480')

It will give you a whole number, in this case 1. So when the left side is less than the right side we get positive numbers. This seems backwards to the more natural seeming syntax of greater than / less than:
select * where date1 > date2
Unfortunately you can’t use greater than / less than, this is because even though they work, they will compare down to the nanosecond, which is not generally what we want.

If you need to do this in your .Net dataset here are two examples of how to do it. Two because the way you write your query will vary depending on what database driver you’re using.

For SQL Server 2000:

select * from
where datediff(day,?,theDate)>=0 and

For SQL Server 2005+:

select * from
where datediff(day,@StartDate,theDate)>=0 and

Remember that if you have issues the default way to use this is with question (?) marks. Question marks were used to denote parameters all the way back to ADO in VB 6. The downside of using question marks is your parameters must be added to your code in the order they are in the query. (In Oracle they always have to be added in the order of parameters in the query, despite being named. Unless they’ve fixed that since I last used the Oracle driver).