As I discussed in a previous post, connecting to MSSQL with Python in Lambda can be tricky. While I had solved this earlier with pyodbc, using pymssql / FreeTDS is an another option and I wanted to similarly share the build process for creating its respective Lambda layer. Here’s the multi-stage Dockerfile: FROM public.ecr.aws/lambda/python:3.9 as …
I always run with my phone on me, so accessing my home afterward has been convenient since installing MyQ W-Fi connected garage doors several years ago. No need to remember to carry a separate house key anymore and getting into my house is (usually) an app launch away. It has worked great, until one day …
Getting Python to connect to MSSQL in Lambda isn’t as simple as installing other dependencies via pip. For earlier versions of Lambda runtimes, I followed the pattern outlined in this gist which builds both unixODBC and pyodbc and prepares them for inclusion in a Lambda layer. This has worked well for me to date, but …
When my wife and I were expecting our first child, a good baby monitor was one of the top items on our shopping list. Most of the available options of course now include Wi-Fi, a mobile app, and cloud integration. When we decided on the Motorola Halo+, I knew it deserved a closer look before …
Microsoft Graph API supports a Subscription Resource type that manages their webhook implementation for delivering change notifications to clients. Subscriptions are enabled for several resources, including Outlook messages — this was a perfect fit for my need to manage incoming messages to a shared inbox in O365. At a high-level, an implementation looks like this: …
A couple of weeks ago, Netflix disclosed a number of resource exhaustion vulnerabilities (identified by Jonathan Looney) present in many third party HTTP/2 implementations. Notably, this directly affected h2 endpoints in Kubernetes (GoLang libraries net/http, x/net/http2) as well as other projects like nginx. Yes, it even has a logo. Though DoS weaknesses usually aren’t particularly …
For those unfamiliar with modern advertising tech, iFrame Busters are HTML files hosted on publisher sites which allow ad creatives to extend outside of their standard boundaries. These expandable creatives are typically easy to identify on a site — usually the most annoying ads shown on a page. Background The ad tech industry is quite …
While recently comparing cloud storage solutions, I was surprised to learn there are still companies offering unlimited storage plans. OpenDrive is one such company — not to be confused with the OpenDRIVE format specification — offering unlimited options for personal, business, and enterprise customers. In addition to traditional cloud storage, they also offer backup and content …
PNC is a large financial services company with operations in both consumer and corporate sectors, predominantly located in the eastern and central United States. While making some account changes with them a few months ago, I had to exchange numerous sensitive documents with various employees within the organization. While most of the process was pretty …
In part 1 of this series, I analyzed the firmware of the OBi200 and walked through exploiting some RCE vulns to pop a shell. In part 2, I covered the process of identifying and connecting to the board’s undocumented UART port to access the console. This post will cover cross-compiling 3rd party binaries from source …
