Home

Welcome to the Challenges wiki!

In a hurry? Refer to Quick-Start-Guide.

This repository contains a Visual Studio solution from 2015 which respond to some "challenges" set by a friend. When housekeeping my archive, I marked this as a keeper, and while I was re-hosting it on GitHub I decided to make it public.

So I have updated it to Visual Studio 2022 Version 17.0.5 and am now publishing it under GNU 3.0 public license for your enjoyment and re-use.

Who should use this?

1. This is primarily help for the Windows developer community. PeCoff is a de-facto standard format for executable programs over a wide range of operating systems. SID's are central to implementing any role-based security on Windows. This code gives you easy and accessible examples of working with each of these concepts.

2. If you need to reliably identify all the various types of executable code that you might encounter running on a computer system, then the PeCoffDecoder project will give you some insight about how to go about it, and it gives you a head start.

3. If you need to check and apply or extend controls based upon authorisations granted to subjects under the Windows security model, then the SidUtility project will also give you some tools to help you get started.

4. If you are a student, maybe thinking about a career in programming or maybe cyber security, ... well this is "old school", but that's often the best way to get started. Anybody with the right sort of curiousity can see this as a "modelling kit" and want to build it themselves and see how it works/runs. It IS FUN to step through execution under the debugger (if you are minded that way), and you will learn something about how computers work. You might need a primer in C# and C++ programming languages and do a tutorial to get started with Visual Studio, but hey it's all free.

5. If you know c and c++ from the past, but are a bit rusty, then PeCoffDecoder and its unit test is a small/modest but very accessible example of /std:c++14 with STL code. If you'd like to go further and see a rigorous example of /std:c++17 with STL and GSL (and general all round good design practices), then check out App3Dev.

6. If you know a bit of c#, but are fed-up struggling with the downward spiral of chaos arising from teams continuously "hand crafting" and extending their own bridge-work to native dlls, then the SidUtility project shows a way out. It demonstrates some simple hygiene rules/discipline, provides a link that will help you write good bridging code, and keeps things tidy (generally indicates how to keep your pinvokes organized and accessible).

7. If you aren't sure how best to do test-driven development, this solution contains a small example. It offers you a clean reusable extendable example, using (more or less) the orthodox unit test support from Microsoft. It is good to see that native and managed code tests co-exist in the same solution without that causing any tooling problems (well done the visual studio development team!).

8. utf8_assert.h demonstrates a way (a bridge) to extend utf8 string encoding to unit tests. This hides string encoding issues from the casual reader of unit tests, avoids a need for alertness and explicit string translations when using Microsoft's CppUnitTestFramework, and helps keep the c++ unit test write- and readability on a par with the c# tests. If you are curious about why utf8 encoding is a good idea check out cross cutting issues

How can I find out more?

This work is intended to be self-contained and self-explanatory. Please refer to these wiki pages, the project readme files, code and comments, for all the hints you need. I've done my best, but of course you may still need to puzzle!

Google is your (dubious) friend here.

HINT The Documentation folders in the downloaded projects both include "logbook.txt" files that walk you through my learning process, and are diaries describing how these program were developed, and what I (with my background) had to think about and research to rise to these challenges.