All posts by Sebastian Solnica

About Sebastian Solnica

My name is Sebastian Solnica and I work as a System Engineer. I am deeply interested in debugging, profiling and application security (mainly .NET and Windows). I have also published some OSS projects, usually small, command line tools, aimed at helping diagnose various problems in applications. You may find them on my GitHub page:

Minidumper – A Better Way to Create Managed Memory Dumps

This is a repost of my article, originally published on CodeProject on 24 May 2016.

The Story of a Memory Dump

Memory dumps are a common way to diagnose various problems with our applications (such as memory leaks or application hangs). You may think of them as photos which allow you to have a look at the past and notice all the details you might have missed. There are different types of memory dumps which we may compare to different types of photos we take:

  • minimal – focus is on one element (such as an exception) and the whole background is blurry, they take very little space on the hardrive (eg. 2MB)
  • minidumps with thread and process data/heaps/stacks/exception data, etc. – depending on how many options we choose, they might be very detailed high-resolution pictures or very blurry ones, the range of space they take can vary from tens of MBs to several GBs
  • full memory dumps – those can be compared to high-resolution pictures, they are as big as the whole process committed virtual memory

Continue reading Minidumper – A Better Way to Create Managed Memory Dumps

Debug.Assert Everyone!

Every developer knows that unit testing improves the quality of the code. We also profit from static code analysis and use tools such as SonarQube in our build pipelines. Yet, I still find that many developers are not aware of a much older way of checking the validity of the code: assertions. In this post, I will present you the benefits of using assertions, as well as some configuration tips for .NET applications. We will also learn how .NET and Windows support them.

Continue reading Debug.Assert Everyone!

Few facts about OutputDebugString and default settings of the System.Diagnostics.Trace

I recently spent some time analyzing OutputDebugString method. For my another experiment I needed a version of OutputDebugString which depends only on Native API. While implementing it, I discovered few interesting facts about OutputDebugString that maybe will interest you too. The title mentions System.Diagnostics.Trace. It is because the default trace configuration in .NET sends trace messages to an instance of the DefaultTraceListener class, which uses OutputDebugString. And if you do not remove it explicitly from the trace listener collection, your logs will always go through it. You will later see why sometimes it might not be a good idea.

Continue reading Few facts about OutputDebugString and default settings of the System.Diagnostics.Trace

Wtrace 2.2

On the occasion of releasing wtrace 2.2, I decided to write a short post about new functionalities I added to this tool in the recent months. I hope you will find them interesting. Wtrace is a command line application which collects ETW traces from the system and the selected processes and outputs them to the console. It is very simple to use and runs on Windows 7+. Currently, it supports the collection of File I/O, TCP, ALPC, RPC, ISR, DPC, and PowerShell events.

Continue reading Wtrace 2.2

Performing Padding Oracle Attack from PowerShell

In the previous post we created a sample ASP.NET application, which performs encryption in an old, unsecured way (without signature). Its source code is available in my blog samples repository. To run the application execute the runiis.bat file – you must have IIS Express installed on your machine. If everything starts correctly you should see in your browser this beautiful page:


Continue reading Performing Padding Oracle Attack from PowerShell

Case of Unresolvable IPv4 Addresses in IIS

One of my colleagues at work was struggling with a peculiar problem on his machine. Whenever he tried to access the address of his test project: http://my.project:8080 he was getting connection refused error (my.project points to in the hosts file). The same error appeared when we opened the address:


Continue reading Case of Unresolvable IPv4 Addresses in IIS

Extracting Service Principal Credentials in VSTS

When we need to deploy an application to Azure from VSTS (Visual Studio Team Services), we use the Azure tasks prepared by Microsoft. These tasks require a contributor account in Azure AD to make changes to your subscription. As this account is not a regular user account but an application account we call it a Service Principal. A very basic build pipeline might look as follows:


The “Azure App Service Deploy” task is an example of a task that will use a Service Principal account to update your App Service in Azure. VSTS makes it easy to create the Service Principal account; it also automatically assigns a contributor role in your subscription to this newly created account. When you want to have full control over your Azure AD you may manually create an App Registration (another name for the Service Principal) in the portal and give it the required rights. You will also need a key to authenticate the service in Azure:


In the next step, you create a new Azure Resource Manager Service Endpoint, providing all the collected information:

Continue reading Extracting Service Principal Credentials in VSTS