A short while ago I needed to implement a little web safe base64 en/decoder and couldn't find any good small example in the width of the internet, so I decided to do my own dirty one. I hope I help somebody with this  little demonstration code...

I used Pelles C Compiler to build this program, but I am optimistic that it works on every common C Compiler, since it's quite close to the C11 standard.

#include 
#include 
#include 
#include

#define MAX_B64_PADDING 0x2
#define B64_PAD_CHAR "="

char * Base64Encode(char *input, unsigned int inputLen);
char * Base64Decode(char *input, unsigned int inputLen);
static unsigned char GetIndexByChar(unsigned char c);

static char *b64alphabet = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_";

int main(int argc, char **argv) {

    if (argc != 2) {
        printf("Usage: %s StringToEncode\n", argv[0]);
        exit(EXIT_FAILURE);
    }
    printf("String \"%s\" to: " ,argv[1]);
    printf("%s\n", Base64Encode(argv[1], strlen(argv[1])));

    exit(EXIT_SUCCESS);
}

/* Caller has to free the returned base64 encoded string ! */
char *
Base64Encode(char *input, unsigned int inputLen)
{
    char *encodedBuf;
    int fillBytes, i, k, base64StrLen;
    unsigned char a0, a1, a2, a3;
    /* Make sure there is no overflow. RAM is cheap :) */
    base64StrLen = inputLen + (int)(inputLen * 0.45);

    encodedBuf = calloc(base64StrLen, sizeof(char));
    if (encodedBuf == NULL) {
        printf("calloc() failed …

Well, it has been a hell of a time since I updated my blog. Honestly, I was kind of unmotivated doing anything on my VPS, but recently I solved some old issues (setting up DNS server, general administration things on my ubuntu 12.04) and I thought: Yeah, it's definitely time to feed my countless readers (yeah, you just met the first time my irony) with new interesting nibbles. And since I am a more or less motivated Spanish student, I thought I could share my pros and cons with duolingo.com.

I started learning Spanish approximately 5 months ago, when I began my spontaneous planned trip to Costa Rica. I was brutally thrown into (at least compared to Europe) very poor country and took for 5 weeks Spanish classes. Retrospectively, I'd say that I learned pretty quick how to communicate and express myself, but I completly fucked up my understanding of the language on the long term, because I learned it on the incorrect way. Before I even understood what my discussion partner intented to say and would have exposed me therefore in a silly but perfectly normal situation when I requested the unknown word/sentence, where I would …

Have you ever wanted to know some strategies and hints how to be more successful in your daily work?

Well, here, i'll compile a list of thoughts and scenarios of effective working, which worked for me or seems to be at least reasonable in my future working career.

To illustrate and give an example for every wisdom, we use the example for a job assignment I could found myself in: The fictional job requires the accomplishment of a security audit of the employers content management system written in PHP. We have access to all sources, although the project is proprietary and is under a restrictive license.

1. Develop broad general knowledge.

The curios reader would ask now, why the hell do we need a proper general knowledge to scan a web application for programming errors which might weaken its security? Well, before you begin reading every line of code and do the formal, rather static part of your work, you'd better square the context of your task with your general knowledge: Where do the people, who wrote the application live at? Which language do the speak? What does the company which runs the cms exactly offer?

2. Work at least …

Hey World!

Before you leave!

This blog and homepage is under construction. Due the fact that Im currently implementing my own little wordpress theme and the rather embarassing circumstance that my design knowledge is pretty ...eehhm... basic, you'd better stay patient until you see the procution level of this blog...That can last several weeks.

I am a 21 year old german programmer and hopefully somewhen in the future a freelancing security consultant. In the foreseable future, I'll post here audit sessions, papers and tutorials on this blog. I would consider myself as a whitehat, so don't expect illicit stuff from me. My favourite programming languages are Python and C. Everything I do for myself and can be painless done in those programming languages, will be done in one of these.

Maybe you ask yourself what incolumitas.com means?

Well, it's the latin translation for safety and since every good domain name is already taken, I just switched to a different language (latin if you're curious) and a not so common word for safety. The DNS name matches perfectly my needs, because it points directly to the main intention of this site:

Offering security services.

You can hire me. Don't …