| ''' | |
| Based on https://gist.github.com/enjalot/2904124 (in Python 2) -> quick-migrated to Python 3 | |
| Usage: python server-cors | |
| ''' | |
| import http.server as httpserver | |
| class CORSHTTPRequestHandler(httpserver.SimpleHTTPRequestHandler): | |
| def send_head(self): | |
| """Common code for GET and HEAD commands. |
| gcloud --project $project container clusters list --format json \ | |
| | jq -r '.[] | "\(.name):\(.location)"' \ | |
| | xargs -I @ bash -c \ | |
| "name=\$(echo @ | cut -d ':' -f 1) \ | |
| && region=\$(echo @ | cut -d ':' -f 2) \ | |
| && gcloud --project $project container clusters get-credentials \$name --region \$region" |
java -jar /home/expert/work/tools/apktool.jar d [email protected]android:networkSecurityConfig="@xml/network_security_config" attribute to application element.<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config>
If you are getting this in gdb on macOS while trying to run a program:
Unable to find Mach task port for process-id 57573: (os/kern) failure (0x5).
(please check gdb is codesigned - see taskgated(8))gdbc)
The last few days I solved the first levels of Nebula. Nebula is an exploit exercise which consists of twenty levels. The level zero to eight where no real trouble. The level09 drove me crazy. I never wrote serious php code so I was not able to solve the string injection without cheating. For [level10] I gave up a bit too early as-well, after the first hint about TOCTOU (time-of-use to time-of-check) made me solve this with two simple bash scripts.
For the Level 11 flag cheating was no option for me. This walk through describes how I did solve this exercise. The description of this exercise states the following:
The /home/flag11/flag11 binary processes standard input and executes a shell command. There are two ways of completing this level, you may wish to do both :-) To do this level, log in as the level11 account with th
| #!/usr/bin/env python2 | |
| import SimpleHTTPServer | |
| import SocketServer | |
| import logging | |
| PORT = 8000 | |
| class GetHandler(SimpleHTTPServer.SimpleHTTPRequestHandler): |
I’m a web app that wants to allow other web apps access to my users’ information, but I want to ensure that the user says it’s ok.
I can’t trust the other web apps, so I must interact with my users directly. I’ll let them know that the other app is trying to get their info, and ask whether they want to grant that permission. Oauth defines a way to initiate that permission verification from the other app’s site so that the user experience is smooth. If the user grants permission, I issue an AuthToken to the other app which it can use to make requests for that user's info.
Oauth2 has nothing to do with encryption -- it relies upon SSL to keep things (like the client app’s shared_secret) secure.
To setup your computer to work with *.test domains, e.g. project.test, awesome.test and so on, without having to add to your hosts file each time.
| Latency Comparison Numbers (~2012) | |
| ---------------------------------- | |
| L1 cache reference 0.5 ns | |
| Branch mispredict 5 ns | |
| L2 cache reference 7 ns 14x L1 cache | |
| Mutex lock/unlock 25 ns | |
| Main memory reference 100 ns 20x L2 cache, 200x L1 cache | |
| Compress 1K bytes with Zippy 3,000 ns 3 us | |
| Send 1K bytes over 1 Gbps network 10,000 ns 10 us | |
| Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD |
