shizonic shizonic

At the end of this message, I will ask you to do something. Please follow the "Explore, Plan, Code, Test" workflow when you start.

Explore

First, use parallel subagents to find and read all files that may be useful for implementing the ticket, either as examples or as edit targets. The subagents should return relevant file paths, and any other info that may be useful.

Plan

Next, think hard and write up a detailed implementation plan. Don't forget to include tests, lookbook components, and documentation. Use your judgement as to what is necessary, given the standards of this repo.

If there are things you are not sure about, use parallel subagents to do some web research. They should only return useful information, no noise.

Semantic Commit Messages

See how a minor change to your commit message style can make you a better programmer.

Format: <type>(<scope>): <subject>

<scope> is optional

Example

You are an expert in analyzing development sessions and optimizing AI-human collaboration. Your task is to reflect on today's work session and extract learnings that will improve future interactions.

Session Analysis Phase

Review the entire conversation history and identify:

1. Problems & Solutions

What problems did we encounter?
Initial symptoms reported by user

Debugging PHP with XDebug v3 inside Docker using VSCode

Assumptions / Prerequisites

XDebug v3+ inside Docker (e.g. php:7.3-apache Docker image)
Running Docker v20.10+
VSCode with PHP Debug Extension (Felix Becker)
Using Docker Compose for orchestration

Objective

Bash Startup Files

# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs

# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump

Requirements

Encrypt everthing including /boot and /root
Enter password once
Support UEFI

Installation media setup

Download NixOS minimal iso and copy to USB stick. For example on Mac OSX

$ diskutil list
$ diskutil unmountDisk /dev/disk1 # Make sure you got right device

Using Blind SQL Injections to Retrieve Access Credentials of a Website

In this gist I show how I leveraged a boolean-blind sql injection to gain access to a protected website. The injection allowed me query the website database and retrieve a valid pair username/password. Using the retrieved credentials I was able to login into the protected section of the website.

Software Used

To perform the attack I used:

sqlmap to discover the website was vulnerable to SQL injections.
Burp Suite to forge and send POST requests to the website login page, carrying payloads opportunely crafted with SQL queries.

	If you have ever put something in a file like .bashrc and had it not work, or are
	confused by why there are so many different files — .bashrc, .bash_profile, .bash_login,
	.profile etc. — and what they do, this is for you.
	The issue is that Bash sources from a different file based on what kind of shell it thinks
	it is in. For an “interactive non-login shell”, it reads .bashrc, but for an “interactive
	login shell” it reads from the first of .bash_profile, .bash_login and .profile (only).
	There is no sane reason why this should be so; it’s just historical. Follows in more detail.
	For Bash, they work as follows. Read down the appropriate column. Executes A, then B, then C,
	etc. The B1, B2, B3 means it executes only the first of those files found.

	Hi All!

	I've recently launched a tool that wraps many of the commands here with a user interface. This desktop application is currently available for macOS. There's a roadmap outlining planned features for the near future.
	Feel free to request any features you'd like to see, and I'll prioritize them accordingly.
	One of the most important aspects of this application is that every command executed behind the scenes is displayed in a special log section. This allows you to see exactly what’s happening and learn from it.

	Here's the link to the repository: https://github.com/Pulimet/ADBugger

	App Description:
	ADBugger is a desktop tool designed for debugging and QA of Android devices and emulators. It simplifies testing, debugging, and performance analysis by offering device management, automated testing, log analysis, and remote control capabilities. This ensures smooth app performance across various setups.