#programming

The programmers that are here, do you use Linux for your programming? Do you use the same distro and or device (or storage for an OS) for CyberSec and programming? What do you suggest?

I use kali for programming.. It supports pycharm and vscode

I feel Linux is good for it.

I use
Kali -> cybersec
Ubuntu -> running codes.
Tbh you can use any linux distro for running codes, you just need to install the compiler/interpreter on it unless already installed.
Same goes for cybersec, kali is cool cuz it already have many many tools pre installed in it so you dont waste time adding everything from the start

Kali have many compliers/interpreters already in it but i run on ubuntu because I kinda wanna keep my attackbox unborked

imo the OS doesn't make that much of a difference

most popular IDEs / text editors support all distros and it doesn't make much difference to how you program

So Kali Live with persistence with a great choice ?

I mean, it would be more efficient to use your main OS with it but yes, you can do it it

Linux is fine for programming

I use windows for most of my dev work

Better tooling support for some of the things I need to do

For now I use WSL2, gives best of both worlds

I primarily use linux for programming. Distro doesn't matter, so long as I can set it up with a toolchain that is going to work for that project. To that end, I usually end up with Fedora or Debian. Kali is going to be moderately painful for a project longer than a few months; occaisonally, it just breaks on a rolling update and recovering is possible but painful. I do not recommend using Kali as your daily workhorse.

Does anyone know any good websites that can help me learn python ?

Udemy courses,
YouTube,
W3Schools,
CodeCademy (Can’t verify the quality of this site although),

Sololearn

https://www.gentlydownthe.stream/ a visual novel of kafka works. Immensly interesting how they depicted it.

@forest cradle w3schools javatpoint tutorialspoint

fixed, partially tho, put a few if statements stopping the loop when meeting my condition, there's one i cant fix, until now, thinking a lot about using threading, but my head hurts when it comes to threading in python, havent gotten around to doing it

Definitely not an easy concept but a pretty valuable one when executed correctly

How can I find the index of other p using this function
letters = ['p', 'q', 'r', 's', 'p', 'u'] print(letters.index('r')) print(letters.index('p')) print(letters.index('p'))
Output

output
`
2
0
0
'

By definition it returns the first, so you'd have to mess with the start and end arguments to make your search ignore the first one.

threaded it, works flawlessly

Look for things like "lastIndexOf". Not sure offhand what python has, I'd have to look it up. You can also probably do something with slicing and/or comprehensions.

Is there anybody looking to collaborate on improving my own iplogger project (based on node+express)?

😄

Why are you building an IP logger?

@onyx merlin just hobby!

Ok, but what ethical reason do you have for building an IP logger?

Actually none, thats a point

-warn @karmic cape Do not ask for help with unethical projects (IP grabbers) - Rule 9.

⚠ Warned lakshaya#2253

I wonder if one can break out of a docker container which was run with the --privileged flag but with docker running in rootless mode

I don't know the context of ur question. But, interviewers/examiners love this kind of dumb questions. they are basically asking you to check the definition of .index run a while loop. Pretty naively u can do like this:

letters = ['p', 'q', 'r', 's', 'p', 'u']
try:
    c = 'p'
    i = letters.index(c)
    while i >= 0:
        print(i)
        i = letters.index(c, i+1)
except:
    pass

and they will ask for time complexity 🤣 . but the time complexity is theta of N, because first it will check till the first occurrence lets say X items, then it will check again N-X items. So it's not checking the items multiple time. instead total N elements are being checked once.

probably

run into a Go question.

So, From what I am understanding. The secondgo fun() runs concurrently with the main functions So after the first For loop(deploy workers) ends, it will just go to the third for loop right? But wouldnt the results be an empty channel? Why would it wait till the worker() to put the open port into results

sorry for a noobie questions..

Context is I was learning about functions and .index() came then I just changed the value of C to p just to check what output came, but it F'ed up 👌

https://tenor.com/view/rosycheeks-mochi-peach-mochi-cat-cute-kitty-peach-cat-gif-16992614

maybe

letters = ['p', 'q', 'r', 's', 'p', 'u']
print(letters.index('r'), 0, (len(letters)- 1))
print(letters.index('p'), 0, (len(letters)- 1))
print(letters.index('p'), 1, (len(letters)- 2))

This would work?

Usually when you are asked to solve a problem like that, it's preferred to do it as general a way as possible, so it can be applied to many different inputs. That looks like it should work for that specific case, how would you generalize it to apply to any list of characters?

hmmm

🤔

Channel reads will block (wait) until there's something to be read from the channel
Channel writes will block until there's space to put the thing in the channel.

just came up with this
letters = ['p', 'q', 'r', 's', 'p', 'u'] print(letters.index('r')) print(letters.index('p')) indexp = letters.index('p') print(letters.index('p', indexp + 1))

mind explaining the code please?

tl;dr the last line just means "start looking again from where you found the first p, but the next item along"

Yup

Searching start from very beginning, we got index of first 'p' we store the index of first 'p' in variable indexp, then we again look for the index of 'p' but this time search starts after the first index not from the beginning.

Yeah, I know how it works

In fact, that's the solution I suggested

Oh I replied to u, it was for @tulip ibex

My bad

Yeah thanks for that

Gave +1 Rep to @onyx merlin

oooooooooooh got it thanks a lot @lilac holly and @onyx merlin !

Gave +1 Rep to @candid glade

np

Which platform you guys will suggest for practicing DSA, like binarysearch.com or leetcode or something else. There are many available...

Geeksforgeeks maybe?

IIRC that port := <- results blocks until there's something to read in the channel.

oh, that was already answered hours ago 😄

ye thanks!!!

Gave +1 Rep to @solar hull

Be sure to take a look at buffered channels, they're neat

Extra spaces

I’m following along black hat go

It should be covered in the book. Will check them out ! Thanks James

Gave +1 Rep to @onyx merlin

this assumes that index('p') exists.

Not assumes, value of first index('p') is stored in variable indexp, so it take it from there

ie it exists

Mhmm

Then searches forward from there

yes I know 🙂

Hmm, maybe we thinking same thing but a different way

depends on the language, but oftentimes, a nonexistent index will return a -1. Passing that in as a value to another function could cause a problem. So Hydragyrum has a good point.

Hmm
I see

hello?

https://tenor.com/view/lionel-richie-hello-is-it-me-youre-looking-for-are-you-looking-for-me-gif-16227915

hi

Hi

I have a Dll Injection tool I made in C# following pinvoke for the WINAPI and I a small Dll I made in C that should just open a MessageBox when DllMain is called

#include <windows.h>

__declspec(dllexport) BOOL WINAPI DllMain(HINSTANCE hInstDll, DWORD fdwReason, LPVOID lpvReserved) {
    MessageBox(NULL, "Hello, World!", "DllSays:", MB_OK);
    
    return TRUE;
}

the C# code is on https://github.com/RisuSofos/InjectionTool/tree/console and I am getting no errors, it just doesn't work (worst kinda error)

leetcode > *

I solved my issue, it was simple. I wasn't using LoadLibrary like i thought

ERROR:
encoded = jwt.encode(payload, key, algorithm="RS256",headers = {"kid" : "http://<IP>/keypair.pem"})
AttributeError: module 'jwt' has no attribute 'encode'

CODE:

import jwt
import json

payload = {
"username": "neo",
"email": "test@test.com",
"admin_cap": 1
}

key = open("./keypair.pem","r").read()

string = json.dumps(payload)

encoded = jwt.encode(payload, key, algorithm="RS256",headers = {"kid" : "http://<IP>/keypair.pem"})

print("token",encoded)

I tried searching on chrome and it said uninstall module jwt and install pyjwt

Does it work without key?

When reading from a file, usually the data comes in weirdly, you might need to specify what data you're reading in.

And what jtw library are you using?

you mean without the signature part...?

and how can i do this?

like in a efficient manner...should i take the content of a file as a variable?? instead of reading the file contents

A file is usually formatted as a list in python, so reading it like that anyway will have your text from the file formatted weirdly

But, does the jwt.encode error happen all the time? Or only when trying this?

all the time

I mean, on every program?

Run this:

import jwt
key = "secret"
encoded = jwt.encode({"some": "payload"}, key, algorithm="HS256")
print(encoded)

and tell me if it errors

error on line 63

yes

Yes it errors?

yes it errors

the same

what did you pip install ?

Version of Python are you using?

pyjwt

and not jwt ?

Python 3.9.1+

There's something wrong with your installation

After installing it, did you restart your IDE?

i google searched the error and it said that uninstall the jwt and install the pyjwt

ok 😦

Are you using pip3 or pip2?

Or just pip

i don't have a specific ide...i used gedit

pip3

Which OS are you using?

It worked

am stupid earlier i installed the library using pip

hah

sorry

Not a problem

Hi mates, looking for an experienced Golang programmer who has already worked with Gorilla and OIDC/OAuth/JWT and is willing to spend some time explaining Best Practices. DM if that description fits you, thanks 🙂

Does anyone have any idea for a CRUD web app cyber-security themed/related?

yo

learning golang

someone pls break down this code

import "fmt"

func split(sum int) (x, y int) {
    x = sum * 4 / 9
    y = sum - x
    return
}

func main() {
    fmt.Println(split(17))
}

That looks readable to anyone who knows a curly brace language.
Have you tried tracing the code? What about it don't you understand?

kinda regret posting the message in the first place, i understand it now

It's much better to go in with a specific, narrow question

ok

Just a heads up, sometimes reading it out loud to your self can help understand it more better

Any advice on getting better at coding

Practice

Like most things, you get better by doing it. Find something to automate and write a script for it. Look at other people’s code from the GitHub repos you may or may not use. There are plenty more resources in the pins.

Hi im new in the server a im asking for help

What’s up?

Anyone here got a little bit of know-how with flask? I know there is a better way of serving a page based upon the value of a cookie as I've done it elsewhere (but had to make it susceptible to RCE)

@app.route("/myroute")
def myroute():
    cookie1 = "cookie1"
    cookie2 = request.cookies.get('cookie2')

    mypickleCookie2 = pickle.dumps(cookie1)
    mycookie2E = base64.b64encode(cookie2)

    resp = make_response(redirect("/myroute"))
    resp.set_cookie("flag", mycookie2E)

Basically I want the value of cookie2 will determine if /myroute is returned or not

just a simple elif here that compares whatever value of cookie2 is within resp?

say if cookie2 doesn't equal x then redirect to y route?

Something like this? ```python
if cookie is None:
resp = make_response(redirect("/myroute1"))
return "Uh oh! You need to create an account first!"

# cookie = pickle.loads(base64.b64decode(cookie))

else:
    resp = make_response(redirect("/myroute2"))
    return resp

Shouldn't even need the make_response @sly breach

Just ```python
if not cookie:
return redirect(url_for("blueprint.handler")), 301
else:
return redirect(url_for("blueprint.handler2")), 301

ooooo

Should probably protect the second route as well though

I'd be tempted to do it with a decorator and just decorate everything involved. If cookie == whatever, execute route2, else redirect to route1

^ your blog post inspired me on that one

I'll have a play around ty ((:

Np 🙂

I need to some more reading up on Flask but for now it's a band-aid solution 😄

Hehe. Flask is beautiful

No matter what @thorn finch says about Django 😡

Better than Django!

Is Blueprint a flask library/extension @tulip sail O.o?

Built into the Flask framework

In that case I'm using it as a substitute though

As in, if you're doing it all within one module then just do functionname1 then functionname2

The blueprint.functionname only applies if the function is in a separate blueprint

A Blueprint is a way to organize a group of related views and other code. Rather than registering views and other code directly with an application, they are registered with a blueprint. Then the blueprint is registered with the application when it is available in the factory function.
Makes sense

Gnarly! 😄

So, if you had a blueprint called admin and you wanted to redirect to the admin home page, maybe admin.home

Yep! Makes life a lot easier

Sounds like it 😎

Thanks my man!

Np! 🙂

What exactly are you trying to do?

Like, when your PC starts you want it to automatically load and come up?

@runic hazel

If so, you would have to use the subprocess or os module to run this wsl -d kali-linux kex --wtstart -s in the shell

import subprocess
command = [command, goes, here]


subprocess.call( command)

I'm not sure if python can interact with WSL, but if you did it my way (which starts the Kex automatically with Kali WSL) it would work

No problem, let me know how it goes

or

this would save 2 lines :P

Eh it doesn't really matter much about the line count, I was just showing a quick example - but yes, that does the same thing 🙂

this

or just set up your shortcut to run kex to begin with

lol yea but just sayiing the code can be shorter....i dont wanna start telling cause ur better at it olol

Yeah 100% can be shorter, I hope my msg didn't come out as rude - btw, dont feel like you cant tell me tips because I may be better at it, i still have lots to learn :))

even if it would be rude, i would make it calm to myself saying jayy cannot make the sentence rude lolo

in python2 theres win32com.shell.shell.ShellExecuteEx(), trying to do this in python3, theres ShellExecute from win32api, but that executes programs, im looking for executing commands

Do I want to know why?

trying to create a UAC elevation prompt

in python3

...Why?

https://stackoverflow.com/questions/130763/request-uac-elevation-from-within-a-python-script 🤔

how are y'all so good at google?

making python app that needs admin privs

Well, at least you're asking for elevation 😆

politely

UAC bypass

or i could just do an isadmin and if theyre not admin i print out why are you not running it as admin you little || 🍭 ||

exploiting fodhelper right?

Yeah, if I recall they teach that in PWK

They do

Hey can someone tell me what does this instruction do cmp @lilac holly3 , 0x10(r14)

Well, cmp compares values iirc?

yeah but what does 0x10(r14) mean?

I could take a guess, but I'll leave it to someone who knows ASM much better than I, sorry :c

What architecture and syntax is this for?

I'm doing microcorruption.com ctf

I don't know what particular architecture they are using

nvm i got it

r14 might be register 14?

Is the CTF active?

@true pumice https://www.youtube.com/watch?v=L8CDt1J3DAw

Time to become a console professional

It's cool, right?! :D

didn't know you could do css in console, dam

implementation

I tried to create a macOS shortcut to mark useful links as resources and then send that link to my private telegram group.

It's very similar to the Scratch programming language.

I admit this is not the coolest thing to do with shortcuts. So, I'm open to ideas. What you guys think we can do with this new shortcuts feature?

Cool 😎

👍

https://www.hackerrank.com/challenges/cut-the-sticks/problem

vector<int> cutTheSticks(vector<int> arr) {
    vector<int> rs;
    int itr=arr.size();
    rs.push_back(arr.size());
    for(int i=1;i<itr;i++){
        if(arr.size()==1) break;
        else{
        int mnm = arr[0]; 
        for(int j=0;j<arr.size();j++)
            mnm=std::min(mnm,arr[j]);
        arr.erase(std::remove(arr.begin(), arr.end(), mnm), arr.end());
        //arr.shrink_to_fit();
        rs.push_back(arr.size());
        }
    }
    return rs;
}

3/10 test cases are failing if anyone can help me?

where im doing wrong

A couple of things you could check: what happens when there are duplicates? What is the complexity of your algorithm?

Wow that code is a mess

3.1 Write a program to prompt the user for hours and rate per hour using input to compute gross pay. Pay the hourly rate for the hours up to 40 and 1.5 times the hourly rate for all hours worked above 40 hours. Use 45 hours and a rate of 10.50 per hour to test the program (the pay should be 498.75). You should use input to read a string and float() to convert the string to a number. Do not worry about error checking the user input - assume the user types numbers properly.

hrs = input("Enter Hours:")
h = float(hrs)
rate = input("Enter Rate:")
r = float(rate)
x = 0
if h > 40:
    x = h - 40
    e_pay = x * (r * 1.5)
pay = (h-x)* r
g_pay = pay + e_pay
print(g_pay)

what other ways can it be done(I mean even simplest, if possible)

As programmers when do you decide to use an existing tool and when to create your own?

Does the tool do what I need it to efficiently? Yes -> keep using it, No -> develop my own

While I’m not a massive infosec developer, if I think I can make a better tool, I’m more tempted to.

Sometimes if it’s a quick tool I can create in a few minutes, I won’t bother going onto the internet to look for an existing one

hours = float(input("Enter Hours:"))
rate = float(input("Enter Rate:"))
pay = hours * rate
if hours > 40:
    pay = pay + (hours - 40) * rate * 0.5
print(pay)

@lilac holly

Honestly I do prefer writing it this way:

maxHours = 40
rateMultiplier = 0.5
hours = float(input("Enter Hours:"))
rate = float(input("Enter Rate:"))
pay = hours * rate
if hours > maxHours:
    pay = pay + (hours - maxHours) * rate * rateMultiplier
print(pay)

You get paid normally any amount of hours you work.
If you work more than 40 hours you get paid extra.

Then when you wanna adjust any numbers you do it once at the top

Just the more verbose variable names there makes it a million times more maintainable

Doing the constants like that is even better, although I'd swap the constants to all caps because python. Also snake case.

I define constants with an _ before them, _maxHours

It's preference, I don't expect people to read or maintain my code.

I also usually format my code using comments to make it clearer, grouping sections.

# Constants
_maxHours = 40
_aboveRate = 0.5

This is a minor example, I like making good looking code :p

I'm not actually sure why I started prefacing them with an underscore, now that I think of it 🤔

Tysm. 👍

https://www.python.org/dev/peps/pep-0008/#constants ~~Follow pep8 standards ~~

Nooo, pep8 is horrible!

I tried, I really did, it drove me to JavaScript

PyLint makes it easier

Hmm

I've used a few automation tools to check my code.

I really want to get away from Python although, so I doubt I'd go heavily into coding formatting standards.

Use black

I've used black also

If you want to learn how to write better code Robert Cecil Martin has online lectures and a book over Clean Code. I recommend it a lot after you learned the basics

If it doesn’t exist, I make it. If it does, I use it. If I think the tool is bad enough then I fork it and remake it

Generally I am super lazy so reaching the last point is quite hard

the underscores are an old C++ convention for private members

this one's pretty good

Hmm, I haven't coded in C++, possibly picked it up from one of my tutors who codes in C then, hah

could be

I've seen it in C for local variables, or struct members

I just think it's a nice subtle hint.
It's not the best practice to learn, especially as in (I think it is) Java, it privatises variables and functions.

In rust, it hints to the IDE that it's private, but doesn't really stop you from using it elsewhere iirc.

in java, naming conventions don't really have anything to do with variable visibility or scope- there are explicit keywords to define that

I also use _ for private fields though my teacher in college doesn't find it necessary

The _ thing is shorthand for 'this should be protected or private' for OOP-like languages that don't properly encapsulate

in every 'proper' OOP language I can think of, there are specific language mechanisms for encapsulation; in Python, JS it's not enforced at al

that's useful

Morning everyone

Hi

Iiiii

num1 = ("enter your number: ")
num2 = ("enter second number: ")
num3 = num1 + num2
print(num3)

The caculators

will that work in python?

you might need to convert it from str data type to int, before the calculation takes place

yeah they need to, initially num1 and num2 would be string types.

numone = int(input("enter your number: "))
numtwo = int(input("enter second number: "))
numthree = numone + numtwo
print(numthree)```

Please change the variable names, numOne - camel case - is a good variable naming format

1. You need to add input() when assigning the varible, otherwise it will just use the tuple
2. You need to also add int() around the input() otherwise it will take it as a string and litterly print both of them together (e.g. "4 6")
3. Also change your varibles as jabba said to make it easier to read / use

Thank you so much brother

I still learning

Np, keep it up and you'll see improvements in no time

I see i see

But if don't fill in an integer then the result is the same, just looking at the input

Is it only for the type?

https://kumarayana.github.io

I finished build the website

I'm going to leave this here https://blog.davetcode.co.uk/post/21st-century-emulator/

Can it run doom?

def delete_starting_evens(lst):
for i in lst:
if i % 2 == 0: del lst[0]
return lst

print(delete_starting_evens([4, 8, 10, 11, 12, 15]))
print(delete_starting_evens([4, 8, 10]))

why doesnt 10 get deleted as well when I run it? python3

I get that its the last item in the list at that point, but still its lst[index 0] so why wouldnt it run

anyways I just put in if lst[0] % 2 == 0: del lst[0] and works fine, but idk why does it stop, something with how python iterates over lists?

from my understanding its generally not good to delete items while you iterate over them, list comprehension would be much better suited for your function, see this thread for clarification https://stackoverflow.com/questions/1207406/how-to-remove-items-from-a-list-while-iterating

I second what Droogy says, but just to show what actually happened:

Loop 1:
- i=4
- lst: [4,8,10] --> [8,10]

Loop 2:
- i=10 (second element in the list)
- lst: [8,10] --> [10]

Loop 3:
- i=?, there's no 3rd element

This was just from putting print statements before and after the if condition to check what was in i and lst.

ah, so its looping forward while im actully shirking the list backwards, right?

it doesnt refresh the indices after every loop instance

pretty much, I guess. I don't know if this changes from language to language, but the lesson at the end of the day is to not mess with the data you're iterating over (unless you're doing something REAL crazy)

gotcha. yeah im coming from javascript and in javascript loops you would do array/list-name[index-iterator] but here you just do index of the iterator straight up

def over_nine_thousand(lst):
i = 1
total = lst[0]
if sum(lst) < 9000: return sum(lst)
else:
while total < 9000:
total += lst[i]
i += 1
return total

print(over_nine_thousand([8000, 900, 120, 5000]))

the function works fine both for arrays that total below and above 9000 when I run it in python, so why is it giving me "list index out of range" error on codecademy

There is probably a test condition your input doesn't cover, but that code academy does. How sure are you in examining your edge cases?

not very I guess, lmao, let me try for a bit

idk im running it with various inputs and it works fine lol

def over_nine_thousand(lst):
sum = 0
for number in lst:
sum += number
if (sum > 9000):
break
return sum

this is the solution provided on codecademy....what is different functionality wise? how does this cover an edge case my solution didnt?

the way im looking at it its the same exact shit

expect instead of break im using while

except*

I would even argue my solution is straight up better, since if the total is below 9000 it will just return the sum instantly without even going into a loop, no?

It's not though, and I don't think your code covers all the cases you think it does. What if the sum of a list is equal to 9000?

if sum(lst) < 9000: return sum(lst)

what am I missing

ah

okay

I see it now

thanks

@magic falcon thank you

Gave +1 Rep to @magic falcon

And I would argue that your code is also not optimal. Sum could take a long amount of time to process the list and get the result, and you call it multiple times before you even enter your loop.

Are you familiar with time complexity analysis?

is sum resource intensive?

If you had a really long list, you would be spending orders of magnitude iterating through the list to get the sum

no Im not good enough coder to concern myself with nitty-gritty optimization, just using common sense feels like loops would be the most resource hungry

order of magnitude more time* than any other part of the program

That's a good intuition. Is there any other way for a sum() function to operate than to somehow iterate over the contents of the list?

I was just gonna say that lmao

how can I see the internal code of these built in functions

I ask because it's a thing you should spend some time thinking about and exploring. Coding is 100% problem solving, working to understand how things ought to work beneath the API abstractions is a really good idea

totally agree and I appreciate the help

https://docs.python.org/3/library/functions.html#sum

I know, but like, whats the program to print it into console or have it as output if theres any

if say, im working offline

Print what to console?

the internal code of built-in functions

not program, I meant like method/line of code

do you have pydoc installed on that machine?

im about to

I don't understand what you are asking

print(max.METHODHERE)
is there something I can put instead of METHODHERE that will output the internal code of the function into console?

or sum.METHODHERE

or w/e

btw I ran my original code with the sum of the list being exactly 9000 and it worked fine so...im a little confused indeed xd

That's a problem; your code should cause an index error exception in the while loop when the total of the list is exacly 9000.

how come it doesnt? I just cannot seem to figure that out. looking at the code its running the way its written and the output is what I would expect it to be after reading it

or rather, how come it should be throwing an error? the 9000 case is covered (by simple running it through the loop, or putting <= instead of < in the first "if" check)

Your original code you posted should error out when case is <9000

yeah but it doesnt hence my absolute confusion

could it be a python version thing or what

If you modified it, the <= 9000 should exit when 9000 gets hit

Create a function named over_nine_thousand() that takes a list of numbers named lst as a parameter.

The function should sum the elements of the list until the sum is greater than 9000. When this happens, the function should return the sum. If the sum of all of the elements is never greater than 9000, the function should return total sum of all the elements. If the list is empty, the function should return 0.

For example, if lst was [8000, 900, 120, 5000], then the function should return 9020.

If the list is empty, how does your function return 0? From what i see, you init total = lst[0]. Is there another line?

ah there we go, thats my edge case. now I understand why it was giving me index error. if list is empty there isnt anything at the first 0 index

just didnt dawn on me that if list is empty it would be giving index error cuz in my mind for an index error there has to be something to index, but now it makes sense I was being a dummy

OOOOH, CAUGHT OUT, ELLIOT

@tulip ibex

HAHAHAHHAA

haha thanks!

Gave +1 Rep to @spare river

can some1 give good ideas for final year university project ??

which type? a web based, security based, or any other application?

thinking for sec based...

how can I append all input values in list, cause it just do list = num every time

while True:
    try:
        num = input("Enter number: ")
        if num == "done":break
        print(int(num))
        all_nos = list()
        largest = max(all_nos)
        smallest = min(all_nos)

by actually appending to the list, not creating a new one on each iteration?

So, you would need to use the .append() function like this:

list.append(num)

Where list is the variable name of the list)

Oh please avoid using identifiers that overwrite keywords or builtins.

>>> list()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
TypeError: 'list' object is not callable```

I just realized I was trying to make list inside a while loop without difining it before, so it was obvious it will always be the assigned variable(or I think it does)

So whatever I append to it, when loop Iterate it will turn back to the original assigned var

😐

• Try an encryption software or script, where you can encrypt and decrypt files and directories maybe.
• or Try Network Packets Analysis tool

Hey anyone knows typescript?

Ask your question

I do a delete button using typescript and angular but it didnt works

Code?

I put a confirm and a array.push

But it didnt work

hey so Im developing an app that can have wear OS compatibilty so what can I do so that the watch can send sleep and stress data??

any differences between python2 winreg library and python3 winreg library?

Imma drop this here ;P

Hydra takes 12 minutes. Cerbrutus takes 6

Same machine, Same network. Same conditions.

Hydra tends to slow itself down the more it runs.

What about shreder?

https://twitter.com/0dayCTF/status/1409151652800630786

@opaque spear

How does it compare?

Well shreder is very broken...

It opens up the same number of threads as are in your wordlist with a 0.1 second timeout in between

And it errors lots, and skips on errros so it’s pure luck if it gets your password

@modest frigate can confirm. We’ve been testing it the last few days.

It also crashes my VM 9/10 times because of the number of threads

And takes forever to initialise rockyou (when it does work because rock you can’t actually be loaded into shreder in its default state)

0day actually replied to that thread talking about cerbrutus

@surreal bronze

Ah interesting, does your tool use multi-threading but with a max amount of threads?

It looks pretty interesting, I've always had problems with how slow hydra is - could you give a link to the repo?

@opaque spear

It does. It’s customisable as to how many threads you use, but 10 is the max reccomended from my tests. However that could be down to my standard internet connection, but could also be down to paramiko/the server side SSH limiting number of concurrent connections.

@surreal bronze

It’s in beta at the moment and there’s a little to go before I make it available (I’m a bit of a perfectionist)

Hmm, sounds neat

I’ll link it when it’s ready to go

Alrighty! Looking forward to how it goes

Are you using GitHub or sormthing else like gitlab?

Full intention is to add other network service brute forcing too (SMB and FTP are high on the list)

I’m using GitHub personally but with a private repo

It will be really easy to extend too

Would love to help contribute

Should also create a room for it and get it added to the tools section 🙂

Yeah, Shreder was the only thing I’ve ever posted that I can’t recommend anymore. I updated the tweet in the replies. The new Tool is reliable and the fastest available.

@surreal bronze

Cheers for the confirmation! I'll definitely check it out when it's available ♥️

There is absolutely no point in starting one thread per wordlist

Your machine is limited to a strict number of logical CPU cores -- anything more than a few extra (useful for context switching) will see no performance benefit

It's also really expensive computationally speaking to start threads, so starting one per task is incredibly dim

although in my messing about with threads, the OS is very very good at scheduling them. Allocating 2-4x the number of threads as you have logical cores worked for my workloads. I imagine that's because of down-time while the threads are waiting on resources.

Aye, I was seeing optimal performance at about 20 threads on 16 logical cores for my port scanning stuff, but it will depend on how much wait time it has

yeah, it's very largely dependent on the task and what the bottleneck is. If a thread is resource starved by something other than cpu (i.e. disk, a producer/consumer, etc.), then having a lot of threads isn't as big of a hit, since most will be idle the majority of the time. But when they are cpu-bound, then you start to pay more of a context switch tax, since more threads are competing for cpu. But yeah, spawning ridiculously high numbers of threads is stupid

Multithreading isn't always needed with async io - particularly with sockets

a single cpu core can handle a larger number of async requests than you'd think, due to how hardware interrupts bubble up from the NIC when network packets arrive

You should use async, I faced the same issue with rustscan and fixed it with async 🙂 spawning more threads is way slower because of context switching and how expensive it is to spawn new threads. Also you are fighting the GIL, so naturally your program will always be slow 😦

https://wiki.python.org/moin/GlobalInterpreterLock

For IO based tasks where you are waiting on some IO, async is better IMO. Especially when you perform the same function with different inputs, it’s great for that. Threading is just easier to do so most people run to it first 😁

Also make sure if you spawn that many async you start executing them right away or you split it up. You can wait a long time while the OS gets ready and prepares to execute all async at same time. Rustscan fixed this issue by executing them at the same time as creating them

You may even see a performance improvement from splitting the word list down the middle and using 2 cores (multi-core) and async. Multi-core isn’t affected by the GIL (fact check this, I think only multi threading is) so you will see a speed improvement here

Also when you start doing that, you begin to battle the open file limit and to really fix that problem you have to make your program unix only or watch windows users suffer with a slower version 😦

https://docs.revenera.com/fnci6133/Content/helplibrary/Setting_the_Open_File_Limit__Linux_Unix_.html

Mac OS has an open file limit of like 30 it’s ridiculously small so I’d suggest at least trying to change it for them haha

Overall though great job 🙂

((Also less ascii art or introduce at least an accessible mode so / greppAble mode pls))

Thanks! To clarify I haven’t got issues with the wordlist - Shreder did but It’s all working fine in mine. I also don’t open as many threads as in the wordlist. Lol. Knew that was a bad idea.
I’ll look into async and also keep in mind a grepable mode

Gave +1 Rep to @stone kayak

Yes,rockyou had like 20 different text formats for some reason lmao

Great work btw

thanks

39 seconds for 845 tries. hydra takes almost 120 seconds on average on max threads for the same scenario

adding colors any sooner?

looks good for my side 👍

of course 😄 it will be looking 1337

specially the username and password

yesss

thast was the plan - just to make them stand out

ill say like make them on a new line

instead of the creds found: u p

is the SSH protocol specification ccase sensitive?

nope. sSh works

oh nice

good job

thanks

:p

trying .,,,,,,Wed

lol yup im looking into that also

the wed is because i ran date immediately after

but want to eliminate that trying line

https://skerritt.blog/a11y/

🥺

@stone kayak its good!

AFAIK no standard python parallel or concurrent lib allows you choose a specific core to run a thread on. There is a multi-core lib, but that is 3rd party and hasn't been updated in almost 4 years.

Move to rust 🤷

Or C

concurrent.futures

🙂

TIL about XMLUnit...

Hydra, that is a subset of multiprocessing

One of my good friends is blind, and has to deal with these issues. Thank you for making such a great blog about it :). I've done a very tiny bit of custom screen-reader code to help him with stuff.

Gave +1 Rep to @stone kayak

probably

makes things easier to use though

definitely. but understanding what a future is, i think may cause more confusion. would not usually recommend it for those brand new to concurrency

Im curious about books on programming. Anybody here use them? How do you find them to be? I find the idea of learning programming by reading a book very abstract, like by the time im done reading the book I forgot 70% of the stuff that was in it because I wasnt applying any of the new information to cement it and build a framework/list of concepts in my brain around the given programming language. Im asking because I do enjoy reading, but I read philosophy, psychology and post-apocalyptic sci-fi almost exclusively

is the book meant to be read while infront of a PC, directly applying topics that are taught in the book?

smth like this

I have that book to hand at the moment.
It's mostly explanation of concepts followed by examples that you're meant to follow along with.

You will get a lot better results by practice along with the reading. The reading will explain a concept, it is up to you to internalize it and find ways to apply it.

Most instructional programming books follow that format

I don't think they're ideal for teaching the mindset and logical thinking that you need, but I think they're decent for teaching the language.

thank you for the help lads

When trying to compile dotnet projects. I can create the solution file with dotnet new sln but fails to compile the static binaries with dotnet msbuild.
What Am I doing wrong???

I'm not super hip with the dotnet toolchains - if you can post some screenshots of what the command is and what error you are getting, that will help us to help you

I thought that was because SSH has built-in bruteforce protection, not because hydra is being a PoS...

the first 100 tries fly-by like nothing and then it lags up real hard, usually

and it made sense to me that around 100~ tries would trigger a bruteforce limit

This seems to not be too bad with it Either way this is faster than hydra when we run it on the same number of threads (alongside and independently)

Thanks for replying to my message. With help from some friends figured it out. For some reason dotnet command only works with some projects.

Any Vs project that is beyond dotnet core. needs to use xbuild
xbuild soultionfile.sln
However you can use dotnet to help create missing solution files.

Gave +1 Rep to @magic falcon

Hey i need some of you algorithm pros to help me, i have 2 tuples start = (5, 3) and end = (8, 5) how would i go about looping over every possible value pair until i reach the end value

oh and this is my current code written in rust

for i in start_height..end_height+1 {
  for ii in start_width..end_width+1 {
    if iter_count == end_width+1 {
      iter_count = 0;
      continue
    } 
    iter_count += 1;
    println!("({},{})", i, ii);
  }    
}

@warped axle Your current code looks fine to me (btw you can do inclusive ranges with ..=end rather than ..end + 1!

You could probably get more idiomatic with some fancy maps or whatever, but really depends on what you're using this for ...

Yeah the code is good for the most part but for some reason it always misses 6, 3 and 8, 4

The rest gets printed out just fine

Any idea why?

@open flower

more than likely because you're continueing, which I don't see why you need at all?

Hmmm that might be it

I want to count the no. of line in a file
here's my code-

file = open('file_handel.txt')
#text stores values inside file, when it loops
text = ""
for i in file:
    text = text + i
nol = 0
for i in text:
    if i == '\n' :
        nol += 1
print(nol + 1)#+1 because last line will not have \n```

I just want to see everyone take on this (because I can only think of this one)

with open('file') as f:
    print(len(f.readlines()))

?

So if you can do this better, please go ahed

Off the top of my head that should be okay

thanks

Gave +1 Rep to @open flower

woah, It was really this simple🤯

😄 I've had the same thing happen to me many times, it won't be the last time either 😉

I am getting this error while I am installing ecapture

https://stackoverflow.com/questions/48226362/scikit-image-fails-to-install

dunno lol

this is not scikit

it is ecapture

👀

error: Microsoft Visual C++ 14.0 or greater is required. Get it with "Microsoft C++ Build Tools":

did you try this

nope

do then

but im guessing its a dependency no?

I don't know how to install microsoft c++ tools.....

it is a module

I have to import it into my code....

Google.com

oki

@cedar furnace

https://docs.microsoft.com/en-us/answers/questions/136595/error-microsoft-visual-c-140-or-greater-is-require.html

this should help

Yeah, I am already installing it

okay cool

thanks for the help tho

@cedar furnace did it work

yup

hey. so, I noticed a very unusual thing when playing around with localstorage. while i was in the localstorage tab under application in web inspect (for chrome), I saw the expected keys and their values. after scrolling through the values, I clicked on the 'toggle device toolbar' button, which revealed a hidden key. How does this work? I'm interested in how this was done, and if it was intentional or not, since I think localStorage.getItem('key) won't be able to access that value. anyone have any ideas how this was done and how this is accessed? it's probably useful only for security, right?

it may be useful for a later project

why does left side not work but right side does? what is functionally different?

explain in ooga booga terms please

the math its putting out is wrong

somehow

Are you familiar with the differences between class and instance variables?

im learning that right now

im somewhat familiar with javascript objects&methods

And, you say the math is coming out wrong? Please post your results

Is there a difference between using self.pi and Circle.pi (the class) in the area method? I thought its the same thing, its automatically calling itself as the first argument when called

is self instantiated? this could potentially be different if you are running a python script on a machine (baremetal or vm) vs some kind of web platform

I dunno, I was under the impression self is sort of conventional place-holder value as it refers to the object calling the method, i.e. refers to itself

im just really confused as to how do these differ, it seems like my way is the same exact thing just with a few more steps

but clearly it aint

The more I look at it the more confused I am, honestly.

Why does me doing the conversion to radius (halving) separately and saving that to variables, and then passing those variables as arguments into the method call result in a different result than when doing the division inside the method call?

This is python3 just to be clear

nvm problem solved, im a goon as usual

(typo)

It sucks you haft to be smart to k now how to hack y’all make it seem so easy 😂

just a stupid question - which edittor is it?

codecademy in-broswer

This ones for my SQL homies out there

1. is JOIN and INNER JOIN the same? Google says yes, but seems a lil sus

SELECT Orders.OrderID, Customers.CustomerName, Orders.OrderDate FROM Orders INNER JOIN Customers ON Orders.CustomerID=Customers.CustomerID;

lets say I have this, I have two tables Orders and Customers

if im doing SELECT Orders.OrderID, Customers.CustomerName, Orders.OrderDate why do I use FROM Orders ?? Doesnt it make sense that I would use both? how is Customers.CustomerName being correctly referenced if im not putting Customers in the FROM clause as well?

I get how it works just dont understand how come Customers.CustomerName doesnt fuck the query up

I’m not smart at all

You know how to program don’t you

You just start somewhere and it kinda snowballs if you have the drive to do it. You dont have to be cognitively gifted in any way, shape or form. Sure it helps but sure as hell isnt a requirement.

It’s just hard for some people than others if not impossible Especially if you have no support around you in life

the concepts are very much the same in each programming paradigm, just syntax, keywords etc. might be different

Yeah that is true.

So in a way it is not just programming I mean hacking in general

to hack in anything in any useful capacity, you first need to know how to program. if you dont you will hit a wall very soon, its what happened to me

I learned javascript okay-ish, started doing tryhackme, eventually hit a wall by not being able to evaluate/fix/edit exploits coded in python by myself, so I went back and started learning python

Can I ask you this then

How long have you been programming

I started dabbling in it at the start of this year, but really only started full time studying mid-april of this year. right now I know html, css, javascript, python, bash and powershell, but its a "knowledge a mile wide and a few inches deep" type of deal. But I am living with my parents and have the time to study 8-10 hours a day in peace

my main goal is cybersec and as such I dont bother with mastering javascript/python libraries etc., I just wanna understand the code when I see it and edit it if I need to, dont feel like writing software from scratch, I could probably write some easy scripts

Yea I tried to learn python but idk I feel like you gotta be good at math and stuff like that and to be good a concentration 😂

python's concepts have almost nothing to do with math i'd say, you can apply it for stuff that solves complex math problems, algos and such but to understand the concepts you do not need any advanced math at all

So is like programming like the most important thing when it comes to hacking

as far as concentration goes, this is something I struggle with myself as I have a mixed anxiety disorder. I recommend

1. meditation
2. there have been medical trials done with supplements, some of them have tangible results in improving cognitive abilities
3. adderall or other stimulants, although this can be expensive as hell depending on where you live

also 3) risk of addiction, though I have never struggled with that at all

i guess

Do you know anything about pen testing

im like a step above a beginner I guess. I can root most easy/medium difficulty boxes without looking at hints

You have any advice for me 😂

You really don't need to program on order to learn to hack.

It'll help later on, but it's definitely not a necessity at least to start

Hey Balla, believe in yourself 🙂 With practice you can learn it! I'm not particularly smart and started learning programming at a later age ( after my brain was already past peak condition 😉 ) and managed to make a career out of it. You just need to do the thing you want to learn. It can all seem overwhelming at first but with practice you will become more confident and it will become easier

How old where you when you started

28

How old are you now if you don’t mind me asking

yeah okay I agree this was a bit of an overstatement, but I just think its easier if you start with programming and then move on to pentesting. but thats my opinion and everyone is different and learns in different ways more effectively

pentesting websites is a lot easier if you already know js/php, doing manual exploits is easier if you know python/bash etc. thats my line of thought

Figure out what works for you and where you seek for information when you get stuck. No matter how smart you are if you only have poor sources you will not progress.
Knowing how to learn is an important skill that is often overlooked. It doesn't come natural

It is one of the bigger issues with school tbh

Yes I agree I just wish I new people in person that can teach me hands on stuff but it’s impossible to find ethical hackers lol

For me, college helps giving structure and networking possibilities. A bachelor is more practical and later on I can specialize in cyber security. However, the hands on learning I truly expect to pickup when I do my internships

Those people are very difficult to find. In college for example teachers are intelligent and know what they are talking about. The big catch is that most of the time you need a fundamental understanding of the subject they are trying to teach. Which is counterintuitive and confusing

Programming and hacking are two very different things. They don't have a lot to do with each other. You can be very good at one without knowing much about the other.

How can I open multiple concurrent netcat sessions to a target apart from opening multiple terminal tabs? Automating it using bash and forloop does not works concurrently as It waits for the present process to end before starting the next one

maybe with backgrounding the process?

behavior can be erratic, doing that. IIRC netcat by defaults waits for stdin, disable with a flag and it ought to work. But that's working off memory, there could be other things that break when you do it

well XML namespaces and python are really annoying to deal with, anyone have a favorite library besides the ElementTree XML API?

I try convert XML to another, more easily read format when I can. Usually YAML or a dictionary, but that may not be feasible with your use-case

hmm thats a good idea, its either that or lopping off the namespace parent at this point -- prepending the {<URI>} in front of the tag im looking for (which is suggested by python docs) seems broken

and accessing children by index is even more broken lol, might need to actually massage this data a little bit and remove a lot of junk first since I only need certain children

Yeah, definitely convert to YAML or a dict then

Hi Guys,

I need some help in mitigating a security issue in my code
the issue is in login validation and i can't find a solution for the same

Validation is one of the most difficult problems to solve - what language and framework are you using? What's your current validation strategy? Do you have strict limits on what is acceptable, or is the intent to allow any characters?

the issue is the attacker hijack the success response and sends it again with the success code

The frame work i am using is springboot
but it isn't related with spring boot

@magic falcon

That doesn't seem like an input validator issue, that seems like a cookie and session management issue

Hello guys

Can anyone please tell me that is that possible to learn programing in mobile and how to learn it?

Do you mean mobile app development? @lilac holly

Um.. Game development...

Yes, mobile app development

For games, you probably want to learn Unity for the easiest experience. It’s “easy” because there’s plenty of help online.

Ahh I heard about unity but...

exactly what is it?

It’s just a game engine, I would recommend checking it out.

It’s like Visual Studio, except you can see the objects of your game and move them. That’s a really poor explanation but I would really recommend trying it out.

You code in (if I recall correctly) C#

Where can I get that engine?

Type “Unity” into your search browser or go to https://unity.com

Thanks btw :)

Not a problem!

I actually found unreal much easier to work with than unity, but opinions may differ, and I haven't touched either in a long time

I think both are a pain, and tech debt on entry is pretty high. My recommendation is don't try to use unity or unreal as a platform to learn programming. Be a programmer first, and your experience won't be as bad

definitely agree with that

Anyone knows what is SSCRIPT

You still seem a bit confused but you got the spirit

python3

is there any difference functionality wise between the code on the left (my solution) and the code on the right (proposed solution)

isnt my more effective since im assigning it directly?

Read the description above

They specifically told you that they should be initialized to 0

First comes correctness then efficiency.
It's better to have correct inefficient solution than incorrect efficient solution.

Not my words

Why would it be more effective?

I guess having default zero values for the function parameters could fulfil this requirement.

Yes but that was not the point. The point was if theres any difference functionality wise 😛

For the end result in this use case, no. But your initializer function does not work according to the spec.

Init is used for initialisation.
When you initialise an object you want to only define anything that is necessary for functioning. Setting variables to 0 shows that they can't be null.
motor_speed, sensor_range, direction do not change the way DriveBot operates. So they shouldn't be parameters for init @lilac holly

Hiya all, i've been fortunate enough to be invited for the new github co-pilot software. If anybody has anything they want me to test it on or have any questions on it feel free to ask here!

If we say

# write github-copilot for autocomplition

Or something along those lines, will it give it's source code?

Been wondering this for a while ngl

@surreal bronze ^ test this too

Later on you’ll probably have a function which modifies those 3 variables. Just know that in smaller scale some things may look unoptimised @lilac holly

nah, it just gives the license

Oof

My master plan just got beaten to dust

Just include a default constructor then

Copilot is a big nope for me.

How come?

very much appreciate the answer, thank you

Gave +1 Rep to @sharp mason

Why?, I heard it's dope

hi

xd

uh

hi @lilac holly

hi jayy

emmm I come here because I want to learn programming, coding and hacking games, could someone teach me? xd

We don't do game hacking here.

a

ok xd

So what could I do here ._.

Privacy and licensing issues

Both are a big nope for enterprise code

Check out the #rules and #start-here

So one of the big issues I see with copilot is that it basically uses all of GitHub as a training set. This includes GPLv3 licensed works. Now copilot doesn't go so far as to directly include code from its training set, it will derive new code from said training. Whether this counts as derived code under the GPL has not yet been tested, but as derived code must also be licensed under the GPL, I don't think a lot of enterprises want to test that theory. GPLv3 is already blacklisted nearly everywhere I've worked so far.

Also sending code outside the enterprise is usually a big no-no as well because trade secrets and possibly confidentiality

How long until an AWS token leaks?

Tokens and secrets have been leaked, but it's taken from public code so it's tokens that have already been leaked

How long until a new token leaks I mean

But it's done from public code, so how could it leak a private token?

It analyzes submitted code as well, no?

No idea, but all I know is it's only tokens that are already breached that have shown up

Now copilot doesn't go so far as to directly include code from its training se
This is false btw

This code is distincivly from quake including the comments https://mobile.twitter.com/mitsuhiko/status/1410886329924194309

I did say derived

https://en.wikipedia.org/wiki/Fast_inverse_square_root

Oh gods it's worse than I though

I wouldn't say it can derive the comments though, it's straight up pasting from its training set hehe

Then there are major copyright and licensing issues

can't they sue co-pilot?

Probably

Can yes. Want to? Suing a huge corporation isn't exactly cheap.

There are companies that do nothing BUT sue other companies- patent trolls. It's apparently a profitable business model. Until some company with bigger wallets and more lawyers decides to say screw you to that

Or some organization like EFF gets involved

TPS report™️

https://tenor.com/view/office-space-milton-stephen-root-stapler-gif-3810312

This is more copyright than patenting but yeah

@tulip sail can I have your help for a minute?

With?

python prompt toolkit (you're the only one I know who uses it)

It's something very simple

I am making a chat app which prints messages received onto the screen as soon as they are received using print()

Now the problem is: if the other person is typing, it gets ugly

Like:

Sender: He
Receiver: Hi
llo

So don't send the data until they press send.

Thats one way but what if the receiver types halfway through and waits for an incoming message?

I was trying to get something where the receiver's message comes on top like normal chat apps.

And I guess that can be done with prompt toolkit.

Yeah, those don't send the message until you press send.

It's not about sending

It's the receiving part

Nah, you're not thinking about it correctly

Look at this one. The sender wanted to send Hello but the receiver sent Hi which was printed as soon as it was received, while the sender was still typing

I am just trying to print this received message above the typing spaces

That's it

Ok, sounds like you need something a little more advanced than the plain print

So that it becomes:

Receiver: Hi
Sender: Hello

Exactly

I guess it can be done with prompt

And @tulip sail used it in his exploit codes.

Hence I turned to him

Yeah, you'd need to print it elsewhere on the screen for that tbh

Or have the prompt elsewhere

It can't be done with a single i/o interface certainly

Yeah. Needs multiple buffers I guess

CLI is tough

Use a library

Something that'll let you write at pos x,y

Any Suggestions ?

Nope

Hello everyone, could anyone with knowledge in the python requests module please take a look at my issue here; https://stackoverflow.com/questions/68391787/how-to-upload-files-using-requests

Something like ncurses for Linux I guess

https://docs.python.org/3/howto/curses.html

This may help?

curses is good

(you can use wincurses for windows)

https://github.com/willmcgugan/textual

Very new, but it's made by the same creator of rich (very well known python library for text rendering) and looks great! Does not have much docs yet tho.

Yes.

Thanks for the advice @brazen eagle @surreal bronze . You guys are the Best

Helo
Does anyone know of a quicker/better way of doing this? - I have a big loop going over a directory of files and for every file I'm looping through a list of strings stored in hash_db.txt and delete the matching string. This is pretty slow in bash when either of hash_db.txt or the target file is large so I'm mainly looking for a way to speed it up.

...BIG LOOP over files ($file)...
while read _hash; do
  sed -e s/$_hash//g -i "$file";
  done < hash_db.txt

my super naive implementation would be using head to chop up the file, and background loops like you have above for each file chunk

ah that could be an interesting way to do it.

That's going to be the only real path to optimization without getting data structures and a programming language involved. Doing it in bash that way is always going to be O(n^2), you could probably optimize to linear time doing it in java or python or C++.

okay I've got it. It's speedy now
Simply backgrounding the sed line was enough.

It's just a small script for converting my notes so this lazy way is fine

That's doing a lot of disk writes - that is always going to be the slowest part of your algorithm

while read hashy; do
    sed -e s/%20$hashy//g -i "$k" & # <--- Background sed
done < ./hash_db.txt
wait

This reduced the runtime from ~8-10 minutes to about 1m30s, which I'm perfectly happy with
thank you (:

oh wow thats pretty clever, I have quite a few scripts I could apply this too 😄

help

help me ple

plzzz

anyone

Write a program to split digits and add 2 if a digit is ODD, add 1 if a digit is even and NONE if a digit is 9

@proper flume

java

Lol

pls help me out

We're not here to do your homework

I beg u

Im just crying man couldnt trying for so many hourrse end getting more errors

The issue you want to solve here is to decide whether a number is odd or even (or 9) .
If you Google how to do to it you'll find countless solutions

i did serach it i couldnt find

I litreally have 40 more just finished 13 this one making so mad nd im exchausted

if the input is 1234

output should be 3355

You need to think logically and break down the steps you need in order to achieve that output.
I'd advise starting with writing a small program to slice up the input into digits.
Then write another program that determines odd or even
And so on...

The first result on google literally shows a solution for your problem if you google odd or even number java

okay

right

The % operator may be useful. Though & might also work

But google it yes

TIL we can use bitwise operator for finding even or odd , GG

Bitwise operators are OP

Untitled-Diagram521.jpg

They messed up the title though

It's upsetting that they use dashes in front of the numbers. They're not negative. Or they could be but then the numbers don't line up.

I think it's just like ->

It's meant to be. But the point is that it's unclear.

How does import work in python, or other similar OOP langauges for that matter? I understand how it works and what it is, but what im missing is where is the module im importing being pulled from.
I dont need to specify a path or anything, I type import xyz as abc and module xyz gets imported under alias abc. So where is this being pulled from? is there a native directory for python where modules are stored? what about running code on offline / air-gapped machines? You need to have those external packages installed for python to be able to pull them when the code is executed, right?
At first I thought each library is basically a unique-id name tied to the library lookup (similar to how programs can be downloaded with just the name using apt) but that doesnt make no sense because it would require constant connection and makes things unreliable

Check out Pythonpath

https://docs.python.org/3/using/cmdline.html#environment-variables

thank you

Gave +1 Rep to @onyx merlin

Within a module, the module’s name (as a string) is available as the value of the global variable name.

if im understanding this correctly, python will automatically assign the global variable name based on the name of the file? and then that allows for lookup in other portions of the code / other files (?)

When the module is being imported, yes.

If the module is being executed as the main entry point, then the __name__ variable is assigned __main__, not the name of the file.

thank you juun (dont wanna @ and disturb)

Java's bytecode compiler actually replaces x % 2 == 0 by x & 1 == 0

No worries - I turn notifications off when I need to do other things.

At which level? Is that a JIT enhancement, source -> bytecode, or bytecode -> native machine code at the JVM?

Source to bytecode I think produced identical results

It was a while back

Could've been the machine code. C optimizes it with an AND

Hi folks!
I'm a student looking to expand my GitHub resume by implementing valuable projects.
I'd like to get some ideas for good projects written in C++ which are valuable/impressive for Security Research/Vulnerability Research (Linux Kernel)/Low-Level Development and Research.

So if you have recommendations, I'd like to know.
Thank you!

Check the pins, there's an image there with a bunch of project ideas

Some good stuff in there.

hey everyone. Im having an issue getting a python exploit to run. Im getting
ImportError: No module named termcolor
Google hasnt been super helpful

People just keep saying install term color lol. Though i know have it installed. Does anyone know how to fix this?

you're probably using the wrong version of python

Install termcolor for python2

thats what i was thinking. though i cant find the package name

Well, you don't install it via your OS package manager.

pip right?

You'd install it with python2 pip.

Specifically python2 pip.

pip can point to python3 pip, and does in new installs of Kali.

Typically python and pip default to the latest version, so you'll pretty much always want to specify. Weird looking syntax errors are basically the same thing, v2 and v3 are very different.

python traditionally was python2, but this really changed when python2 was deprecated.

ok so how would i go about running both?

For me I just run python2 and python3 for their respective version

no how would i get termcolor installed in python2 so it will run in this script.

i get how to run python2 and python3 but how do i get pip2 to install termcolor for python2

You'll probably need to install pip for python2

where though. the kali repositories dont seem to house python2 pip

If you can run pip2 or pip2.7 it's already there and you just have to do the pip2 install termcolor or pip2.7 I'm not 100% there, they're the same thing on my machine.

neither are on this machine pip2 and pip2.7 say command not found.

sudo apt-get install python-pip says theres no installation candidate and its been replaced by python3-pip

Nope, can install it using python2 though.

Ok but how?

I just found a couple guides on it, worth searching how.

if i cant get it through the package manager. Am i just going to pythons website and downloading an old package and installing?

dude ive been searching

https://pip.pypa.io/en/latest/installation/ And adapt based on previous information 😉

thanks for your help man.

Gave +1 Rep to @glossy isle

Now my Discord is whining at me to update so I'll be back in a bit, it's decided to get hot in here again so small break for me haha. Hopefully that page works out for you otherwise there is a stackoverflow answer if you use the right search terms 😉

Idk if you think you're helping or not. But you aren't. This isn't our first interaction. You always come back with these cryptic non-answers to legitimate questions. So Im going to let you know this now, so we don't have to do this again. If Im here asking for help with something, I have been searching for the answer at least an hour beforehand. I've read the same non answers youve given on 30 other sites before coming here. So do me a favor and just let someone else answer next time. Cool?

No need to be rude about it. Tell us what you've tried.

I did you just didnt read. You googled my question and copied and pasted an answer. You're being rude, by assuming that the person you're talking to is unintelligent and giving the lamest answers of all time.

-mute @brazen wedge 10m Go chill. Don't be rude. Accusing people of copying and pasting answers with no evidence when they haven't is quite rude, and generally you need to change the attitude you're taking towards the volunteers here.

🔇 Muted RazElGoon#4023 for 10 minutes

👀

I also found this page when i was doing some room, hope this would help ya as well https://stackoverflow.com/questions/2812520/dealing-with-multiple-python-versions-and-pip

I actually saw that one! Much appreciated. I got it fixed though. Thanks to your first link (I assume you're the same person) and a random comment on someone's github, I got it working.

Gave +1 Rep to @vernal vigil

ah they were someone else, glad you got your stuff working o/

oop, my grammer go brrr today

Well thanks anyway! I'm not totally sure what the exact issue was in the end but I had to reinstall python2 and wget pip 2 onto my machine with the correct link. It's changed since most of the instructions were written. Once that was done I ran this python2 configuration/setup.py then tried the exploit again. It ran perfectly.

Gave +1 Rep to @vernal vigil

It's pretty ridiculous that there's all this incompatibility within python. Hopefully that phases out one of these days.

storage = []
i = 0
while len(storage) <= 8:
    i = i * 2
    storage=storage.append(i)```

I can't get why am i getting this error while len(storage) <= 8: TypeError: object of type 'NoneType' has no len()

Isin't type(storage) is 'list' then why its showing 'NoneType'

I think list .append does not return a value.

Yes

As it returns none, storage get assigned to None

So it breaks after first iteration

storage = []
i = 0
while len(storage) <= 8:
    i = i * 2
    storage.append(i)

Btw, just in case it's not intended,ur appending 0 everytime, as 0 * anything gonna be 0

ah, I get i = o so 0*2 = 0

that's y none

No

That's not reason for none

It is None cuz u assigned storage = storage.append(i)

.append returned none

So storage became none

hmm, but should'nt it append i which is 0

is it appending nothing?

It append 0 to list

But return None

https://www.programiz.com/python-programming/methods/list/append

@lilac holly ^ check this

alright, thanks

it should just be python while len(storage) < bitno: i = i * 2 storage.append(i) print(storage)

this is a part of an assembly program where r12 contains the number of digits in the string(eg. "123" ,r12=3) and the string is in stack,and we have to output the string,can somebody explain it
print:
;;;; calculate number length
mov rax, 1
mul r12
mov r12, 8
mul r12
mov rdx, rax

     ;;;; print sum
     mov rax, SYS_WRITE
     mov rdi, STD_IN
     mov rsi, rsp
     ;; call sys_write
     syscall

jmp exit

i also want to know what the significance of 8 is in this code

name = input("name: ")
if name == "shane":
print("hi " + name)
else:
print("go away" + name)

example of how you can write password code

I think you mean authentication :)

how many bytes are normally allocated to the command line arguments in linux?

1 char 1 byte? ig?

Ignoring null byte and memory padding

Guy i need help with some code im creating a ransom but every time a click on build solution and a run the ransom fucking windows 10 virus pupbup

Any way that i can bypass

-ban @hallow nest Trying to create ransomware. Ban appeals are bans@tryhackme.com

🔨 Banned luckyrd12345#6838 indefinitely

did someone forget to put ethical on the server description, or did they just not read?

Try (ethical) Hack Me 😉

i'm using kali linux on macOS Big Sur with virtualbox and its really slow with scrolling and opening apps... any suggestions on how to make it less laggy?

If possible:
Increase base memory to 2048 MB (in Settings > System > Motherboard)
Increase processors to 2 (in Settings > System > Processor)
Increase Video Memory to 128 MB (in Settings > Display > Screen)

i've done all that and the base memory is 4096 but its still slow

Set the Graphics controller to VMSVGA and disable 3D accelration.

yeah i've done that already

That's all I have. 🥳

is it an M1 mac?

VirtualBox does not run on M1 at all.

ah kthen

VMware hopefully soon™️

This doesn't sound programming related though

can anybody check if this is scam link for me pls https://www.discord.com.ns12.cc/verify/

I think it isn't a scam link because it has"discord.com"

Definitely a scam. @fallen monolith ?

uh yeah, definitely

i put in a single quote and it said success kekw

(also, having "discord.com" in the middle of a domain name is not a proof of anything...)

well

it's actually ns12.cc

the subdomain is www.discord.com

yep.

but yeah

still sus