UTF8mb4 MariaDB 10.4 – Max key length is 767 bytes error

I am running MariaDB 10.4. I am trying to setup symmetricDS for database syncing. Some of the tables it creates have fields that are are VARCHAR(255). I know UTF8mb4 can only support up to VARCHAR(191)

I know I can setup my database to be UTF8 and this problem goes away. But it is my understanding that is not ideal solution. I can’t change the tables/fields that symmetricDS is creating.

I have read some other posts about this, since there are many. But haven’t seen anything above MariaDB 10.2 which I believe I read that things have changed with the engines past 10.2. So I just want to see if it is all still relevant.

Is there any way this can be resolved, while staying with UTF8mb4? Or does it even matter and just go to UTF8?

How export WireShark Packet List and Packet Bytes to txt file or csv file? [migrated]

enter image description here

how export WireShark csv file or txt file Packet List and Packet Bytes i want txt file or csv file to export in the following way

no Time Source DesTination Protocol Length Source Info HexCode AsciiCode 1 14:41:10 SNMP 83 7c:2a:31 get-request 90 9f 33 ..3

because i need a form export file import to database

but WireShark export function only Offer this txt form or csv form

No. Time Source Destination Protocol Length Source Info 1 14:41:10.426308 SNMP 83 7c:2a:31:3b:da:17 get-request 0000 90 9f 33 f7 29 e6 7c 2a 31 3b da 17 08 00 45 00 ..3.).|*1;….E. 0010 00 45 5a 23 00 00 80 11 b6 b1 0a 0a 00 96 c0 a8 .EZ#…………

i needed Separated by tabs or commas form how can i do this export problem

How to determine start and end bytes of LUKS header?

How can I determine the exact start byte and exact end byte of a LUKS header on a block storage device?

I use Linux Unified Key Setup (LUKS) for Full Disk Encryption (FDE), so all of the data on my drive is encrypted using a strong master key that’s not derived from my passpharse, and I’m working on a script that will securely wipe the drive in an panic/emergency shutdown situation (ie: someone is physically stealing your laptop).

Let’s say I have a 1000T drive and time is too short (~30 seconds) in my emergency scenario to actually fill the drive with random bytes. Instead, I’d just like to overwrite the header because all of the data on the drive is worthless if the master key and/or salts stored in the LUKS header’s keyslots area is lost–even if the passphrase were recovered via rubber-hose cryptanalysis.

How can I safely determine the start byte and end byte of the LUKS header so I know what to overwrite?

Note: The solution provided must be valid for both LUKS1 (released in 2014) and LUKS2 (released in 2018).

Edit: I know I can just overwrite the first 10 MiB and be sure to get the entire LUKS header, but I’d also like the ability to restore the header in the future in-case the emergency shutdown was accidental (triggered by a false-positive). So knowing the exact start & end bytes of the LUKS header are critical to avoid the risk of data corruption if restoring the LUKS header.

What are some of the benign use cases of injecting bytes into another process and creating remote thread?

So lets say you are developing an AV, and marked any type of injecting into another process (for example openning it and writing to it) malicious

if so, what will be some of the false positives? will a normal user who just wants to install normal apps and browse the web be effected?

i just don’t understand why would an benign app need to do this? and how common is it? for example if its only 1 in a billion benign app that does this, then why allow it at all?

Is it safe to implement 15 bytes password reset tokens?

I want to figure out how safe is to implement a 15 bytes long password reset token.

If we have 26 letters and 10 numbers, 36 possibilities per byte. And we have a 15 byte long token, that means that the total amount of possibilities is 36^15.

Is it possible to brute-force and find a token in a reasonable amount of time? The amount of possibilities here is really really big, so i don’t understand why other websites implement a +32 or +50 byte long tokens.

Can someone explain that and maybe the math behind this to probe if this is possible?

Let’s assume we can brute-force at 15k request per second

Is a Buffer Overflow / NOP Slide possible for memory addresses that contain null bytes?

I have been reading up on Buffer Overflows and NOP Sleds. I tried to use the exploit on an example target and I got stuck because I needed to inject a null byte in the return address for my BP so that my program does not crash. I have become aware of the fact that it is not possible to call a C program from command-line with a string that contains null bytes.

So, my questions is how to perform a buffer overflow in case the target memory address contains null bytes? Also, this would make NOP sleds as useless because the return address would contain null bytes as well, right?

Because I am completely new to C programming and exploitation in general it might be that I overlooked something obvious like zeroing out a part of memory after injection to construct a valid memory address but google search did not yield any understandable results for me.

At last, it is always the case that a stored memory address in memory ends with a null byte? Based on my observations I assume this is necessarily the case but there might be other options to interpret stored data as memory addresses without a null byte at the end.

Does the term “malware signature” always refer to a pattern of bytes?

I know that traditionally a malware signature is a pattern of bytes in a program. While reading Joxean Koret and Elias Bachaalany’s “Antivirus Hacker’s Handbook” I saw that the authors categorized the use of call-graphs and flow-graphs in malware detection as forms of signature-based detection.

Is it accepted that call-graphs and flow-graphs could be considered signatures? If so then what is the general definition of a malware signature?

malloc() deja bytes vacíos entre medias al guardar char*

Antes que nada, soy bastante nuevo en C, pero en un tutorial en internet vi un ejercicio para manejo del heap que me interesó programar en mi máquina.

He aquí el código que reserva y escribe en el heap:

char* texter = "Muestra para StackOverflow";  int *i = (char*)malloc(1024);    for (int a = 0; a < strlen(texter); a++) {     i[a] = texter[a]; } 

Partiendo de que todo va bien y de que el texto se escribe en la memoria, según he visto por ese tutorial, el texto x justo antes de malloc() le debería decir que separe en bloques del tamaño de x a la hora de escribir en la memoria.
Aun así, el dump de memoria una vez ejecutado el código sería grosso modo:

 4d 00 00 00 75 00 00 00 65 00 00 00 73 00 00 00 74 00 00 00 72 00 00 00 61 00 00 00... 

Se puede apreciar cómo entre carácter y carácter están 3 bytes vacíos, significando que cada término ocupa cuatro caracteres.
Escribir char* antes de malloc() no debería evitar los huecos en cero al ajustar el ancho del bloque a un byte, que es justo el ancho de char*; y sólo aparecer en esta cantidad si escribo long*?

Gracias de antemano.