WordPress night mode does not work for video [closed]

I am using this js for night mode. Everything works fine but uploaded video is inverted too. How can I fix it and uploaded video does not inverted into night mode or certain div?

jQuery(document).ready(function($  ){ var sheet = window.document.styleSheets[0];  var begin_enabled = false;  if(night_mode.auto_set == true) {     var start_hour = parseInt(night_mode.start_time.substring(0,2));     var start_minute = parseInt(night_mode.start_time.substring(3,5));     var end_hour = parseInt(night_mode.end_time.substring(0,2));     var end_minute = parseInt(night_mode.end_time.substring(3,5));     var d = new Date();     var current_hour = parseInt(d.getHours());     var current_minute = parseInt(d.getMinutes());     if( start_hour == end_hour ) {         begin_enabled = (current_hour == start_hour && start_minute < current_minute && end_minute > current_minute);     } else if (start_hour < end_hour) {         begin_enabled = ((start_hour == current_hour && start_minute <= current_minute) || (end_hour == current_hour && end_minute >= current_minute) || (start_hour < current_hour && end_hour > current_hour));     } else {         begin_enabled = ((start_hour == current_hour && start_minute <= current_minute) || (end_hour == current_hour && end_minute >= current_minute) || (start_hour < current_hour || end_hour > current_hour));     } }  var cookie_val = wpCookies.get('night-mode-enabled', '/'); if( null != cookie_val && 'enabled' == cookie_val ) {     begin_enabled = true; } else if( null != cookie_val && 'disabled' == cookie_val ) {     begin_enabled = false; }  if(begin_enabled == true) {         sheet.insertRule("html, video, img {-webkit-filter: invert(1) hue-rotate(180deg);filter: invert(1) hue-rotate(180deg);}", sheet.cssRules.length);         $  ('#night_mode_checkbox').prop('checked', true);         wpCookies.set('night-mode-enabled', 'enabled', 60, '/' ); } else {     wpCookies.set('night-mode-enabled', 'disabled', 60, '/' ); }  $  ( '#night_mode_checkbox' ).change(function(){     console.log('changed');     if(document.getElementById('night_mode_checkbox').checked){         sheet.insertRule('html, video, img {-webkit-filter: invert(1) hue-rotate(180deg);filter: invert(1) hue-rotate(180deg);}', sheet.cssRules.length);         wpCookies.set('night-mode-enabled', 'enabled', 60, '/' );     }     else{         sheet.insertRule('html, video, img{-webkit-filter: invert(0) hue-rotate(0deg);filter: invert(0) hue-rotate(0deg);}', sheet.cssRules.length);         wpCookies.set('night-mode-enabled', 'disabled', 60, '/' );     } }); 

});

Benefit of using OpenSSH FIDO/U2F support over GPG mode?

OpenSSH version 8.2 introduced support for FIDO/U2F hardware authenticators, via the new public key types “ecdsa-sk” and “ed25519-sk”.

I currently have SSH authentication set up in combination with gpg subkeys by using my security key in GPG mode. I am wondering if there is any benefit (especially security related) to the native support over the old GPG solution, but could not find any obvious ones.

How to install SQL Server 2017 Express in “Quiet Simple” mode without an extraction folder?

I need to install SQL Server 2017 Express with as little user interaction as possible. I am using the SQLEXPR_x64_ENU.exe setup file that I found a Microsoft download for.

Currently I can do exactly what I want with 2012 by using the following parameters:

/FEATURES="SQL, Tools" /QS /IACCEPTSQLSERVERLICENSETERMS /ADDCURRENTUSERASSQLADMIN=1 /ACTION="Install" /ERRORREPORTING=0 /INSTANCENAME="MyDB" 

In 2012 this works great, however I am trying to now do the same in 2017. The problem I have is that it creates an extraction folder called “SQLEXPR_x64_ENU” in the same directory as the install. This is not desirable.

Question: Is there anyway to prevent this extraction folder from being used, so that it functions that same as the 2012 setup?

Alternatively, one of the following solutions would be acceptable:

  • Allow the user to select the extraction location – like it does with default install (non-quiet) – but still ensure /QS mode for the rest of the setup
  • Have the extraction folder automatically deleted after setup (it wouldn’t be so bad if it cleaned up it’s mess after it was finished)

Is PHP safe mode enabled on target webserver? [closed]

I am doing a CTF style web exploit challenge which should be a ‘simple’ RCE.

I have two potential avenues, one of which is an image upload where I have already bypassed restrictions on file types by changing the character casing on phP.

From there I have accessed the /uploads directory and clicked on my shell.phP.

This is where I am having problems. I am using the php shell below but all that is being returned to the screen is $ output.

Does this mean there are protective configurations, ‘safe-mode’ on the server side preventing execution of the shell command?

If yes, can this be bypassed?

<?php      $  output = shell_exec('/usr/bin/ls');      echo "<pre>$  output</pre>";  ?>  

How did a website make an accurate assumption of my identity in incognito mode? [duplicate]

What piece of information can websites retrieve that would allow for later identification without cookies?

Intro Out of interest I jumped into the rabbit hole of online marketing scams. The site I visited* used a system called Proof** to show ‘conversions’ (cq. signups) to visitors and I was curious if this system could be fooled, since the traffic I witnessed seemed way too high.

Case The Proof homepage made an assumption about my identity even though I visited all these sites whilst in incognito mode. The assumption was pretty accurate: it assumed my identity was the company someone I share my WiFi with works for. Both on desktop as on mobile it printed:

Easily personalize Companyname website for every visitor. 

It even came up with the correct domain name, Companyname.tk
It did however fail on Tor, and printed the generic message:

Easily personalize your website for every visitor. 

Question How could this site that I’ve never visited assume my identity almost correctly whilst without cookies?
1. I am aware of the possibility that this site gathers data through many other (junk) sites about things like browser use, screen size, device use, and location. However, this information alone is very generic (chrome, desktop) to make a prediction. In addition, I live in a densely populated area and this company does not the biggest employer of the area.
2. This prediction was just a lucky shot.

What piece of information can websites track that would allow for identification without cookies?

Thanks for reading!

*https://www.bolmasterclass.nl/
**http://useproof.com/

EDIT: It was not my purpose to hide my identity, I am just curious on what data they could make this estimation. The incognito part is just interesting because it doesn’t allow for cookie-based predictions.

Everyone’s pointing at IP, so I believe my misconception (through sites like IP-lookup & rDNS that are 100 miles off) was that IP was not that specific.

Is there any drawbacks of “accepting all cookies” while in incognito mode?

Since the GDPR landed, many websites have to inform you about their cookie usage and give you an option to enable/disable them for provider and for reason of storage. Say that I find a link I want to read but they ask for consent of storing cookies in my device (which I would rather not, if possible)

Am I fine if I open a private/incognito window and accept all cookies there and close it after I’m done?

The reason behind this is because having to withdraw consent of all links I click quickly becomes a tedious task. Please also note that disabling cookies is not an option for two reasons: there are sites from which I want to store cookies and I intend to do this in all of my devices, not only in a specific system

Tunnel and Transport Mode in IPSec, is it possible to combine them?

I’ve been wondering between two cases,

1 – tunnel from A to C and a tunnel from B to D, would it be possible to send a packet for A to D?

2 – Transport from A to D, and let’s say tunnel from B to D

Would it be possible to send a packet in any of these cases?

I assume for case 1 it wouldn’t be possible because of SA, and decryption would get messy But for the second case, I mean, that does sounds logical to me..

Could you share your thought?

Alfa wireless card monitor mode problem [closed]

enter image description hereI have a wireless card (Alfa AWUS036H) that I use for pen-testing on my test network. Due to my recent interest in network hacking, I picked up this card and put it into monitor mode. While it scanned networks fine and picked up strong signals from neighboring networks, if I disconnected it or restarted my computer the next day, it would not discover any networks using the command airodump-ng wlan0mon wlan0mon being the interface of the card.

To get the card to work again, I would have to restart the virtual box, unplug the device or even restart my computer multiple times to get it to work. I don’t know if it is a software problem or a hardware issue. If this was a real-world situation this would in no way be practical.

I run kali-linux 2019.1 on virtual-box 5.2. My computer runs on Windows 10.

Your help would be appreciated.