During kali installation on virtual box,avast detected a virus,how is it possible?

I was installing kaly on virtual box,on W7 host,and during the upgrading/installation package,avast has detected 2 threat,in particular on mimikaz package. Question is,how can avast “see” throug the VM?

The package hold for a bit on Host,before going in VM? I’ve always thought that 2 enviroment was isolated and separated. I downloaded kali from official site Thx for your guesses.

Is it possible to emulate all dice rolls required for a D&D5e game using just a d6, and if so, how?

This is a question that I’ve asked myself numerous times, but I’ve never gotten a really satisfying result.

The issue is this: let’s assume we only have one or multiple d6 dice (arguably the most common type of dice outside of pen & paper), but we still want to play D&D 5e or another RPG game. The game doesn’t really matter here, we just need to be able to emulate different kinds of dice, such as d4, d8, d10, d12 or d20. I presume that if calculating these dices from rolls of a d6 is possible, any other potentially required dice rolls can be calculated as well in a similar fashion.

Therefore: How can the probability results of a d4, d6, d8, d10, d12 and d20 be emulated by rolling only with a d6?

Possible to use master method on T(n)/g(n)=aT(n/b)+f(n)

The master theorem can be used in case of a recurrence relation of the form

1) $ T(n) = aT(\frac{n}{b}) + f(n)$

My question is whether it can be applied if

2) $ \frac{T(n)}{g(n)} = aT(\frac{n}{b}) + f(n)$ .

My gut feeling is that is should be possible: just solve equation 2 by solving equation 1, and then multiply the asymptotic bound I receive by $ g(n)$

I just can’t prove it

Is it really possible to hide behind another player character?

So I’ve been DMing a 5e game lvl 1-3 so far. And I have a question about stealth for my rogue. My player has been hiding behind/stealthing behind another PC.

So this is what usually happens. PCs bust into a room, and the enemies see him. The rogue makes a stealth check and hides behind a PC as a bonus action, then attacks from stealth and gets sneak attack. He will do this every round. I do try to do Perception for the NPCs, but they fail. So he basically disappears for the whole encounter.

So then he attacks cause he is fully hidden and gets a sneak attack every time. This seems OP!! I thought you could only hide in full cover. I know the Skulker feat allows a player to hide in partial cover, which I looked up. Hiding behind a PC of medium size only allows partial cover. Please help me! I just wanna make sure I’m doing this right and I hate players who take advantage of a loop hole.

possible new Target URLs from present accounts.

i  keep getting the same message thousands of times, i have deleted/blocked the domain/url in the global system as well as in the specific project (after turning off all projects except one to isolate the problem)
the same message again & again is :-
15:46:00: [-] 1/1 PR-0 too low – http://www.gomaze-play.de/index.php?page=Register&action=register
15:46:00: [+] 001 possible new Target URLs from present accounts.
it is already listed in
project > options > skip sites with the following words in url/domain

Is it possible to use a whip as an instrument because it creates a “sonic boom?” Furthermore, can they attack while “performing?”

I noticed that a whip when used creates a sonic boom. The definition of a musical instrument is as follows

A musical instrument is a device created or adapted to make musical sounds. In principle, any object that produces sound can be considered a musical instrument—it is through purpose that the object becomes a musical instrument.

Under performance it reads

Your Charisma (Performance) check determines how well you can delight an audience with music, dance, acting, storytelling, or some other form of entertainment.

Because of this, I was wondering if I could do something akin to a bladedancer with whips for dancing and use my charisma modifier to attack as my character danced around the battlefield. As far as I know, that’s not an option in 5e (at least not with officially available material, but material allowed under unearthed arcana would work.

If an altered bladedancer is not an option, I was thinking maybe bard/ranger (bard 1st) with war caster feat and dual wielding. Would this work?

Is it possible to kill a vampire with washing vacuum cleaner? [closed]

Imagine a wizard who are proficient with tinkerer & smith tools and know the Fabricate spell.

Imagine he use Fabricate to create admantine washing vacuum cleaner from admantine ignots and enchant it (Gust of Wind & Create Water spells) to have vacuum and water generator inside it to make it work.

Imagine he suck a vampire (in Mist Form) inside such device.

Would this vampire be killed by water flow inside it?

Is it possible to detect an ssh tunnel used to bypass full vpn tunneling?

Assuming that regular workflow involves:

  1. Client connects to our VPN (full tunnel)
  2. Client uses ssh to connect to a machine
  3. Via this ssh connection, client interacts with system.

If the user were to bypass the full VPN tunnelling by using an intermediate machine and then using that intermediate machine as an ssh jump host, are there any characteristics that could be identified within the local network?

As a sysadmin, can I detect this?

To expand further, how does this extend with ssh tunneling? Ie let’s say there is a service that is exposed out of the VPN using ssh tunneling?

Is it possible to find a supersequence of a single array?

In Jeff Erickson’s Algorithms textbook, the chapter on Dynamic Programming asks you to “Describe an efficient algorithm to compute the length of the shortest oscillating supersequence of an arbitrary array A of integers”.

A supersequence contains all of the elements from the original array X[1…n], and oscillating is defined as X [i] < X [i + 1] for all even i, and X [i] > X [i + 1] for all odd i.

However, I am not asking about the answer to this problem. I am just wondering if this question even is sound. How can you find a supersequence of a single array? Wouldn’t the answer just be the length of the original array if all elements are oscillating? Else, 0. Usually, a supersequence is found between multiple arrays.

Internal server error with special characters in request body – possible vulnerability?

While blackbox testing of web-application, I found some unexpected behavior. Request body of original request, sent by browser, contained post parameter like this:

user[email]=test@test.test 

After some fuzzing, application returned 500 (Internal Server Error) on queries that started by %00 (null byte), followed by characters not equal to %09, %0a (new line), %0b, %0c, %0d and %20 (space). If it is followed by one more null byte, or one of already mentioned characters, it behaves properly.

I’m pretty new to web testing, and wondered what can cause this, and is it really unexpected behavior.

I suggested this code to execute some code and sanitizing other characters like “, ‘ and others to prevent command injection, but null byte terminates string with the command, so the command goes wrong (for example, missing ‘ or ” in the command), but why it needs other character after the null byte?

Or maybe this is related to specialized functions to send mail in other languages?

Also, I thought about database processing, but it still does not make sense, why we need this characters in the end, and why new line, space and others, changes the behavior.

What could lead to this behavior, and is it worthy point to research deeper?