Client side password hashing with exposed salt word – did I find a breach?

I downloaded a software that has a login interface. It’s a $ 100 a month subscription software.

I disassembled the software and found that passwords are being sent by combining them with a hard coded “salt” that everyone can see in the source code (is it really “salt” if it’s the same for everyone?), encrypting them with MD5 and sending the hash to the server.

I hope that the passwords are encrypted again on the server side with unique salts to every user, but even if they do, isn’t this a breach? Can’t an attacker sniff the passwords easily, or do a send-the-hash attack?

In 5e D&D, do Noble Genies suffer the side effects of wishes?

In the Monster Manual, there is an optional rule for genies, one to allow the wish-granting kind. In accordance with legends, and the way that the text describes it, surely these genies aren’t risking losing the spell every time they grant a wish, right? Or else, why would a genie ever agree to grant a wish? (unless they only ever copied an 8th level spell or bellow)

Handlebars.js 4.1.1 Server Side Template Injection exploitation – running system commands with a Node.js RCE when require() is not available?

I’m currently reading the following article and trying to exploit the vulnerability (Handlebars.js 4.1.1 Server Side Template Injection):

http://mahmoudsec.blogspot.com/2019/04/handlebars-template-injection-and-rce.html

Sure enough, the proof of concept code works fine. Specifically, the final snippet from Matias works in my setup. However, after all those context changes, I no longer have access to the require keyword, and therefore I cannot do require('child_process').exec(), because it says require is not defined.

I tried looking for global variables in the current context which might help me, but found nothing.

I also considered copying the whole child_process library’s source code into my payload, but that’s not trivial, since the library uses other libraries and some specific variables, which are not initialized for me (primordials, for example).

In order to continue the assignment, I need to get a reverse shell on the target machine. How can I use the RCE to run system commands/get a reverse shell if I cannot use require()?

Ray Tracer – How do I fix fish eye effect on side walls?

I’ve come here because I can’t seem to find out what’s wrong with my ray tracer.

I fixed the fish eye effect when looking straight on at walls, but the effect remains when the player is looking at walls to the side.

I think it’s because most of the rays hit the surface close to the player, while fewer and fewer rays hit more distant walls, resulting in a curve. The only problem is I don’t know how to make it appear linear.

    float dist = distance*cos(angle); //fix distorted distance     float rat = (depth-(dis))/depth; //calculate ratio for wall height     float h = 64*rat; //calculate height     PImage slice = sprites[0].get((int)(inter/2),0,1,16); //get image slice     image(slice,i*4,768-h/2,4,h); //display image slice 

In this example, the top screen is the raw data while the bottom screen it the ray traced 2.5D image. I’ve made the rays visible.

enter image description here

WordPress posts in the loop not stacking side by side

I was following a wp theme developement tutorial but somehow the posts from main loop and projects are not showing side by side ..although all other css works fine here is my code

front-page.php

<?php get_header();?>      <div id="banner">         <h1>&lt;GTCoding/&gt;</h1>         <h3>Learn coding from scratch</h3>     </div>      <main>         <a href="<?php echo site_url('/blog');?>">             <h2 class="section-heading">All Blogs</h2>         </a>        <?php         $  args =  array(          'post_type' => 'post',          'posts_per_page' => 2         );         $  blogposts = new WP_Query($  args);          while($  blogposts->have_posts()){             $  blogposts->the_post();        ?>         <section>             <div class="card">                 <div class="card-image">                     <a href="<?php echo the_permalink(); ?>">                         <img src="<?php echo get_the_post_thumbnail_url(get_the_ID()); ?>" alt="Card Image">                     </a>                 </div>                  <div class="card-description">                     <a href="<?php echo the_permalink(); ?>">                         <h3><?php the_title(); ?></h3>                     </a>                     <p>                        <?php echo wp_trim_words(get_the_excerpt(),30); ?>                     </p>                     <a href="<?php echo the_permalink(); ?>" class="btn-readmore">Read more</a>                 </div>             </div>           <?php }              wp_reset_query();            ?>          </section>          <a href="<?php echo site_url('/projects');?>">             <h2 class="section-heading">All Projects</h2>         </a>          <?php         $  args =  array(          'post_type' => 'project',          'posts_per_page' => 2         );         $  projects = new WP_Query($  args);          while($  projects->have_posts()){             $  projects->the_post();        ?>         <section>             <div class="card">                 <div class="card-image">                     <a href="<?php echo the_permalink(); ?>">                         <img src="<?php echo get_the_post_thumbnail_url(get_the_ID()); ?>" alt="Card Image">                     </a>                 </div>                  <div class="card-description">                     <a href="<?php echo the_permalink(); ?>">                         <h3><?php the_title(); ?></h3>                     </a>                     <p>                        <?php echo wp_trim_words(get_the_excerpt(),30); ?>                     </p>                     <a href="<?php echo the_permalink(); ?>" class="btn-readmore">Read more</a>                 </div>             </div>           <?php }              wp_reset_query();            ?>          </section>          <h2 class="section-heading">Source Code</h2>          <section id="section-source">             <p>                 Lorem ipsum dolor sit amet consectetur adipisicing elit. Rerum neque qui delectus ad dolor blanditiis perferendis praesentium                 consectetur aut sed provident obcaecati aspernatur perspiciatis, dolores nobis pariatur ipsum vel corrupti!             </p>             <a href="#" class="btn-readmore">GitHub Profile</a>         </section>        <?php get_footer();?> 

header.php

<!DOCTYPE html> <html lang="en">  <head>     <meta charset="UTF-8">     <meta name="viewport" content="width=device-width, initial-scale=1.0">     <meta http-equiv="X-UA-Compatible" content="ie=edge">     <title>GTCoding</title>     <?php wp_head(); ?> </head>  <body>     <div id="slideout-menu">         <ul>             <li>                 <a href="<?php echo site_url('');?>">Home</a>             </li>             <li>                 <a href="<?php echo site_url('/blog');?>">Blog</a>             </li>             <li>                 <a href="<?php echo site_url('/projects');?>">Projects</a>             </li>             <li>                 <a href="<?php echo site_url('/about');?>">About</a>             </li>             <li>                 <input type="text" placeholder="Search Here">             </li>         </ul>     </div>      <nav>         <div id="logo-img">             <a href="#">                 <img src="<?php echo get_template_directory_uri();?>/img/logo.png" alt="GTCoding Logo">             </a>         </div>         <div id="menu-icon">             <i class="fas fa-bars"></i>         </div>         <ul>             <li>                 <a class="active" href="<?php echo site_url('');?>">Home</a>             </li>             <li>                 <a href="<?php echo site_url('/blog');?>">Blog</a>             </li>             <li>                 <a href="<?php echo site_url('/projects');?>">Projects</a>             </li>             <li>                 <a href="<?php echo site_url('/about');?>">About</a>             </li>             <li>                 <div id="search-icon">                     <i class="fas fa-search"></i>                 </div>             </li>         </ul>     </nav>      <div id="searchbox">         <input type="text" placeholder="Search Here">     </div> 

footer.php

  <footer>             <div id="left-footer">                 <h3>Quick Links</h3>                 <p>                     <ul>                         <li>                             <a href="index.html">Home</a>                         </li>                         <li>                             <a href="about.html">About</a>                         </li>                         <li>                             <a href="#">Privacy Policy</a>                         </li>                         <li>                             <a href="blogslist.html">Blogs</a>                         </li>                         <li>                             <a href="blogslist.html">Projects</a>                         </li>                         <li>                             <a href="#">Contact</a>                         </li>                     </ul>                 </p>             </div>              <div id="right-footer">                 <h3>Follow us on</h3>                 <div id="social-media-footer">                     <ul>                         <li>                             <a href="#">                                 <i class="fab fa-facebook"></i>                             </a>                         </li>                         <li>                             <a href="#">                                 <i class="fab fa-youtube"></i>                             </a>                         </li>                         <li>                             <a href="#">                                 <i class="fab fa-github"></i>                             </a>                         </li>                     </ul>                 </div>                 <p>This website is developed by GTCoding</p>             </div>         </footer>      </main>   <?php wp_footer();?> </body>  </html> 

enter image description here

it should show like this

enter image description here

here is my index.html code

<!DOCTYPE html> <html lang="en">  <head>     <meta charset="UTF-8">     <meta name="viewport" content="width=device-width, initial-scale=1.0">     <meta http-equiv="X-UA-Compatible" content="ie=edge">     <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.1.0/css/all.css" integrity="sha384-lKuwvrZot6UHsBSfcMvOkWwlCMgc0TaWr+30HWe3a4ltaBwTZhyTEggF5tJv8tbt"         crossorigin="anonymous">     <link href="https://fonts.googleapis.com/css?family=Roboto|Roboto+Condensed|Roboto+Slab" rel="stylesheet">     <link rel="stylesheet" href="style.css">     <title>GTCoding</title> </head>  <body>     <div id="slideout-menu">         <ul>             <li>                 <a href="index.html">Home</a>             </li>             <li>                 <a href="blogslist.html">Blog</a>             </li>             <li>                 <a href="blogslist.html">Projects</a>             </li>             <li>                 <a href="about.html">About</a>             </li>             <li>                 <input type="text" placeholder="Search Here">             </li>         </ul>     </div>      <nav>         <div id="logo-img">             <a href="#">                 <img src="img/logo.png" alt="GTCoding Logo">             </a>         </div>         <div id="menu-icon">             <i class="fas fa-bars"></i>         </div>         <ul>             <li>                 <a class="active" href="index.html">Home</a>             </li>             <li>                 <a href="blogslist.html">Blog</a>             </li>             <li>                 <a href="blogslist.html">Projects</a>             </li>             <li>                 <a href="about.html">About</a>             </li>             <li>                 <div id="search-icon">                     <i class="fas fa-search"></i>                 </div>             </li>         </ul>     </nav>      <div id="searchbox">         <input type="text" placeholder="Search Here">     </div>      <div id="banner">         <h1>&lt;GTCoding/&gt;</h1>         <h3>Learn coding from scratch</h3>     </div>      <main>         <a href="blogslist.html">             <h2 class="section-heading">All Blogs</h2>         </a>          <section>             <div class="card">                 <div class="card-image">                     <a href="blogpost.html">                         <img src="img/1.jpg" alt="Card Image">                     </a>                 </div>                  <div class="card-description">                     <a href="blogpost.html">                         <h3>The Blog Title Here</h3>                     </a>                     <p>                         Lorem ipsum dolor sit, amet consectetur adipisicing elit. Blanditiis, ullam facilis consequuntur eligendi sit accusamus tempora                         cum distinctio pariatur ipsa quod, odit dolorum non vero recusandae? Corporis voluptatem optio nulla.                     </p>                     <a href="blogpost.html" class="btn-readmore">Read more</a>                 </div>             </div>              <div class="card">                 <div class="card-image">                     <a href="blogpost.html">                         <img src="img/2.jpg" alt="Card Image">                     </a>                 </div>                  <div class="card-description">                     <a href="blogpost.html">                         <h3>The Blog Title Here</h3>                     </a>                     <p>                         Lorem ipsum dolor sit, amet consectetur adipisicing elit. Blanditiis, ullam facilis consequuntur eligendi sit accusamus tempora                         cum distinctio pariatur ipsa quod, odit dolorum non vero recusandae? Corporis voluptatem optio nulla.                     </p>                     <a href="blogpost.html" class="btn-readmore">Read more</a>                 </div>             </div>         </section>          <a href="blogslist.html">             <h2 class="section-heading">All Projects</h2>         </a>          <section>             <div class="card">                 <div class="card-image">                     <a href="blogpost.html">                         <img src="img/3.jpg" alt="Card Image">                     </a>                 </div>                  <div class="card-description">                     <a href="blogpost.html">                         <h3>The Project Title Here</h3>                     </a>                     <p>                         Lorem ipsum dolor sit, amet consectetur adipisicing elit. Blanditiis, ullam facilis consequuntur eligendi sit accusamus tempora                         cum distinctio pariatur ipsa quod, odit dolorum non vero recusandae? Corporis voluptatem optio nulla.                     </p>                     <a href="blogpost.html" class="btn-readmore">Read more</a>                 </div>             </div>              <div class="card">                 <div class="card-image">                     <a href="blogpost.html">                         <img src="img/4.jpg" alt="Card Image">                     </a>                 </div>                  <div class="card-description">                     <a href="blogpost.html">                         <h3>The Project Title Here</h3>                     </a>                     <p>                         Lorem ipsum dolor sit, amet consectetur adipisicing elit. Blanditiis, ullam facilis consequuntur eligendi sit accusamus tempora                         cum distinctio pariatur ipsa quod, odit dolorum non vero recusandae? Corporis voluptatem optio nulla.                     </p>                     <a href="blogpost.html" class="btn-readmore">Read more</a>                 </div>             </div>         </section>          <h2 class="section-heading">Source Code</h2>          <section id="section-source">             <p>                 Lorem ipsum dolor sit amet consectetur adipisicing elit. Rerum neque qui delectus ad dolor blanditiis perferendis praesentium                 consectetur aut sed provident obcaecati aspernatur perspiciatis, dolores nobis pariatur ipsum vel corrupti!             </p>             <a href="#" class="btn-readmore">GitHub Profile</a>         </section>          <footer>             <div id="left-footer">                 <h3>Quick Links</h3>                 <p>                     <ul>                         <li>                             <a href="index.html">Home</a>                         </li>                         <li>                             <a href="about.html">About</a>                         </li>                         <li>                             <a href="#">Privacy Policy</a>                         </li>                         <li>                             <a href="blogslist.html">Blogs</a>                         </li>                         <li>                             <a href="blogslist.html">Projects</a>                         </li>                         <li>                             <a href="#">Contact</a>                         </li>                     </ul>                 </p>             </div>              <div id="right-footer">                 <h3>Follow us on</h3>                 <div id="social-media-footer">                     <ul>                         <li>                             <a href="#">                                 <i class="fab fa-facebook"></i>                             </a>                         </li>                         <li>                             <a href="#">                                 <i class="fab fa-youtube"></i>                             </a>                         </li>                         <li>                             <a href="#">                                 <i class="fab fa-github"></i>                             </a>                         </li>                     </ul>                 </div>                 <p>This website is developed by GTCoding</p>             </div>         </footer>      </main>      <script src="main.js"></script> </body>  </html> 

What measures can I take to prevent Server Side Request Forgery (SSRF) in a JAX-RS Application running on Apache Tomcat?

If I have a an application server that uses an implementation of JAX-RS, and is running as *.war file on an Apache Tomcat server, is there anything special that needs to be done or configured to prevent SSRF attacks?

My naive understanding is that JAX-RS application are only serving requests to certain URLs and Apache Tomcat only allows requests to certain resources.

If this is handled by default by JAX-RS or Apache Tomcat, could you explain how?

If this is not handled by default by JAX-RS nor Apache Tomcat, could you explain the best way to prevent this type of attack with these tools?

Specific versions:

  • JAX-RS api 2.1
  • Apache Tomcat 9.0.33

Are grammars consisting only of rules with one symbol on each side NL-complete?


The unrestricted grammars characterize the recursively enumerable languages. This is the same as saying that for every unrestricted grammar G there exists some Turing machine capable of recognizing L(G) and vice versa.

Context: Grammars are Turing-complete. Therefore complexity classes like NL have equivalences in grammars.

One important NL-complete problem is ST-connectivity (or “Reachability”) (Papadimitriou 1994 Thrm. 16.2), the problem of determining whether, given a directed graph G and two nodes s and t on that graph, there is a path from s to t. ST-connectivity can be seen to be in NL, because we start at the node s and nondeterministically walk to every other reachable node. ST-connectivity can be seen to be NL-hard by considering the computation state graph of any other NL algorithm, and considering that the other algorithm will accept if and only if there is a (nondetermistic) path from the starting state to an accepting state.

Given a directed graph, deciding if a->b is a directed path is NL-complete.

We will reduce the directed graph to a grammar rules with one symbol on each side:

For each directed edge in the graph, add a grammar rule. The directed edge a->b becomes the grammar rule a|b.

The NL-complete query becomes, “If I set a to the start symbol, can I derive symbol b using the grammar rules?”

Each grammar rule has one symbol on each side (i.e. a|b).

Therefore grammar rules with one symbol on each side is NL-complete.

Are grammars consisting only of rules with one symbol on each side NL-complete?

How to create a Datum for database NULL in PostgreSQL a server side C function?

I was just wondering how to create a Datum for the database NULL value in PostgreSQL?

I known there is PG_RETURN_NULL() for returning a database NULL in a LANGUAGE C function. But I just want to create a Datum for NULL, e.g. to be stored in an array (or record). Should I just use (Datum) 0?

(This is with PostgreSQL 12)

Does the target choose which side they move to for Wall of Ice?

The description for Wall of Ice states

“If the wall cuts through a creature’s space when it appears, the creature within its area is pushed to one side of the wall and must make a Dexterity saving throw. On a failed save, the creature takes 10d6 cold damage, or half as much damage on a successful save.”

For both Wall of Stone and Wall of Force the spells specificity it is “Your choice” which side they arrive on, with Wall of Stone triggering a Dex save to see if they can avoid it. Wall of Ice’s save only state doing damage, but nothing about getting a chance to escape.

Does that lack of specifying the caster’s choice mean that it is the target’s choice by default? Do creatures surrounded by the walls not get a chance to escape as long as they are untouched?

My current reading is that if a target is hit by the wall they can escape freely, but if you can enclose the targets without the wall touching them they would be trapped without a save to escape. Would that be correct?

Is cookie information stored on the server side?

I thought cookies are stored on client side only, as files. Then I realize if cookies are not stored on server side, how could a server match a cookie just received from a client to some session or other information created in the past?

So is it correct that cookie information is also stored on the server side?

How does a server store cookie information?

I have searched about “client side cookie” and “server side cookie” and reached several discussions including

  • https://www.quora.com/Are-cookies-client-side-or-server-side,

  • https://stackoverflow.com/questions/6922145/what-is-the-difference-between-server-side-cookie-and-client-side-cookie.

Thanks.