I’ve got players who rely heavily on Leomund’s Tiny hut for a “safe” night time rest. I’m alright with them using it to help, but it gets irritating having a wrench thrown into my nighttime attacks. I have found some ways to deal such as Dispel Magic or having something camp them. One time, I even attacked and killed their horses which were outside the hut. I was going to try a burrowing creature but SageAdvice put forward that there IS a floor in the hut. That’s when I came across the Phase Spider. So the question:
Could something move into the Ethereal Plane, get to an area that would be inside Leomund’s Tiny Hut, and then move back to the Material Plane?
The scenario is that a website has a password recovery feature: you enter your email and if you have an account with that email, it sends you a recovery link.
But then someone writes a script that requests a recovery every 5 seconds all day long and gives someone else’s email to:
- harass that person
- waste site resources sending emails
- get the site blacklisted as a spammer
- other unpleasant consequences
To be clear, the attacker doesn’t compromise the site, but just causes grief of different kinds via that site emailer channel. Does this have a name?
On the internet several articles exist about XSS vulnerabilities of using an Android/iOS WebView. I understand the main concept of XSS; on a regular website it could be achieved by for example redirecting someone to a URL with a manipulated query string in it.
But how would someone start an XSS attack on a WebView. I can think of one example myself: The app makes use of a deeplink/universal link. With the help of this universal link the app opens and an intent will load the requested page. When a user then clicks on a universal link like
https://example.com/openpage/bar?query=<script>alert('XSS');</script> and the developer was really lazy this could result in XSS. But this is pretty easy to counter. And thus is nothing to get too scared about.
Of course a Server XSS Attack is also possible. But I mean Client XSS
Can you think of any other ways to exploit XSS? Because if the one I mentioned is the only one, I think the risk of an XSS attack on a WebView is minimal.
I need someone to create a fully functioning web hosting service. including front end and whmcs.
need to use something from themeforest. https://themeforest.net/search/whmcs
we will provide them for you. just select which one and we will buy a license.
need someone who has experience.
PM me with the cost and time. title your PM "web hosting project"
I’ve only used Windows and Linux on a Hewlett Packard. Can I remotely connect to my tablet to write code or do I need to install a program on the tablet?
Basically, long story short… I have an app idea. I don not wish to disclose it in the open for obvious reasons. Basically I am just looking for someone to give me some advice and to get your personal opinion on it. the app is just an idea at the moment but I am determined to build it and make it a reality. The app is retail based so maybe someone with retail experience could help…but not compulsory.
If you are interested PLEASE message me on Instagram @trolleze Or by replying to this thread. Thank you in advance, Sam
The hacker said they have access to my contacts, social media, and that they’ve also installed a keylogger onto my system. They want money.
The Gmail email header says:
Similar messages were used to steal people’s personal information. Moreover,Gmail could not verify that this message actually came from firstname.lastname@example.org. Avoid clicking links, downloading attachments, or replying with personal information.
This is what the security on Gmail says:
security: vodafone-ip.de did not encrypt this message Learn more
The hacker also stated one of my older passwords, and it is right. But I changed that password almost an year ago.
I try to keep all my passwords different, and just changed my Google password. How is this possible? If it is needed, I can post the full message
Edit: the email also says that they have installed a Trojan keylogger to my computer (mac). Should I be worried? I was thinking of factory resetting it just to be safe.
- I used MalwareBytes as suggested, and it deleted some files such as
ssinfo.plist (if I’m remembering correctly). I have no idea what these are.
- I read the email once again, and this is a line from it: “I studied your love life and created a good video series.” Thing is, I don’t have a love life, so it’s probably a scam.
I have a binary file and saved it on github release page. https://github.com/zono/bolt8/releases
To allow users to verify it, I saved sha256sum and signature(.asc).
However I have a concern that if my github account is hacked somehow, the sha256sum, the signature and my keybase.io account link (https://keybase.io/zono) could be replaced. As a result of that, users can’t notice the fake binary.
Are there any solutions about that? What kind of ways are used in OSS projects.
* sign and sha256sum (on mac) $ gpg -ba bolt8-node10-macos-x64 $ shasum -a 256 bolt8-node10-macos-x64 // save .asc and the checksum into github * verify (on linux) $ sha256sum bolt8-node10-macos-x64 $ curl https://keybase.io/zono/pgp_keys.asc | gpg --import $ gpg --verify bolt8-node10-macos-x64.asc bolt8-node10-macos-x64 gpg: Signature made Mon 17 Jun 2019 09:59:55 PM JST using RSA key ID 6530E807 gpg: Good signature from "xxxxx"
My sister is planning to come to the UK just for one day in order to renew her passport. Will she be able to use the 1 day Premium service?
Learning spells from someone else’s spellbook and then selling it?
Basically, the character is a Spellcaster and he decided to visit a library in the town they’re currently staying at to find spellbooks or scrolls. I had him roll a die to determine what spells he would find. He rolled a 20 and just to annoy him a little (We are friends so it’s fine) I gave him a level 9 spell.
Now, at the time I had no idea that Spells level 9 can cost up to 50 thousand gold pieces and I also didn’t think that it was that big of a deal. In a nutshell, the character sold the book for 40 thousand gp but before he did it, he copied the spell into his own spellbook.
The money isn’t that big of a deal as the campaign won’t change drastically, but my concern is whether a character can copy a spell they find in their own spellbook and then get rid of the source.
Note: This is my first time DMing.