Find path of file on website with randomized string in it

Users have the possibility to upload a sensitive personal file to a specific website. After uploading, only the user himself and the administrator of the website have the ability to download the file again.

All files of any user are uploaded to the following folder: https://example.com/folder/uploads/.

Before a file is uploaded, it gets renamed to <<username>>.docx.

So for Foo the path would be: https://example.com/folder/uploads/foo.docx and for Gux it’d be https://example.com/folder/uploads/gux.docx.

As you can see, this is not safe at all. Foo could simply examine the download link, and replace his own name in the file-path with the username of other users to download their files.

So to prevent this, the web-developer did the following: Before a file is uploaded, a random string of 15 characters gets prepended to the filename. This random string is different for each upload.

For Foo this would be for example https://example.com/folder/uploads/heh38dhehe83ud37_foo.docx and for Gux https://example.com/folder/uploads/abcnjoei488383b22_gux.docx.

When Foo examines the download-url, he will know in which folder all the files are stored. But there is no way that he could guess the random string that is prepended to Gux’ file. The random string actually functions as a 15-character long password.

In all directories an index.html-file is placed so the directory content does not get listed.

If Foo still wanted to download other users their files, how would he do that? I’m looking for a way Foo would do this by forming a specific URL or HTTP-request. Breaching the server or database is a correct answer but not the kind I’m looking for.

TL;DR: How to find the path of a file on a public website with a unique and randomized string in it? You know the path to the upload-folder, but there is a index.html-file there so you can’t see the content.

In general, how does a DFA know how to successfully process a string the intended way?

Suppose we have:

$ $ A\text{ }\colon=\{x, y, z\}$ $

$ $ M\text{ }\colon=\text{some DFA using A}$ $

$ $ S\text{ }\colon=xyzxyzxyz$ $

Intuitively, one might say $ S$ is fed to $ M$ on a per-character basis.

This means that somehow we have an undisclosed mechanism that can tell where a symbol starts and ends.

One might say, simply use the maximum valid substring similar to how Lexers tokenise plaintext. To that I say, suppose instead that we defined $ A$ as: $ $ A\text{}\colon= \{x, xx, xxx\}$ $

Now we have 3 unique symbols, that, as it so happens, using the maximum valid substring will yield in a restriction to what our our $ M$ can actually process, because any string longer than 2 characters will always be assumed to start with $ xxx$ rather than perhaps, $ x$ and $ xx$ .

One way I see around this is to actually have a character synonymous to a symbol. That is, $ x$ and $ xxx$ (from $ A$ ) are both a single character each.

Thoughts?

Could presence of the string “_CONSOLE” in multiple files indicate a hack?

I run a combination of Linux & Windows machines with Dropbox.

Many "selective sync conflicts" occurred, for unknown reasons. Meaning two copies of the same folder appear on dropbox – each copy should be identical.

I will pick one example folder: a music album, folder contains 12 .mp3 files, and a number of .jpg’s.

All files are the exact same file size between the two copies, butdiff clearly shows the contents are different.

Running linux strings on the newer version, every file contains the string _CONSOLE, and the majority of the file has been zero’d out, i.e the data is gone.

Uploading the file’s to virustotal.com for a scan yields a completely clean scan.

Question: is this likely to be malicious? What does the string "_CONSOLE" indicate? Can anyone advise if it is common string for a windows or linux executables?

Encryption (not hashing) of credentials in a Python connection string

I would like to know how to encrypt a database connection string in Python – ideally Python 3 – and store it in a secure wallet. I am happy to use something from pip. Since the connection string needs to be passed to the database connection code verbatim, no hashing is possible. This is motivated by:

  • a desire to avoid hard-coding the database connection credentials in a Python source file (bad for security and configurability);
  • avoid leaving them plain-text in a configuration file (not much better due to security concerns).

In a different universe, I have seen an equivalent procedure done in .NET using built-in machineKey / EncryptedData set up by aspnet_regiis -pe, but that is not portable.

Though this problem arises from an example where an OP is connecting via pymysql to a MySQL database,

  • the current question is specific neither to pymysql nor MySql, and
  • the content from that example is not applicable as a minimum reproducible example here.

The minimum reproducible example is literally

#!/usr/bin/env python3  PASSWORD='foo' 

Searching for this on the internet is difficult because the results I get are about storing user passwords in a database, not storing connection passwords to a database in a separate wallet.

I would like to do better than a filesystem approach that relies on the user account of the service being the only user authorized to view what is otherwise a plain-text configuration file.

Related questions

  • Securing connection credentials on a web server – but that requires manual intervention on every service start, which I want to avoid
  • Security while connecting to a MySQL database using PDO – which is PHP-specific and does not discuss encryption

How to explode single string IF it’s used in shortcode

I have a shortcode that works to display posts from specific categories, or a single post based on the post slug. I’m having trouble figuring out how to get it to display multiple posts based on their slugs though. I know I need to use explode, but I can’t seem to get it right.

Here’s the current working code:

add_shortcode( 'latest_post', 'latest_post_query_shortcode' ); function latest_post_query_shortcode(  $  atts ) {     ob_start();     $  atts = shortcode_atts( array(             'posts_per_page' => '',             'category' => '',             'offset' => '',             'post' => '',     ), $  atts );      $  args = array(             'post_type'     => 'post',             'post_status'   => 'publish',             'posts_per_page'=> $  atts['posts_per_page'],             'offset'             => $  atts['offset'],         );              // Add category if not empty     if ( ! empty ( $  atts['category'] ) ) {         $  args['tax_query']  = array(                  array(                     'taxonomy'  => 'category',                     'field'     => 'slug',                     'terms' => $  atts['category'],                 ),              );           }          // Add post if not empty     if ( ! empty ( $  atts['post'] ) ) {         $  args['name']  = $  atts['post'];     }         $  string = '';              // The Query     $  query = new WP_Query( $  args );       // The Loop     if ( $  query->have_posts() ) { ?>         <section class="recent-posts clear">         <?php while ( $  query->have_posts() ) : $  query->the_post() ; ?>             <article id="post-<?php the_ID(); ?>" <?php post_class( 'left' ); ?>>                  <?  echo '<a href="' . get_permalink( $  _post->ID ) . '" title="' . esc_attr( $  _post->post_title ) . '">';                     echo get_the_post_thumbnail( $  _post->ID, 'large' );                     echo '</a>';                     echo '<h2><a href="' . get_permalink( $  _post->ID ) . '" title="' . esc_attr( $  _post->post_title ) . '">';                     echo get_the_title( $  _post->ID);                     echo '</a></h2>';                  ?>             </article>         <?php endwhile;          wp_reset_postdata();?>           </section>                   <?php          $  clean = ob_get_clean();         return $  clean;           } } 

I tried adding:

'name' => explode( ', ', $  post), 

inside

$  args = array( 

but that didn’t return anything when I tried specifying two slugs, for example: [latest_post post="almond-cake, coconut-pie"] (If I use either one of those, it works, but not both.)

Additionally once I added the explode, it game me this warning everywhere else the shortcode was used:

Warning: trim() expects parameter 1 to be string, array given…

Decide if a string is a member of a language that represents $P$?

For some enumeration of the complexity class P (such as this as an example: How does an enumerator for machines for languages work?), for each string 𝑝 in the enumeration, does there exist some other string (certificate) 𝑐 that allows you to verify 𝑝 is a member of the enumeration in poly time? I believe that it might be possible in poly time because all we have to do is check if a string fits some certain format (format of the encoding)?

A decision problem $ P$ is poly time verifiable iff there is an algorithm 𝑉 called verifier such that if $ P(w)=$ π‘ŒπΈπ‘† then there is a string $ c$ s.t. $ 𝑉(w,c)=$ π‘ŒπΈπ‘†, if $ P(w)=𝑁𝑂$ then for all strings $ c$ , $ 𝑉(w,c)=$ 𝑁𝑂 and V runs in $ O(w^{k})$ for some constant $ k$ for all inputs $ w$ .

Find position in array where element-wise multiplication with string of 1 and 0s results in max value

I have a sequence of 1s and 0s. For example: $ bits = [1, 0, 1, 1, 1, 0]$ . I also have an array of positive integers. For example $ arr = [12, 23, 4, 6, 8, 0, 24, 72]$ . I need to find the index, $ i$ , in $ arr$ of the leftmost element of $ bits$ such that

$ $ \sum_{j = i}^{i + \textrm{length of bits}}{bits[j – i] * arr[j]}$ $

is a maximum. Essentially I am maximizing the element-wise multiplication between the two sequences starting at index $ i$ .

I need to solve it in $ O(n\log n)$ or better, but I can only think of a way to do it in $ O(n^2)$ . I have a feeling prefix sums could be used but am not sure how.

Is the empty string and some words of even length are elements of this set?

$ L = \{w \in \{a,b\}^*| \text{the first, the middle, and the last characters of $ w$ are identical}\}$ .

I have my answers, but I need confirmation:

Is the empty string $ \epsilon \in L$ ? Yes. Reason: there is no first, middle, or last character to break the rule.

Words of even length, assuming the first and last characters of them are identical, again, must be in $ L$ , as there is no middle character to break the rule in such words.

This is in the context of theory of computation by the way.