November 14, 2024 01:00 · September 25, 2024 09:52 · September 25, 2024 09:50 · March 26, 2024 02:59 · January 27, 2024 20:24 · November 9, 2023 11:30
 package Mojolicious::Plugin::Flickr;
 use Mojo::Base 'Mojolicious::Plugin', -signatures;

 use Digest::SHA qw(hmac_sha1);
 use Mojo::Collection qw(c);
 use Mojo::JSON qw(j);
 use Mojo::Parameters;
 use Mojo::Util qw(b64_encode hmac_sha1_sum md5_sum url_escape);

 has app => undef, weak => 1;
 function cd {
  local _TMUX_PANE=${TMUX_PANE:-%0}
  HISTFILE=$HISTFILE_PREFIX-${_TMUX_PANE:1}
  export LC_HISTFILE=$HISTFILE
  if [ "$1" == -q ]; then shift; test -d "$1" || return; fi; builtin cd "$@"; echo $(pwd) > ${HISTFILE/bash_histories/pwd};
 }
 function history-file { echo $HISTFILE; }
 function reload {
  umask 0022
  readonly -p | grep -q TMOUT= || unset TMOUT
 # This demonstrates the concept for a program to only execute by a trusted caller
 # This demonstration uses an extremely simple algorithm, but of course the idea is only to make it more annoyng for someone to spoof the caller
 # as the attacker needs to know the algorithm
 # And of course caller and callee need to implement the exact same algorithm pair
 # Indeed, use RSA to make this idea more cryptographically secure

 $ perl a 123                          # "a" single argument is a filename
 {
  "a" => {
    "file" => 123,                    # message dumped to stderr for inspection
 diff --git a/examples/blog/lib/Blog.pm b/examples/blog/lib/Blog.pm
 index 57a2291..ebf83cb 100644
 --- a/examples/blog/lib/Blog.pm
 +++ b/examples/blog/lib/Blog.pm
 @@ -30,6 +30,8 @@ sub startup {
   $r->get('/posts/:id/edit')->to('posts#edit')->name('edit_post');
   $r->put('/posts/:id')->to('posts#update')->name('update_post');
   $r->delete('/posts/:id')->to('posts#remove')->name('remove_post');
 +
 +  $r->post('/log')->to('posts#log')->name('log_post');
 all:
 	gcc -c -o send_recv.o send_recv.c -Wno-psabi
 	gcc -c -o recv.o recv.c -lcrypto
 	gcc -o recv send_recv.o recv.o -lm -lcrypto -Wno-psabi
 	gcc -c -o send.o send.c -Wno-psabi
 	gcc -o send send_recv.o send.o -lm -lcrypto -Wno-psabi
 # perl diode recv ring
 # perl diode send cc00
 # perl diode send ccff 0003 610062
 # perl diode send ff01 0 0003 610062
 # perl diode sendfile file [name]

 use 5.010;
 use strict;
 use warnings;
 use Errno;
 Q:
 how can i build a jenkins plugin from source, including all of its java dependencies also from source?  Understand that I will have access to all source code but no active connection to the internet at all.  No binary artifacts can be fetched to assist with the build process and all java jar files must be built from source only.

 A:
 Building a Jenkins plugin from source, along with its Java dependencies, without any internet connection and only using source code can be a complex and involved process. Here's a general guide on how you might approach this:

 1. **Set Up Your Environment:**

   - **Install Java and Maven:** Ensure you have Java JDK and Maven installed on your machine. Make sure you're using compatible versions with the Jenkins source code.
 79275263102d493ceae5f8b34bb922d3e7bcff70f8d6aed7a13c6c7ac0e6daa87dbfeb84a1fc3e2c9eafb738a0d7e3f3943225d59d63954fd71df2a3f09ca11d4622eeaed1ae96a9a36aa70725e23f77bbf7330cad97b1e91372d1346f1977c840f51c4cf479276e554742b81b5273423b3e4dd51b9b1c076588d5aa9eda62d7eccc808d441d93064243b4bb3117e7d6590463f3ed4352c9317eb8f55b21fa24e2cf1a680fe21cf3c90b1f1df0c88925b0cb43d16ae20d84b85211634471370cd314a0f331e483d22d37564416aef30f66fe5f18f9edee0503c7c1616f198567b71420712eaed12070ee238fda8facca5b3af1d4d125c74035f2b5ed0a5e967610742fba40100abdaaa5e7acef34526f345588acbcfaa8d7f9224c0a260631940c582622e7b0cdeaebb9ee8a32c1bf4556b04f20f2ece7068c9dfab199652affdf4426ac50ba853d7b813c48da3c3c33b7d3ca7f09fe7a22dfb67d4e4531cd845e3aa2fd1b8940b79bfcffc3420286681b85f9b839454a6809b8b29815baf330b98b9c1ee7a0d7bdf1819ba760c3cc22fd83f494372091f02d5212235b334a2b3018f61e085c4568f6ee54d5c7f33626777bbd81062e8681292e9c288438d625adfcf62f97f4d8af56d36f5cfbe34426866665a0c55505223e7608fca3a4dc782ca0224b82109682c28ef1f9967a44046a26721ed6bba4ec87e3bd508ba36fd8
 #!/usr/bin/env perl

 # $ perl aes.pl decrypt $(perl aes.pl encrypt 123 qaz)  # 123 is the key and qaz is the plaintext
 # qaz                                                   # qaz is the plaintext from the 123 ciphertext encryption

 # $ key=123 ciphertext=08eaad9aec6b6ccba1067aa4de838dd3d5c6423024d5eb087a4e70cd32b9caba
 # $ perl aes.pl decrypt $key $ciphertext
 # qaz
 # $ perl aes.pl decrypt 40bd001563085fc35165329ea1ff5c5ecbdbbeef40bd001563085fc35165329e $ciphertext
 # qaz                                                  # 40b...29e is the actual key derived from 123 and used in the enc/dec
	package Mojolicious::Plugin::Flickr;
	use Mojo::Base 'Mojolicious::Plugin', -signatures;

	use Digest::SHA qw(hmac_sha1);
	use Mojo::Collection qw(c);
	use Mojo::JSON qw(j);
	use Mojo::Parameters;
	use Mojo::Util qw(b64_encode hmac_sha1_sum md5_sum url_escape);

	has app => undef, weak => 1;
	function cd {
	local _TMUX_PANE=${TMUX_PANE:-%0}
	HISTFILE=$HISTFILE_PREFIX-${_TMUX_PANE:1}
	export LC_HISTFILE=$HISTFILE
	if [ "$1" == -q ]; then shift; test -d "$1" \|\| return; fi; builtin cd "$@"; echo $(pwd) > ${HISTFILE/bash_histories/pwd};
	}
	function history-file { echo $HISTFILE; }
	function reload {
	umask 0022
	readonly -p \| grep -q TMOUT= \|\| unset TMOUT
	# This demonstrates the concept for a program to only execute by a trusted caller
	# This demonstration uses an extremely simple algorithm, but of course the idea is only to make it more annoyng for someone to spoof the caller
	# as the attacker needs to know the algorithm
	# And of course caller and callee need to implement the exact same algorithm pair
	# Indeed, use RSA to make this idea more cryptographically secure

	$ perl a 123 # "a" single argument is a filename
	{
	"a" => {
	"file" => 123, # message dumped to stderr for inspection
	diff --git a/examples/blog/lib/Blog.pm b/examples/blog/lib/Blog.pm
	index 57a2291..ebf83cb 100644
	--- a/examples/blog/lib/Blog.pm
	+++ b/examples/blog/lib/Blog.pm
	@@ -30,6 +30,8 @@ sub startup {
	$r->get('/posts/:id/edit')->to('posts#edit')->name('edit_post');
	$r->put('/posts/:id')->to('posts#update')->name('update_post');
	$r->delete('/posts/:id')->to('posts#remove')->name('remove_post');
	+
	+ $r->post('/log')->to('posts#log')->name('log_post');
	all:
	gcc -c -o send_recv.o send_recv.c -Wno-psabi
	gcc -c -o recv.o recv.c -lcrypto
	gcc -o recv send_recv.o recv.o -lm -lcrypto -Wno-psabi
	gcc -c -o send.o send.c -Wno-psabi
	gcc -o send send_recv.o send.o -lm -lcrypto -Wno-psabi
	# perl diode recv ring
	# perl diode send cc00
	# perl diode send ccff 0003 610062
	# perl diode send ff01 0 0003 610062
	# perl diode sendfile file [name]

	use 5.010;
	use strict;
	use warnings;
	use Errno;
	Q:
	how can i build a jenkins plugin from source, including all of its java dependencies also from source? Understand that I will have access to all source code but no active connection to the internet at all. No binary artifacts can be fetched to assist with the build process and all java jar files must be built from source only.

	A:
	Building a Jenkins plugin from source, along with its Java dependencies, without any internet connection and only using source code can be a complex and involved process. Here's a general guide on how you might approach this:

	1. Set Up Your Environment:

	- Install Java and Maven: Ensure you have Java JDK and Maven installed on your machine. Make sure you're using compatible versions with the Jenkins source code.
	#!/usr/bin/env perl

	# $ perl aes.pl decrypt $(perl aes.pl encrypt 123 qaz) # 123 is the key and qaz is the plaintext
	# qaz # qaz is the plaintext from the 123 ciphertext encryption

	# $ key=123 ciphertext=08eaad9aec6b6ccba1067aa4de838dd3d5c6423024d5eb087a4e70cd32b9caba
	# $ perl aes.pl decrypt $key $ciphertext
	# qaz
	# $ perl aes.pl decrypt 40bd001563085fc35165329ea1ff5c5ecbdbbeef40bd001563085fc35165329e $ciphertext
	# qaz # 40b...29e is the actual key derived from 123 and used in the enc/dec