shizonic shizonic

Docker on Android 🐋📱

Edit 🎉

All packages, except for Tini have been added to termux-root. To install them, simply pkg install root-repo && pkg install docker. This will install the whole docker suite, left only Tini to be compiled manually.

Summary

Nix syntax basics

Intro

Comments

Matrix

matrix.org chat is split into two parts, the server and the client. The server we are going to use is called Synapse and the client is Riot.im. The Synapse will also need Postgres database and Redis for caching.

0. Folders

Make sure your folder structure looks like this.

example/

Using Blind SQL Injections to Retrieve Access Credentials of a Website

In this gist I show how I leveraged a boolean-blind sql injection to gain access to a protected website. The injection allowed me query the website database and retrieve a valid pair username/password. Using the retrieved credentials I was able to login into the protected section of the website.

Software Used

To perform the attack I used:

sqlmap to discover the website was vulnerable to SQL injections.
Burp Suite to forge and send POST requests to the website login page, carrying payloads opportunely crafted with SQL queries.

Bash Startup Files

Description

Some example commands for openshift/kubernetes, replace the oc with kubectl or otherwise

get all pods from all namespaces comma separated with namespace, pod name, container name, container image, pod status

oc get pods --all-namespaces -o go-template='{{range .items}}{{$status := .status.phase}}{{$namespace := .metadata.namespace}}{{$podname := .metadata.name}}{{range .spec.containers}}{{$namespace}}{{","}}{{$podname}}{{","}}{{.name}}{{","}}{{.image}}{{","}}{{$status}}{{"\n"}}{{end}}{{end}}'

get all pods from all namespaces comma separated with namespace, pod name, scc

oc get pods --all-namespaces -o go-template='{{range .items}}{{.metadata.namespace}},{{.metadata.name}},{{range $key, $element := .metadata.annotations}}{{if eq $key "openshift.io/scc"}}{{$element}}{{end}}{{end}}{{"\n"}}{{end}}'

	KEYMAPOPTS="us us"
	HOSTNAMEOPTS="-n alpine"
	INTERFACESOPTS="auto lo
	iface lo inet loopback

	auto eth0
	iface eth0 inet dhcp
	hostname alpine
	"
	TIMEZONEOPTS="-z UTC"

	airmon-ng check kill

	https://forums.hak5.org/topic/37247-capturing-wpawpa2-passwords-with-the-nanotetra/

	On nano, or other wifi access point monitoring:

	airmon-ng start wlan1
	airodump-ng -w PacketCapture wlan1mon

	(Then just do near the AP you're wanting to crack and wait for someone to connect to it.)

	If you have ever put something in a file like .bashrc and had it not work, or are
	confused by why there are so many different files — .bashrc, .bash_profile, .bash_login,
	.profile etc. — and what they do, this is for you.
	The issue is that Bash sources from a different file based on what kind of shell it thinks
	it is in. For an “interactive non-login shell”, it reads .bashrc, but for an “interactive
	login shell” it reads from the first of .bash_profile, .bash_login and .profile (only).
	There is no sane reason why this should be so; it’s just historical. Follows in more detail.
	For Bash, they work as follows. Read down the appropriate column. Executes A, then B, then C,
	etc. The B1, B2, B3 means it executes only the first of those files found.

	#include <allegro5/allegro5.h>
	#include <allegro5/allegro_primitives.h>
	#include <stdio.h>
	#include <stdlib.h>

	#define WIN_WIDTH_PX (800)
	#define WIN_HEIGHT_PX (800)
	#define FPS (60.0f)

	static void Initialize();