shizonic shizonic

Improve Fonts

Newest

Make your Arch fonts beautiful easily! This is what I do when I install Arch Linux to improve the fonts.

You may consider the following settings to improve your fonts for system-wide usage without installing a patched font library packages (eg. Infinality):

Install some fonts, for example:
sudo pacman -S ttf-dejavu ttf-liberation noto-fonts

Nix syntax basics

Intro

Comments

Linux Desktop on Apple Silicon in Practice

I bought M1 MacBook Air. It is the fastest computer I have, and I have been a GNOME/GNU/Linux user for long time. It is obvious conclusion that I need practical Linux desktop environment on Apple Silicon.

Fortunately, Linux already works on Apple Silicon/M1. But how practical is it?

Two native ports exist.

Time-Based Blind SQL Injection

Indication of a correct query is based on the time the query takes to complete.
This time delay is introduced by using built-in methods such as SLEEP(x) alongside the UNION statement.
The SLEEP() method will only ever get executed upon a successful UNION SELECT statement.

Base query example

/endpoint?query=admin123'

Attack query example

Using Blind SQL Injections to Retrieve Access Credentials of a Website

In this gist I show how I leveraged a boolean-blind sql injection to gain access to a protected website. The injection allowed me query the website database and retrieve a valid pair username/password. Using the retrieved credentials I was able to login into the protected section of the website.

Software Used

To perform the attack I used:

sqlmap to discover the website was vulnerable to SQL injections.
Burp Suite to forge and send POST requests to the website login page, carrying payloads opportunely crafted with SQL queries.

Requirements

Encrypt everthing including /boot and /root
Enter password once
Support UEFI

Installation media setup

Download NixOS minimal iso and copy to USB stick. For example on Mac OSX

$ diskutil list
$ diskutil unmountDisk /dev/disk1 # Make sure you got right device

# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs

# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump

	session=lxqt
	geometry=1920x1080
	localhost # comment this out to allow connections from anywhere
	alwaysshared

	Hi All!

	I've recently launched a tool that wraps many of the commands here with a user interface. This desktop application is currently available for macOS. There's a roadmap outlining planned features for the near future.
	Feel free to request any features you'd like to see, and I'll prioritize them accordingly.
	One of the most important aspects of this application is that every command executed behind the scenes is displayed in a special log section. This allows you to see exactly what’s happening and learn from it.

	Here's the link to the repository: https://github.com/Pulimet/ADBugger

	App Description:
	ADBugger is a desktop tool designed for debugging and QA of Android devices and emulators. It simplifies testing, debugging, and performance analysis by offering device management, automated testing, log analysis, and remote control capabilities. This ensures smooth app performance across various setups.