Answer:Detecting request type in PHP (GET, POST, PUT or DELETE)
$_SERVER['REQUEST_METHOD']
http://stackoverflow.com/a/359050
ref: https://twitter.com/sornram9254/status/738063120422174720
$_SERVER['REQUEST_METHOD']
http://stackoverflow.com/a/359050
ref: https://twitter.com/sornram9254/status/738063120422174720
There is a ByteViewer Control directly available in the .NET Framework. Here is how you can use it in a sample Winforms C# application (note: you need to reference the System.Design assembly):
Namespace: System.ComponentModel.Design
Assembly: System.Design (in System.Design.dll)
public Form1()
{
InitializeComponent();
…
ByteViewer bv = new ByteViewer();
bv.SetFile(@”c:\windows\notepad.exe”); // or SetBytes
Controls.Add(bv);
}
Answer:Recommendations for a Hex Viewer Control for Windows.Forms? https://t.co/iXEsLSxP09
— ศรรามไงจะใครล่ะ❤️ (@sornram9254) May 4, 2016
http://stackoverflow.com/a/23344431
$postdata = http_build_query(
array(
‘var1’ => ‘some content’,
‘var2’ => ‘doh’
)
);
$opts = array(‘http’ =>
array(
‘method’ => ‘POST’,
‘header’ => ‘Content-type: application/x-www-form-urlencoded’,
‘content’ => $postdata
)
);
$context = stream_context_create($opts);
$result = file_get_contents(‘http://example.com/submit.php’, false, $context);
Answer:How to post data in PHP using file_get_contents? https://t.co/lhxCPcsDv0
— ศรรามไงจะใครล่ะ❤️ (@sornram9254) April 29, 2016
http://stackoverflow.com/a/2445332
Getting infos from a video file
ffmpeg -i video.avi
Basic Convert
ffmpeg -i video_origine.extension video_finale.extension
Turn X images to a video sequence
ffmpeg -f image2 -i image%d.jpg video.mpg
Turn a video to X images
ffmpeg -i video.mpg image%d.jpg
Encode a video sequence for the iPpod/iPhone
ffmpeg -i source_video.avi input -acodec aac -ab 128kb -vcodec mpeg4 -b 1200kb -mbd 2 -flags +4mv+trell -aic 2 -cmp 2 -subcmp 2 -s 320×180 -title X final_video.mp4
Explanations :
Source : source_video.avi
Audio codec : aac
Audio bitrate : 128kb/s
Video codec : mpeg4
Video bitrate : 1200kb/s
Video size : 320px par 180px
Generated video : final_video.mp4
Extracting sound from a video, and save it as Mp3
ffmpeg -i source_video.avi -vn -ar 44100 -ac 2 -ab 192k -f mp3 sound.mp3
Explanations :
Source video : source_video.avi
Audio bitrate : 192kb/s
output format : mp3
Generated sound : sound.mp3
Convert a wav file to Mp3
ffmpeg -i son_origine.avi -vn -ar 44100 -ac 2 -ab 192k -f mp3 son_final.mp3
Mix a video with a sound file
ffmpeg -i son.wav -i video_origine.avi video_finale.mpg
ref: http://www.catswhocode.com/blog/19-ffmpeg-commands-for-all-needs
Basic Syntax
ffmpeg -i input output
ffmpeg -i audio.mp3 audio.wav
ffmpeg -i video.mp4 video.mkv
ffmpeg -i video.mp4 audio.wav
Specifying Video and Audio codecs
ffmpeg -codecs
ffmpeg -formats
ffmpeg -i input.wav -c:a libfaac output.mp4
ffmpeg -i input.avi -c:v libx264 -c:a libfaac output.mkv
When to copy, when to encode?
The following command is wrong: It will re-encode your video
ffmpeg -i input.mp4 output.mkv
This command however does it right:
ffmpeg -i input.mp4 -c:v copy -c:a copy output.mkv
If changing the container without encoding does not work for you, you can try the mkvmerge
mkvmerge input.avi -o output.mkv
ref: http://blog.superuser.com/2012/02/24/ffmpeg-the-ultimate-video-and-audio-manipulation-tool/
join ts files
Create a file mylist.txt with all the files you want to have concatenated in the following form (lines starting with a # are ignored):
# this is a comment
file ‘/path/to/file1’
file ‘/path/to/file2’
file ‘/path/to/file3’
Note that these can be either relative or absolute paths. Then you can stream copy or re-encode your files:
ffmpeg -f concat -i mylist.txt -c copy output.extension
or
ffmpeg -f concat -i mylist.txt output.extension
ref: https://trac.ffmpeg.org/wiki/Concatenate
Position Value
——– ——
0 0x4D
1 0x5A
2 0x90
4 0x03
8 0x04
12 0xFF
13 0xFF
16 0xB8
24 0x40
using (var stream = new FileStream(path, FileMode.Open, FileAccess.ReadWrite)) {
stream.Position = 24;
stream.WriteByte(0x04);
}
ref: http://stackoverflow.com/a/3217953?stw=2
var numbers = new [] { 1, 2, 3, 4 };
var words = new [] { “one”, “two”, “three”, “four” };var numbersAndWords = numbers.Zip(words, (n, w) => new { Number = n, Word = w });
foreach(var nw in numbersAndWords)
{
Console.WriteLine(nw.Number + nw.Word);
}
ref: http://stackoverflow.com/a/1955780?stw=2
First you need to choose a platform and a piece of software to attack. To begin I would choose something that is open source. There are several advantages to this; the main one being that you can look at the source code. You then need to pick an aspect that you would like to attack. For example, maybe you want to attack the UDP implementation of the Linux networking stack.
Performing an analysis on a closed source piece of software means you’re disassembling the binary, rooting through instructions, and debugging the process. This is long and tedious. Better to get a grasp as to what breaks code with source code before you go looking for it in disassembly.
By being specific in your target allows you to systematically analyze a piece of software.
With your target in mind begin your analysis of the portion of the software you want to find vulnerabilities.
These are just a few of the things you can do to analyze the software. Build a list of possible coding errors.
Now with a list of possible coding flaws you need to determine if you can trigger them. Again, debug messages will help you. Go back to the source code and determine what exactly needs to happen for each coding flaw to break the software. You’re not looking for full exploitation, you just want the code to crash, or do something unexpected. You need to determine what could trigger a coding flaw. This could be anything from affecting a length variable, tricking a function to take a path to process data incorrectly, etc. Some coding flaws just aren’t triggerable, but that’s the nature of vulnerability analysis.
At this point you have a list of flaws, and a list of ideas for each flaw on what might trigger it to do something unexpected.
Now you write code. Using pretty much whatever programming language is convenient for the software you’re attacking. You could write Python code to throw specific packets at network devices to attempt to take down the UDP implementation of a Linux based device.
The goal is to implement your triggers, and hope that the code works the way you think. Your debug messages will be helpful here.
With any luck you’re able to cause something different to happen. Maybe that can lead to code execution, maybe not. That’s a horse of a different color.
Vulnerability analysis takes time. A lot of time. You’re not going to spend a day analyzing software and find 10 vulnerabilities. The unofficial average for vulnerability analysis is 1 vulnerability per 3 months of analysis. You can double that time if you’re analyzing a non-open source project.
via @RoraΖ : http://security.stackexchange.com/a/92003?stw=2
creating a configuration file symbolic link
sudo ln -s /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-enabled/000-default-ssl.conf
add this to 000-default-le-ssl.conf
ServerName example.com
ServerAlias www.example.com
https://community.letsencrypt.org/t/cant-renew-certificate-we-were-unable-to-find-a-vhost-with-a-servername-or-address/11675/2
On Debian, Ubuntu or Linux Mint:
sudo vi /etc/apache2/apache2.conf
On CentOS, Fedora, RHEL or Arch Linux:
sudo vi /etc/httpd/conf/httpd.conf
Add the following two lines at the end of Apache config file.
ServerSignature Off
ServerTokens Prod
Then restart web server to activate the change:
sudo service apache2 restart (Debian, Ubuntu or Linux Mint)
sudo service httpd restart (CentOS/RHEL 6)
sudo systemctl restart httpd.service (Fedora, CentOS/RHEL 7, Arch Linux)
(see image from source url)
http://ask.xmodulo.com/turn-off-server-signature-apache-web-server.html
ps: ServerTokens can be set to:
Prod (Server: Apache)
Min (Server: Apache/1.3.0)
OS (Server: Apache/1.3.0 (Unix))
Full (Apache/1.3.0 (Unix) PHP/3.0 MyMod/1.2)
1. Install Apache
sudo apt-get install apache2
2. Install MySQL
sudo apt-get install mysql-server
3. Install PHP
sudo apt-get install php5 libapache2-mod-php5
4. Restart Server
sudo /etc/init.d/apache2 restart
http://howtoubuntu.org/how-to-install-lamp-on-ubuntu
ps: After installation of phpMyAdmin it creates a configuration file for Apache2. Edit Apache2 main configuration file /etc/apache2/apache2.conf
vi /etc/apache2/apache2.conf
add following line at the end of file.
Include /etc/phpmyadmin/apache.conf
Restart Server
sudo /etc/init.d/apache2 restart
How to Install and Configure phpMyAdmin on Ubuntu 18.04 & 16.04 LTS