Welcome back to the blog series about how to hack a box! In this third post I’ll guide you through the second step: gaining access.
| DISCLAIMER: Never attempt to execute one of these steps on a machine where you don’t have explicit permission for from the owner. This is illegal and will get you in trouble. |
In Clojure we can get part of a vector collection using the subvec function. The function takes a vector as argument, a required begin index and optional end index. The returned value is a vector with part of the values of the original vector starting from the begin up to the end index. If we leave out the optional end index, the size of the vector is used as end index.
In the following example we use the subvec function with and without the end index:
To split a collection in Clojure we can use the split-with and split-at functions. The split-with function takes a predicate as first argument and a colletion as second argument. The function will return a vector with two items. The first item is the result of the function take-while with the given predicate. The second item in the result vector is the resul of the drop-while function with the same predicate.
We use the split-at function with a number as first argument followed by a collection to split based on a given number of items. Instead of using a predicate we can define the number of items that we want as the first item in the result vector. The first item in the result vector is the result of invoking the take function. The resulting number of items of the collection will be the second item in the result vector and is achieved by invoking the drop function.
In Clojure we can use the shuffle function with a collection argument to get a new collection where the items of the input collection are re-ordered randomly. The function delegates to the Java java.util.Collections#shuffle method.
In the following example code we use the shuffle method:
In Clojure we can format a string using Common Lisp format syntax or the Java format string syntax. In the post we will look at the how we can use the Java format string syntax. We must use the format function in the clojure.core namespace. The method delegates to the standard JDK String#format method. The first argument is a format string followed by one or more arguments that are used in the format string. We can look up the syntax of the format string in the Javadoc for the java.util.Formatter class.
In the following example code we use the format function with different format strings:
In my early days as a software developer I worked at a small game studio. This was back in the days when ActionScript and Flash were still a thing.
At JCore during Corona times we’ve spent part of the JCore Fast Track looking at game development in Unity3D and the Unreal engine. These engines work on C#/JavaScript and C++ respectively.
Nowadays the language I’m most comfortable with is Java. A little while ago I was wondering whether it would be possible to create a game in Java.
More and more web-traffic is moving to https instead of http protocol. Because users are using a modern browser that defaults to https or a browser extension like Https-By-Default . A great development from a security- and privacy perspective. But with some side effects as it pointed out that the redirect service offered by our hosting provider does not fully support https which causes a security warning.
Although valid commercial solutions are available this fully triggered my (somewhat rusty) not invented here syndrome. Performing the redirect sounds like a suitable functionality for a simple cloud function. With the additional requirement that it should be able to host the cloud function on the (sub)domain(s) we want to use for our redirects.
This blog post will describe the simple steps to develop a cloud function using Firebase Functions and expose it through Firebase Hosting over https using a valid certificate.
Welcome back to the blog series about how to hack a box! In the first blog I gave an introduction into the steps and prerequisites on How to hack a box. In this second post I’ll guide you through the first step, which is exploration. We will execute the steps on an actual box in Hack The Box, called Blocky.
| DISCLAIMER: Never attempt to execute one of these steps on a machine where you don’t have explicit permission for from the owner. This is illegal and will get you in trouble. |
Welcome to the blog series about how to hack a box! In this first post I’ll guide you through the global steps you can take to hack a box. The steps are universal, so you can use them on any target which you have permission for.
In the next few posts we’ll go through each step in detail and try to hack a box in Hack The Box, called Blocky.
As developer, you probably have to work with APIs. Either you consume them, or perhaps you build them. Most of the time an API provides some sort of JSON response or perhaps XML. When the implementation is complete, it provides documentation as well, using the OpenAPI specification. This however is not what this blog is about.
The goal is to get you started exploring OData. OData is an OASIS Standard that defines the best practice for creating and using RESTful APIs. So in short, it is a web-based protocol for querying and updating data.
