Categories
Mastering Development System & Network

CVE-2021-26855 Explanation

I patched on 3/3 This just looks like we were probed and not compromised, can some one please confirm? I’m not sure how to interpret this. Ran Test-Hafnium.ps1 Contents of CVE-2021-26855.log #TYPE Selected.System.Management.Automation.PSCustomObject "DateTime","AnchorMailbox" "2021-03-02T09:50:56.279Z","ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#" edit: The scan found the following entry 2021-03-02T09:50:56.279Z,5f083d36-1b8a-489b-9bdc-e3859dea08f4,15,1,2106,2,,Ecp,207.207.49.16,/ecp/y.js,,FBA,false,,,ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#,ExchangeServicesClient/0.0.0.0,157.230.221.198,EXCHANGE001,200,200,,POST,Proxy,exchange001.contoso.com,15.00.0001.000,IntraForest,X-BEResource-Cookie,,,,347,362,,,0,0,,0,,0,,0,0,,0,295,0,0,17,0,274,0,0,0,1,0,294,1,274,4,21,21,295,,,,BeginRequest=2021-03-02T09:50:55.983Z;CorrelationID=;ProxyState-Run=None;FEAuth=BEVersion-1941962753;NewConnection=::1&0;BeginGetRequestStream=2021-03-02T09:50:55.983Z;OnRequestStreamReady=2021-03-02T09:50:55.998Z;BeginGetResponse=2021-03-02T09:50:55.998Z;OnResponseReady=2021-03-02T09:50:56.279Z;EndGetResponse=2021-03-02T09:50:56.279Z;ProxyState-Complete=ProxyResponseData;SharedCacheGuard=0;EndRequest=2021-03-02T09:50:56.279Z;,,,,,,CafeV1 In the following file "\exchange001.contoso.com\C$\Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\Ecp\HttpProxy_2021030209-1.LOG" I did not find any […]

Categories
Mastering Development

Files not present in container after COPY or ADD in Dockerfile

I’m trying to build a simple docker file that itself will launch a compose fleet. It may break the purpose of containers; but i found it was what I thought was the most suited in my case. When trying to copy files to the image, it does not fail but I cannot find the files […]

Categories
Mastering Development System & Network

Which actions are retained on SecRuleUpdateActionById changes from the original rule?

So, SecruleUpdateActionById requires relisting action flags. At least that’s my reading of "actions that can appear only once are overwritten". Which is fairly obvious for most of them, but less so for ctl: or specialty parameters. I’m currently building this editor GUI, and so I’m wondering which flags from the original SecRule are worth repeating […]

Categories
Mastering Development

How to send https reuqest using pysocks python

every thing working fine only how to send https request using Pysocks ? import socks s = socks.socksocket() s.set_proxy(socks.HTTP, "proxy", port) s.connect(("example.com", 443)) request = "GET / HTTP/1.1\r\nHost: example.com\r\nConnection: close\r\nUpgrade-Insecure-Requests: 1\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.66 Safari/537.36\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9\r\nSec-Fetch-Site: none\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Dest: document\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7\r\n\r\n" s.sendall(request.encode()) result = s.recv(4096) while […]

Categories
User Help

How do I specify the HTTP proxy for VLC to use from the command line?

From the manual here: https://wiki.videolan.org/Documentation:Command_line/ This chapter will only describe the "general" options, i.e., the core options. Each module adds new options. For example, the HTTP input module will add options for caching, proxy, authentication, … In other words: that webpage doesn’t list the HTTP module options. So I followed its advice and did: vlc […]

Categories
Mastering Development System & Network

Running dnsmasq as a DHCP proxy from a container

I’m trying to configure dnsmasq to operate in DHCP proxy mode, supplying PXE network boot information to clients, while my router continues to act as the DHCP server. Ideally, I’d like to run dnsmasq in a Docker container. I’ve first tried setting it up in a VMware VM running Linux, like this: # Verbose DHCP […]

Categories
Bitcoin Cryptocurrency Mastering Development

Address starting with 2, what mode I am in?

I am using https://github.com/freewil/bitcoin-testnet-box to run bitcoind in docker to test signing of transactions. make start tells me the bitcoind is started without -regtest flag. See https://github.com/freewil/bitcoin-testnet-box/blob/master/Makefile#L13 When I run bitcoin-cli -datadir=1 getblockchaininfo, I indeed see "chain": "regtest" in output, so both the nodes are running in regression test mode, I believe. If I generate […]

Categories
Mastering Development

Spring BeanDefinition class name contains null for an instantiated bean

I want to post-process a Spring bean in some manner after it has been instantiated completely. However when I am unable to get the original bean class name (since it is proxied) from ConfigurableListenerFactory after the ContextRefreshedEvent occurs. I can’t get bean class from the ApplicationContext, because it is proxied by JDK Dynamic Proxy. Question […]

Categories
Mastering Development Software

Rule-based chatbot that can be integrated with multiple platforms [some high-level guidelines would help]

I’ve been assigned a project for my software design module, that is building a chatbot and integrating it to multiple platforms so a user can try and interact with it. AI chatbots are not not considered. Here are the notes given by my professor: The project should satisfy the topics covered in the Software Design […]

Categories
Cryptocurrency Ethereum Mastering Development

How to deploy kyber network proxy locally and test with truffle?

I am trying to deploy a proxy from Kyber Network for local development. So far I have pulled down the workshop repo and I have successfully deployed all the contracts successfully. I have the following contract: import "./Investor.sol"; import "./IKyberNetworkProxy.sol"; contract Trader is Investor { uint256 public platformFeeBps; constructor( IKyberNetworkProxy _kyberProxy, uint256 _platformFeeBps ) public […]