The document shows the steps taken to generate an SSH key on a local machine and use it to connect to a GitHub repository. It demonstrates initializing a new Git repository locally, making an initial commit, connecting the local repository to a remote GitHub repository, and pushing the commit to GitHub. Authentication issues are encountered initially but resolved by providing login credentials.
Many new developers are uncomfortable in the Terminal. But it can be your friend! Learn a few high-value Terminal tricks here, useful on both MacOS and Linux systems
As Clojure programmers, our software is full of trees. Both the values we manipulate and the code we manipulate them with, are made from trees. It's all to easy to get caught up in a project and miss the forest for the trees, but how often have you missed the trees for the forest? This presentation is an exploration of trees from a unique perspective that will hopefully inform your thinking and lead your program design out of the woods.
Many new developers are uncomfortable in the Terminal. But it can be your friend! Learn a few high-value Terminal tricks here, useful on both MacOS and Linux systems
As Clojure programmers, our software is full of trees. Both the values we manipulate and the code we manipulate them with, are made from trees. It's all to easy to get caught up in a project and miss the forest for the trees, but how often have you missed the trees for the forest? This presentation is an exploration of trees from a unique perspective that will hopefully inform your thinking and lead your program design out of the woods.
Workshop on command line tools - day 1Leandro Lima
Slides of the I Workshop on command-line tools with the collaboration of CAG (Center for Applied Genomics - Children's Hospital of Philadelphia) bioinformatics analysts.
1st day
Workshop on command line tools - day 2Leandro Lima
Slides of the I Workshop on command-line tools with the collaboration of CAG (Center for Applied Genomics - Children's Hospital of Philadelphia) bioinformatics analysts.
2nd day
Backdooring the web is the cheapest and most hidden way to achieve
persistence on a compromised network, both if you're looking at
privileges on the webapp itself or at executing command to underlying
system.
During the talk, we will discuss the context of a web backdoor: the
environment where she can born and grow up will be defined.
Each environmental aspect will be thoroughly analyzed: where is the best
point of injection, why we choose a specific function or trick, what
permissions are needed, how to trigger the backdoor in a safe, hidden
and reproducible way, and of course what to inject.
The talk will thus present several ways to inject obfuscated and hard to
spot vulnerabilities in PHP code. Shown examples will backdoor CMS
plugins as well as custom code, altering the code and polluting the
webapp ecosystem (read: DBMS and webservers).
Code Obfuscation, PHP shells & more
What hackers do once they get passed your code - and how you can detect & fix it.
Content:
- What happens when I get hacked?
- What's code obfuscation?
- What are PHP shells?
- Show me some clever hacks!
- Prevention
- Post-hack cleanup
What is this not about:
- How can I hack a website?
- How can I DoS a website?
- How can I find my insecure code?
Git 201 - A Deeper Look at Git @ KCDC 2016Arthur Doler
You know how to use Git. You can pull a branch, commit your changes, and push it back to Github or Bitbucket. You can use SourceTree to automatically merge well enough, and you even know how to stash your changes.
But what if you want to take things to the next level? Maybe you've heard about the arcane magic known as rebasing, or maybe you (or a coworker) once did something really nasty to your repository and didn't have the first clue how to fix it. Maybe you watched someone use Git on the command line and you want to find out if they're actually a wizard or not. Maybe you just know there's more to Git than you're using, and you want a more detailed walk through the tool. If this describes you, come learn Git from the ground up with me! You'll learn the git command line, how Git represents your files, fun ways to reference various commits, what branches and tags really are, and best of all you'll finally learn how to rebase.
Given it's share of ~80% (W3Techs dixit) with more than 240M active websites (Netcraft dixit) we can say that PHP is the de facto standard for web programming.
We can find she both in made-by-son-of-a-friend-after-dinner websites and on enterprise portals or e-commerce platforms, perhaps because she's available on almost every hosting service and because it's very easy to start with her.
As we should have learnt from history, simplicity hides complexity, therefore a lot of uncommon functions' arguments and little known behaviours.
The talk present ways to insert obfuscated and hard to spot
vulnerabilities in existent code and some naughty functions. For every given example we will show how to trigger the backdoor through the vulnerability and how it works, her pros and cons, and how to detect her.
Workshop on command line tools - day 1Leandro Lima
Slides of the I Workshop on command-line tools with the collaboration of CAG (Center for Applied Genomics - Children's Hospital of Philadelphia) bioinformatics analysts.
1st day
Workshop on command line tools - day 2Leandro Lima
Slides of the I Workshop on command-line tools with the collaboration of CAG (Center for Applied Genomics - Children's Hospital of Philadelphia) bioinformatics analysts.
2nd day
Backdooring the web is the cheapest and most hidden way to achieve
persistence on a compromised network, both if you're looking at
privileges on the webapp itself or at executing command to underlying
system.
During the talk, we will discuss the context of a web backdoor: the
environment where she can born and grow up will be defined.
Each environmental aspect will be thoroughly analyzed: where is the best
point of injection, why we choose a specific function or trick, what
permissions are needed, how to trigger the backdoor in a safe, hidden
and reproducible way, and of course what to inject.
The talk will thus present several ways to inject obfuscated and hard to
spot vulnerabilities in PHP code. Shown examples will backdoor CMS
plugins as well as custom code, altering the code and polluting the
webapp ecosystem (read: DBMS and webservers).
Code Obfuscation, PHP shells & more
What hackers do once they get passed your code - and how you can detect & fix it.
Content:
- What happens when I get hacked?
- What's code obfuscation?
- What are PHP shells?
- Show me some clever hacks!
- Prevention
- Post-hack cleanup
What is this not about:
- How can I hack a website?
- How can I DoS a website?
- How can I find my insecure code?
Git 201 - A Deeper Look at Git @ KCDC 2016Arthur Doler
You know how to use Git. You can pull a branch, commit your changes, and push it back to Github or Bitbucket. You can use SourceTree to automatically merge well enough, and you even know how to stash your changes.
But what if you want to take things to the next level? Maybe you've heard about the arcane magic known as rebasing, or maybe you (or a coworker) once did something really nasty to your repository and didn't have the first clue how to fix it. Maybe you watched someone use Git on the command line and you want to find out if they're actually a wizard or not. Maybe you just know there's more to Git than you're using, and you want a more detailed walk through the tool. If this describes you, come learn Git from the ground up with me! You'll learn the git command line, how Git represents your files, fun ways to reference various commits, what branches and tags really are, and best of all you'll finally learn how to rebase.
Given it's share of ~80% (W3Techs dixit) with more than 240M active websites (Netcraft dixit) we can say that PHP is the de facto standard for web programming.
We can find she both in made-by-son-of-a-friend-after-dinner websites and on enterprise portals or e-commerce platforms, perhaps because she's available on almost every hosting service and because it's very easy to start with her.
As we should have learnt from history, simplicity hides complexity, therefore a lot of uncommon functions' arguments and little known behaviours.
The talk present ways to insert obfuscated and hard to spot
vulnerabilities in existent code and some naughty functions. For every given example we will show how to trigger the backdoor through the vulnerability and how it works, her pros and cons, and how to detect her.
Author: Jameel Nabbo
Company: UITSEC
This guide contain a practical hands on Linux privilege escalation techniques and methods. based on a real penetration testing experience.
Install git and drush on Godaddy shared hostingC13L0
Please note - 2014- This tutorial is outdated and only uploading your ssh key is still relevant. I no longer have a Godaddy account and cannot update this tutorial. If anyone comes across another tutorial with all 3 steps that work, please let me know so I can update this description with the url for others who are looking for help. Thanks!
Upload your public ssh key, install git and drush on Godaddy shared hosting.
Internal knowledge share on SSH setup and usage. Includes some helpful config file options to save time and how to create and use SSH keys for better security and productivity.
Postgresql 12 streaming replication holVijay Kumar N
This is a step by step hands on lab for PostgreSQL 12 , setup of replication, replication slot, failover (promoting) to standby as new master cluster and also covering the scenario where old master has to be reinstated using the utility "pg_rewind"
Jaime Piña, @variadico, Software Engineer at Apcera
Microservice issues are networking issues. Fixing code in your app is easy, but the hard part of using microservices is the networking. How do you actually know if you're sending what you think you are? Why does this request fail in my app, but not when I use curl? Is this service very slow or is it up at all?
This talk will help demystify some common problems you might experience while building out your collection of microservices. Once you can find the issue, it becomes way easier to fix.
Apresentação na Pós-Graduação em Segurança da Informação:
- Sniffer de senhas em plain text;
- Ataque de brute-force no SSH;
- Proteção: Firewall, IPS e/ou TCP Wrappers;
- Segurança básica no sshd_config;
- Chaves RSA/DSA para acesso remoto;
- SSH buscando chaves no LDAP;
- Porque previnir o acesso: Fork Bomb
File encryption. [32] Write a program which accepts a filename as a .pdfjyothimuppasani1
File encryption. [32] Write a program which accepts a filename as a command-line argument [-
32]. It should then ask for a password via stdin (but it should not visible when entered; use
getpass for this) [4]. The program should encrypt the file using a block-cipher algorithm (see
encryption.rst for details) [12] if it was not already encrypted by the program, and rename it with
a .enc extension. If it was already encrypted, it should decrypt the file and remove the .enc
extension [12]. Under no circumstance should the program multiply encrypt the file [4]. Call the
program encrypt.cpp. here is encrypt.rst Suppose I have an input file to encrypt: .. raw: The only
true wisdom is in knowing you know nothing. (A quote by Socrates.) What I can do then is ask
the user for a password. Suppose the user enters kitties. Then what I may do is pre-pend the
password to an output file, and add kitties in rounds to the file: .. raw: kittiesThe only true
wisdom is in knowing you know nothing. + kittieskittieskittieskittieskittieskittieskittieskittieskit -
---------------------------------------------------------- =
fhdkalhfioepwahfkdsanklvcxznkjvpwipqnkxlkdlajsflkjkljkljlkd When I add the characters in the
string kitties, I get what appears to be jumbled garbage. Without the password, it is hard to
decrypt the file. To decrypt the file, I ask the user for the password. Suppose they enter bubbles
(the wrong password). .. raw: fhdkalhfioepwah... - bubbles ------------------ = ueiaqnv I see that
by subtracting bubbles off the encrypted text, I do not get the string bubbles back, so bubbles is
not the password. If the user enters kitties (the correct password): .. raw: fhdkalhfioepwah... -
kitties ------------------ = kitties Then I see that what I get back is kitties, and since it matches the
user password entered, I may proceed to decrypt the rest of the file simply by subtracting kitties
off it in rounds. .. raw: = fhdkalhfioepwahfkdsanklvcxznkjvpwipqnkxlkdlajsflkjkljkljlkd -
kittieskittieskittieskittieskittieskittieskittieskittieskit ------------------------------------------------------
----- kittiesThe only true wisdom is in knowing you know nothing. Thus I obtain the original
message. Notice the user-supplied password itself is a necessary element of the decryption. This
type of algorithm is called a block cipher algorithm.
Solution
// Encrypting_a_File.cpp : Defines the entry point for the console
// application.
//
#include
#include
#include
#include
#include
// Link with the Advapi32.lib file.
#pragma comment (lib, \"advapi32\")
#define KEYLENGTH 0x00800000
#define ENCRYPT_ALGORITHM CALG_RC4
#define ENCRYPT_BLOCK_SIZE 8
bool MyEncryptFile(
LPTSTR szSource,
LPTSTR szDestination,
LPTSTR szPassword);
void MyHandleError(
LPTSTR psz,
int nErrorNumber);
int _tmain(int argc, _TCHAR* argv[])
{
if(argc < 3)
{
_tprintf(TEXT(\"Usage: \")
TEXT(\" | \ \"));
_tprintf(TEXT(\" is optional.\ \"));
_tprintf(TEXT(\"Press any key to exit.\"));
_gettch();
return 1;
}
LPTS.
1. Git bash
Welcome to Git (version 1.9.5-preview20150319)
Run 'git help git' to display the help index.
Run 'git help <command>' to display help for specific commands.
anchal.chadha@BSSDT018 ~
$ pwd
/c/Users/anchal.chadha
anchal.chadha@BSSDT018 ~
$ mkdir .ssh
anchal.chadha@BSSDT018 ~
$ cd .ssh
anchal.chadha@BSSDT018 ~/.ssh
$ ssh-keygen -trsa -C"anchalchadha01@gmail.com"
Generating public/private rsa key pair.
Enter file in which to savethe key (/c/Users/anchal.chadha/.ssh/id_rsa):
Enter passphrase(empty for no passphrase):
Enter same passphraseagain:
Your identification has been saved in /c/Users/anchal.chadha/.ssh/id_rsa.
Your public key has been saved in /c/Users/anchal.chadha/.ssh/id_rsa.pub.
The key fingerprintis:
2. d3:5b:5b:1f:f7:cc:c4:8c:dc:e1:7b:e0:f6:0c:4d:15 anchalchadha01@gmail.com
The key's randomartimage is:
+--[ RSA 2048]----+
| E |
| .|
| ..|
| . ..=o|
| S . . =oB|
| . o + O=|
| . . +.B|
| . +.|
| o|
+-----------------+
anchal.chadha@BSSDT018 ~/.ssh
$ ssh -v git@github.com
OpenSSH_6.6.1, OpenSSL 1.0.1m19 Mar 2015
debug1: Connecting to github.com[192.30.252.131] port22.
debug1: Connection established.
debug1: identity file /c/Users/anchal.chadha/.ssh/id_rsa type1
debug1: identity file /c/Users/anchal.chadha/.ssh/id_rsa-certtype-1
debug1: identity file /c/Users/anchal.chadha/.ssh/id_dsa type -1
debug1: identity file /c/Users/anchal.chadha/.ssh/id_dsa-certtype-1
debug1: identity file /c/Users/anchal.chadha/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/anchal.chadha/.ssh/id_ecdsa-certtype-1
debug1: identity file /c/Users/anchal.chadha/.ssh/id_ed25519 type -1
3. debug1: identity file /c/Users/anchal.chadha/.ssh/id_ed25519-certtype-1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remotesoftwareversion libssh-0.6.0
debug1: no match: libssh-0.6.0
debug1: SSH2_MSG_KEXINITsent
debug1: SSH2_MSG_KEXINITreceived
debug1: kex: server->client aes128-ctr hmac-sha1none
debug1: kex: client->server aes128-ctr hmac-sha1none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server hostkey: RSA 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48
The authenticity of host'github.com (192.30.252.131)'can'tbe established.
RSA key fingerprintis 16:27:ac:a5:76:28:2d:36:63:1b:56:4d:eb:df:a6:48.
Are you sureyou wantto continue connecting (yes/no)? yes
Warning: Permanently added 'github.com,192.30.252.131'(RSA) to the list of
know
n hosts.
debug1: ssh_rsa_verify: signaturecorrect
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUESTsent
debug1: SSH2_MSG_SERVICE_ACCEPTreceived
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
4. debug1: Offering RSA public key: /c/Users/anchal.chadha/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Trying private key: /c/Users/anchal.chadha/.ssh/id_dsa
debug1: Trying private key: /c/Users/anchal.chadha/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/anchal.chadha/.ssh/id_ed25519
debug1: No more authentication methods to try.
Permission denied (publickey).
anchal.chadha@BSSDT018 ~/.ssh
$ cd ..
anchal.chadha@BSSDT018 ~
$ cd ..
anchal.chadha@BSSDT018 /c/Users
$ cd..
sh.exe": cd..: command not found
anchal.chadha@BSSDT018 /c/Users
$ cd ..
anchal.chadha@BSSDT018 /c
$ cd C:anchalSanyamex2
anchal.chadha@BSSDT018 /c/anchal/Sanyam/ex2
$ pwd
5. /c/anchal/Sanyam/ex2
anchal.chadha@BSSDT018 /c/anchal/Sanyam/ex2
$ git init
Initialized empty Git repository in c:/anchal/Sanyam/ex2/.git/
anchal.chadha@BSSDT018 /c/anchal/Sanyam/ex2 (master)
$ Git add .
anchal.chadha@BSSDT018 /c/anchal/Sanyam/ex2 (master)
$ git commit -m"firstcommit"
[master (root-commit) fdfb91e] firstcommit
Committer: unknown <anchal.chadha@BSSDT018.betasoftsystems.com>
Your name and email address wereconfigured automatically based
on your usernameand hostname. Please check that they are accurate.
You can suppress this messageby setting them explicitly:
git config --global user.name"Your Name"
git config --global user.emailyou@example.com
After doing this, you may fix the identity used for this commit with:
git commit --amend --reset-author
5 files changed, 51 insertions(+)
create mode 100644 .classpath