sanitize-html-react Vulnerability
Overview At work, we tend to test our near-complete features internally as a team to capture any bugs before they are shipped to customers. We call this process a ‘blitz’ and it has successfully caught many bugs for us that can be addressed before shipping a feature. In this case, I was testing a sanitization…read more.
Disable Slack @channel and @here notification for all channels
Problem Slack can get very noisy if you are part of a big organisation. Slack offers various notification controls on a per-channel basis. You can choose to be notified if: There is a new message Somebody mentions you Somebody mentions @channel or @here Never For example: Slack points out that you can tweak…read more.
Rewriting mobeigi.com with React
Learning React Recently I have spent some time learning React as it is the front end library of choice at my workplace Atlassian. Learning React was quite easy and intuitive. I used a handful of resources and one I’d like to heavily recommend to beginners is React.js Essential Training by Eve Porcello. Previously, all of…read more.
Git Commit Message Hook for JIRA Issue Keys
Overview Credits to this StackOverflow answer: https://stackoverflow.com/a/53669975/1800854 ❤ Follow these steps to set up a global commit message hook that will extract the issue key from your branch id and prepend it to your commit messages automatically. This allows other team members to easily track down who wrote what code. Steps Make sure you have…read more.
How to delete a Ghost/Empty SignalFx Dashboard Group
The Problem I ran across into issue when working with SignalFx where I was unable to delete a dashboard group that contained no dashboards. The only way to delete a dashboard group is to first visit a dashboard belonging to the dashboard group itself then using the meatball menu next to the dashboard group name…read more.
BlankMediaGames/Town Of Salem Data Breach (2020 Update)
Overview Town of Salem, a video game produced by BlankMediaGames was breached around 1 year ago on the 3rd of January 2019. It is reported that the total row count of that database that was breached is 8,388,894 which included some 7,633,234 unique email addresses. Shortly after this breach in early 2019, hackers attacked and successfully…read more.
BlankMediaGames/Town Of Salem XSS
While looking on the BlankMediaGames.com website (creators of Town Of Salem) I came across an api.php file which one inside one of the folders listed in the sites robots.txt file. The file in question is:
1 |
https://blankmediagames.com/TownOfSalem/api/api.php |
Upon visiting the page we get the following output with a 200 response code: At first I thought this was…read more.
IOLI Crackme Write-up
Overview The goal of this crackme is to find out what password(s) make the program print out Password OK :). We ended up looking at the Windows binaries only. Write-up crackme0x00 Takes input through scanf and performs quick strcmp with string 250382 from strings table. Password: 250382 crackme0x01 As above but strcmp with integer 5274 read by scanf instead. Password: 5274…read more.
Hackvent 2019: Day 23
Challenge HV19.23 Internet Data Archive
1 2 3 4 5 |
Introduction Today's flag is available in the Internet Data Archive (IDA). Resources http://whale.hacking-lab.com:23023/ |
Solution We are presented with the following website: We are allowed to enter a username and select some data to download except the flag which is classified. Upon doing this a unique zip file is generated for us containing our files and we are also provided with…read more.