BB

technology and craziness.

BB

technology and craziness.

Mattermost Server - Upgrade Script

Upgrading a Mattermost Server is not complicated, but requires some steps that can be mostly automated. I’m watching ‘Releases only’ on the GitHub repository to get a notification when a new version is available and start the script manually.

Below script assumes, that Mattermost is installed at the default location /opt/mattermost. The script first greps the current download link from the official Mattermost Download page , displays the found link and asks if it should continue. Rest should be self-explanatory (see echo messages).

April 24, 2023: Updated the script  

TryHackMe - Tasks and Questions to Markdown Converter

If you are managing your training/ctf/… stuff in markdown files like I do, this short function will save you a couple of minutes. 😊

Paste this into your Google Chrome DevTools console and execute getInfo();. The tasks and questions of the current room will be in your clipboard now. Just paste it into your markdown file.

October 17, 2020: Updated the script to work with the new TryHackMe layout

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
function getInfo() {
    let title = document.getElementById('title').innerText;
    let description = document.getElementById('description').innerText;
    let cards = document.getElementsByClassName('card-link');
    let count = document.getElementsByClassName('card-link').length;
    let taskContent = document.getElementById('taskContent').getElementsByClassName('card');
    let list = [];
    list.push('# ' + title + '\n');
    list.push(description + '\n');
    for (i = 0; i < count; i++) {
      list.push('## ' + cards[i].innerText.split('\n')[0] + '\n');
      for (j = 0; j < taskContent[i].getElementsByClassName('room-task-questions').length; j++) {
        questionNr = taskContent[i].getElementsByClassName('room-task-questions')[j].getElementsByClassName('room-task-question-no')[0].innerText.trim();
        questionText = taskContent[i].getElementsByClassName('room-task-questions')[j].getElementsByClassName('room-task-question-details')[0].innerText.trim();
        list.push('### ' + questionNr + ' - ' + questionText + '\n\n``\n');
      }
    }
    copy(list.join("\n"));
  }
    
  getInfo();
  

As an example, executing this on Advent of Cyber will copy this to your clipboard:

four years ago

A few days ago, I realized that my last blog post happened to be four years ago. That’s why I decided to update the theme (this was one of the major to-do items for years now), to remove some old blog posts and to switch from German to English as primary language. Well… maybe more blog posts will follow in the future. Happy Holidays!

Ghost auf Uberspace - HTTPS erzwingen

Bei Wordpress war es kein Problem, alles auf HTTPS umzuleiten. Ein paar Zeilen in die htaccess und die Sache war erledigt. Will man das bei Ghost machen, mit zusätzlicher Anpassung der config.js, endet man bei einer endlosen Weiterleitung [1 ,2 ].

Zitat aus der Ghost Dokumentation :

If you want to force all your traffic to use SSL it is possible to change the protocol of the url setting in your config.js file to https (e.g.: url: ‘https://my-ghost-blog.com ’). This will force the use of SSL for frontend and admin. All requests sent over HTTP will be redirected to HTTPS.

Apple behebt SQL Injection

Anfang Januar, genauer gesagt am 06.01.2014, hatte ich auf consultants.apple.com eine Blind SQL Injection gemeldet, welche am 14.01.2014 direkt behoben worden war.
Gestern erreichte mich dann die Nachricht, dass ich in der Hall of Fame aufgenommen worden bin.

Hall of Fame

Die Schwachstelle befand sich bei allen POST-Parameter des Formulars “/au/forms/join_form_all2.php”.

POST-Parameter:

[+] general_liability  
[+] number_consultant  
[+] number_employees  
[+] years_business  
[+] business_revenue  
[+] currency  
[+] contact_country  
[+] type of business

Das betroffene Formular wurde komplett entfernt.

Netflix behebt Source Code Disclosure

Über Netflix

Netflix  bietet seinen Kunden TV Programme, Filme und Serien als Stream an. Diese können auf verschiedensten Endgeräten angesehen werden.

Die Schwachstelle

Im Rahmen des Responsible Vulnerability Disclosure – Programms von Netflix habe ich einige der Seiten untersucht und bin auf der Subdomain pr.netflix.com auf eine Source Code Disclosure gestoßen.
Es war mir möglich den Quellcode der Datei Login_getpassword.jsp einzusehen.