Happy Saturday and first party after sooooooo long time 💪🏻👌🏻👏🏻👯♀️🙌🏻👍🏻☔️ Thx for the task @dasraeuberherz 🎶 by @nicone_allez.allez #dasraeuberherz #niconeallez #niconeallezallez #eventsberlin2021 #flrywrld #eventmood #technoberlin #eventbilder #eventphotographer #eventphotography #photographysouls #bestdesignsoftheworld #spreebalkon #brommystraße #safeevents #berlinevents (at Berlin, Germany) https://www.instagram.com/p/CT9l-wssNU3/?utm_medium=tumblr
Making faces in my Basement 😜😛😝 : On a serious note kudos to organisations that get every attendant RT-PCR tested before an event including entertainers like yours truly. Tag : #covidsafeevents #safeevent #safeevents https://www.instagram.com/p/CSv145qlVVy/?utm_medium=tumblr
The UK's first large scale social distance event took place in Newcastle last night. Patrick Topping will play at the same event next week, as the event site plays host to an array of bands and comedians for the month of August and September. 🎹 🎪 🎭 🤹🏼 🎫 🎟 🎪 🎯 #socialdistance #lockdown #coronaprecautions #coronaprevention #besafe #staysafe #bettersafethansorry #backtonormal #socialdistancesessions #socialdistancegallery #socialdistanceart #events #mountainmusic #concert #contrebasse #safeevents #musicianstyle #musiclovers #edm #edmstage #liveband #livemusic #evansinuk #openairconcert #livescene #nocovid19 #eventswithcovidprevention (at United Kingdom) https://www.instagram.com/p/CDyjmfAByBt/?igshid=m7dcjclsswln
В Сингапуре тестируют технологии отслеживания участников крупных форумов
На проходящей в Сингапуре конференции Geo Connect Asia 2021 впервые использовали специальные электронные ключи и систему распознавания лиц, сообщает местная газета The Straits Times.
Карманный электронный ключ с технологией Bluetooth отслеживает такую информацию, как местонахождение пользователей, расстояние и время взаимодействия между участниками встречи.
Собранные данные периодически загружаются в систему. Если фиксируются нарушения в правилах безопасного дистанцирования и других мерах безопасности, участникам могут отправить напоминания и предупреждения через мобильное приложение SafeEvent, которое им предлагается загрузить заранее.
Этот электронный ключ, как отмечает Reuters, отличается от сингапурского же ключа отслеживания контактов TraceTogether, который передаёт данные по контактам с подтверждёнными инфекциями. Кроме того, его использование на конференции не является обязательным.
Распознавание лиц задействовано в первую очередь для облегчения процесса регистрации участников. Это, по словам организаторов, снижает количество физических контактов между персоналом мероприятия и посетителями и сводит к минимуму точки соприкосновения в регистрационных киосках. Участники загружают свою фотографию на портал, и регистрационный терминал сможет идентифицировать человека, даже если на нём будет маска.
Как сообщил министр торговли и промышленности Сингапура Элвин Тан, система распознавания лиц, использованная на конференции, обеспечивает бесконтактное измерение температуры, бесконтактную проверку лиц по базам, а также отслеживание коммуникаций.
Для уменьшения частоты контактов участники мероприятия проходят в отдельных зонах, где могут находиться не более 50 человек. Типичным нарушением считается нахождение на расстоянии менее одного метра от кого-либо из другой зоны более 15 минут.
Geo Connect Asia 2021 – это своего рода пилотное гибридное (онлайн и офлайн) мероприятие, в котором принимают участие около тысячи человек – пишет octagon.media.
This is literally what we’ve been looking at in more detail in class. Just dump a string significantly longer than 200 and you will probably crash it.
ExtBasic #2
In this one here we have to remember we are currently at “https://www.hackthissite.org/missions/extbasic/2″ so to get the file we need an input of “../../index”.
ExtBasic #3
I’m not sure exactly what this one is supposed to mean, however there is only a limited number of combinations and “2″ happens to be the answer.
ExtBasic #4
This one looks pretty similar to Visual Basic definitions - basically we’re defining an int named “var” and “int”. Then we output a combination of the two which we’re told have types 6 and 7. So the answer would be “67″.
ExtBasic #5
Looking into the “sed” PHP command, you’ll find it will only replace one instance of the “eval” unless you specify the “g” (global) command alongside. So the correct line would be ‘sed -E "s/eval/safeeval/g" <exec.php >tmp && touch OK’.
ExtBasic #6
So the hint here is that we have a “sysadmin who does not know much about web configuration”. Even though we have a check which enforces that they aren’t authed, we can still modify the parameter “passed” directly through the url “http://moo.com/moo.php?passed=TRUE”. This problem relates to leaving register_globals ON in the PHP configuration (by default it is OFF now)
ExtBasic #7
I already had done a fair bit related to XSS attacks so I found this pretty obvious - the issue is the $_SERVER[’PHP_SELF’] in the action section; basically if you got referred a link to this site they could include a script in it which would execute on the page. To fix this we can use htmlspecialchars() on this input and also change the request type to “POST”:
I haven’t actually really used Perl so I had to dig into some of the semantics regarding the language - the obvious problem with this script relates to the ‘==‘ comparison as Perl uses ‘eq’ instead. Replacing the line with:
if ($User eq 'BillGates')
yields us the answer.
ExtBasic #9
I pretty much just dug through the functionality of all these Perl calls.. when I got to the read call I discovered the issue:
We need to use a mode of “>>” so it will append to the file instead, so the answer would be:
open(STARTREKLOG, ‘>>/var/log/startrek’);
ExtBasic #10
The obvious problem with this script is that the password value is compared directly against the result after the script. This is combined with the fact we have a user input in the password which can be used to set the ‘passwordvalue’ and issue commands to bypass the loop. If we feed in the following statement:
"=="" set passwordvalue=1065435274 && goto :end hilarious
Happy Saturday and first party after sooooooo long time 💪🏻👌🏻👏🏻👯♀️🙌🏻👍🏻☔️ Thx for the task @dasraeuberherz 🎶 by @nicone_allez.allez #dasraeuberherz #niconeallez #niconeallezallez #eventsberlin2021 #flrywrld #eventmood #technoberlin #eventbilder #eventphotographer #eventphotography #photographysouls #bestdesignsoftheworld #spreebalkon #brommystraße #safeevents #berlinevents (at Berlin, Germany) https://www.instagram.com/p/CUCJRd8MXo9/?utm_medium=tumblr
#SafeEvent : @paperboatdrinks, for its employees, ensured (i) an open air venue (ii) RT-PCR test of all attendees including yours truly, the entertainer. (iii) Reasonable physical distances High quality safety measures for their employees. No wonder their products deliver high quality 👌 https://www.instagram.com/p/CTcfSkoH_GW/?utm_medium=tumblr
@wired @wireduk @ieee @wikileaks @snowden MAYBE u should tell all the people the truthThat nothing digital is safeEver was safeAnd ever was meant to be at all safeIts a control tool that got useful in all levels of life and augmentedAnd now its like elect
@wired @wireduk @ieee @wikileaks @snowden MAYBE u should tell all the people the truthThat nothing digital is safeEver was safeAnd ever was meant to be at all safeIts a control tool that got useful in all levels of life and augmentedAnd now its like elect
@wired @wireduk @ieee @wikileaks @snowden MAYBE u should tell all the people the truth
That nothing digital is safe
Ever was safe
And ever was meant to be at all safe
Its a control tool that got useful in all levels of life and augmented
And now its like electricity, a standard must in modern world, as it was running water before electricity