Sometimes the secrets you have held in your heart are harder to hide than you thought
👌7💯2⚡1👍1
March Recap
March was kinda chaotic and beautiful at the same time. Probably the longest one yet. Well, to kick off, got two of my phones stolen last month. On the flip side, I got the time to read many technical books and some of them were a real gem. Speaking of, there is a chance you might make a change on your career direction by just reading technical books. I want to venture in various books if I will get to have a spare time. Overall, March was nice, and made me realise lots of stuffs. Oh, I saw a camel too lol
The Forthcoming April
Kinda pausing all my cybersec activities for 7 weeks. It's hard for me, and I am pretty aware that will cost me so much. But, my schedule is really tight and I have to sort out a lot of stuffs. I was even thinking to get a mic and start streaming or YouTube content since it's really rare to find Ethiopian cybersec content creators on YouTube. I guess I am gonna leave the streaming for next year. When I'm back to my usual activities, we will rock it.
March was kinda chaotic and beautiful at the same time. Probably the longest one yet. Well, to kick off, got two of my phones stolen last month. On the flip side, I got the time to read many technical books and some of them were a real gem. Speaking of, there is a chance you might make a change on your career direction by just reading technical books. I want to venture in various books if I will get to have a spare time. Overall, March was nice, and made me realise lots of stuffs. Oh, I saw a camel too lol
The Forthcoming April
Kinda pausing all my cybersec activities for 7 weeks. It's hard for me, and I am pretty aware that will cost me so much. But, my schedule is really tight and I have to sort out a lot of stuffs. I was even thinking to get a mic and start streaming or YouTube content since it's really rare to find Ethiopian cybersec content creators on YouTube. I guess I am gonna leave the streaming for next year. When I'm back to my usual activities, we will rock it.
🔥8⚡5❤🔥1❤1
You start thinkin' about the things you can't forget, and those are the things you can't forgive.
[The Little Things]
#movie
Mira
Oh, I saw a camel too lol
Wrote "I saw a camel" in Ocaml
let () = print_endline "I saw a camel"
Speaking of Ocaml, I kinda liked Hyperapp back then for an FP language based on Elm architecture to be used on the Frontend. I guess I made some random task manager inspired by the book I was reading. Zoomie, one of my projects made a longtime ago (opensourced it a year before or so), was also intended to be made with Hyperapp. I don't remember how I ended up using express js. Use this recent blog for a quick tour of Hyperapp if you're interested in functional programming with js.
👍3🔥1
This was Zoomie, a video chat app built with simple WebRTC and runs on express server. UI built with plain CSS and jQuery (I really sucked at UI)
🔥7
For my final yapping session, I noticed that Zoomie used handlebars as a templating engine. Lately, I was checking the Server Side Template Injection (SSTI) vulnerability. So... The concept of Server-Side Template Injection (SSTI) was first publicly introduced by PortSwigger researchers in 2015. It is basically when user input is unsafely embedded into server-side templates. These templates are used by web applications to generate dynamic content by combining user data with predefined structures. For example,
If 'username' contains an expression that's evaluated (say something like {{3*5}}), it will lead to a malicious code execution. Every server side language has its own template engine like for PHP: Smarty, Twig and for Python: Jinja2, Mako and for Java: Freemarker, Velocity. I personally used pug in node js for other projects and handlebars for zoomie. If a site uses a template engine, you can determine its type by running the following payload:
The exploitation flow goes like: inject crafted payloads into vulnerable fields, and execute arbitrary commands or access sensitive server data, and then escalate privileges for full server control. Let us say for example the site uses Jinja2. If you get a response by running the identification payload, you can then execute commands like whoami on the server.
You can basically run commands you want directly on the server. This shit has medium or high severity impact since it leads to RCE and stuff. You can just avoid this by validating the user input at the first place.
Hello {{ username }}If 'username' contains an expression that's evaluated (say something like {{3*5}}), it will lead to a malicious code execution. Every server side language has its own template engine like for PHP: Smarty, Twig and for Python: Jinja2, Mako and for Java: Freemarker, Velocity. I personally used pug in node js for other projects and handlebars for zoomie. If a site uses a template engine, you can determine its type by running the following payload:
Jinja2 (Python Flask/Django): {{ 7*7 }}
Freemarker (Java): ${7*7}
Velocity (Java): #set($a = 7*7)${a}
Thymeleaf (Java): ${7*7}
Twig (PHP Symfony): {{ 7*7 }}
Smarty (PHP): {$7*7}
Mako (Python): <% print 7*7 %>The exploitation flow goes like: inject crafted payloads into vulnerable fields, and execute arbitrary commands or access sensitive server data, and then escalate privileges for full server control. Let us say for example the site uses Jinja2. If you get a response by running the identification payload, you can then execute commands like whoami on the server.
{{self._TemplateReference__context.cycler.__init__.__globals__.os.popen('whoami').read()}}You can basically run commands you want directly on the server. This shit has medium or high severity impact since it leads to RCE and stuff. You can just avoid this by validating the user input at the first place.
Elementary school was wild man
I remembered a vivid memory where a grown ass adult guest telling us the difference between email and gmail was that we use electric to send emails and generator to send gmails. Bro should've been sentenced for life
I remembered a vivid memory where a grown ass adult guest telling us the difference between email and gmail was that we use electric to send emails and generator to send gmails. Bro should've been sentenced for life
🤣34🔥2
Mira
Elementary school was wild man I remembered a vivid memory where a grown ass adult guest telling us the difference between email and gmail was that we use electric to send emails and generator to send gmails. Bro should've been sentenced for life
destined for a generational trauma,
does cybersec now. God is good
does cybersec now. God is good
Forwarded from RaGooSanta
still one of my fav creator
https://www.youtube.com/watch?v=RBRO-YGMYs0
https://www.youtube.com/watch?v=RBRO-YGMYs0
YouTube
Elementary School in a Nutshell
Elementary school was something else. It was fun tho.
Subscribe for more of me!
Wanna see my best vids, voila:- https://www.youtube.com/watch?v=jgdoR5Yb5to&list=PLpSx4Y0USB-8p7hqdj9tej9XQ0kLLjWW3&index=4
Old boys school vid in : https://www.patreon.com…
Subscribe for more of me!
Wanna see my best vids, voila:- https://www.youtube.com/watch?v=jgdoR5Yb5to&list=PLpSx4Y0USB-8p7hqdj9tej9XQ0kLLjWW3&index=4
Old boys school vid in : https://www.patreon.com…
❤3
life update ?
Anonymous Poll
36%
going well. I just like it
36%
meh. but not a dead man walking
28%
surviving barely