STRATEGY & CREATIVITY

Phasellus iaculis dolor nec urna nullam. Vivamus mattis blandit porttitor nullam.

PORTFOLIO

We pride ourselves on bringing a fresh perspective and effective marketing to each project.

TryHackMe Advent of cyber Day 9 Task 14 walkthrough

The platform develops virtual classrooms that not only allow users to deploy training environments with the click of a button, but also reinforce learning by adding a question-answer approach. Its a comfortable experience to learn using pre-designed courses which include virtual machines (VM) hosted in the cloud.

TryHackMe Advent of cyber Day 9 Task 14 walkthrough

While using a question-answer model does make learning easier, TryHackMe allows users to create their own virtual classrooms to teach particular topics enabling them to become teachers. This not only provides other users with rich and varied content, but also helps creators reinforce their understanding of fundamental concepts.

TryHackMe :- Click Here

Day Nine — Requests

Day 9 brings us our first scripting challenge. We’re given access to a public IP VM (on the THM network, so remember to use OpenVPN!) located at 10.10.241.214 or 10.10.112.87 and are told that it runs a webserver on Port 3000. We’re also told that the root directory of the webpage serves a file containing the JSON object: {"value":"s","next":"f"} , which gives us a value and the location of the next value. The support material for today’s challenge is once again a Google Doc. I’ve provided a step-by-step tutorial for building today’s script, and there’s a screenshot of the finished program at the end of the Day 9 write-up.
TryHackMe Advent of cyber Day 9 Task 14

Despite being told that the file just contains a single JSON object, I think it’s worth just checking for ourselves.

curl http://10.10.169.100:3000

But if using a web browser is preferable then that works too (note that the browser is displaying the data as a table — switch to the Raw Data tab to see what the website will actually send if request data from it):

As I understand it, a lot of people just did this challenge manually; however, it’s a lot more fun (not to mention quicker and more reliable) to do it with a simple script, so that’s what we’re doing.

Get your favourite text editor up and make a new Python ( .py ) file. If you don’t have Python installed then download it from here if you’re running Windows or Mac. Most flavours of Linux already have Python installed, but if you prefer using an IDE to code then it’s worth downloading IDLE or Visual Studio code.

We’ll go through this line by line, and I’ll post a screenshot of the finished file when we get to the end.

The first thing we need to do is import the requests library:

import requests

The requests library is used to send HTTP requests and receive responses. For this program that’s all we need it to do: send and receive.

The next thing we’re going to do is setup global variables for the host and path of the domain:

path = "/"
host = "http://10.10.169.100:3000"
These will be used during the actual requests stage — for the time being our path is just the root directory because we know that’s where the first JSON object is.

We also want to make an (empty) global array to store our answers in:

values = []

We know from the challenge description that we’re being asked to keep following the trail of JSON objects until we reach one that is {"value":"end","next":"end"} — in other words, we want to keep going until the next path in the list is /end .

Let’s set up a while loop to do this:

while path != "/end":

From this point on indentation is extremely important as the Python interpreter uses it to determine which lines are part of which statement. Everything inside the while loop has to have a single tab before it.

The next thing we need to do is request some information from the server:

response = requests.get(host+path)

This makes a GET request to the website and stores the response in a variable called response.

The next line we need is:

json_response = response.json()

Without going into too much detail, this line analyses the response for JSON data and sets it (as a dictionary) to a variable called json_response.

We now have our JSON object saved as a Python dictionary with key-value pairs. Right now our dictionary looks like this:

So, we have our data in a readable format. What are we going to do with it now?

The first thing we need to do is update our path variable so that the program knows where to look next:

path = "/" + json_response["next"]

This is setting the path variable equal to a forward slash, followed by the value stored with the “next” key from the dictionary we requested. After the first iteration of our loop, the path variable would look like this:

/f

because “f” was the letter stored in the first dictionary “next” key.

We also want to add the value to our list of values — but only if the value isn’t end :

if path != "/end":
values.append(json_response["value"])

We already decoded the “next” value and set it to the path, so if we test path to be equal to /end we know that the next value was “end”. In the above statement, if the path is anything other than /end the value in the “value” key of the dictionary will get added to our list of values.

Finally (outside the while loop), we use:

print("".join(values))

which outputs the values array (joined together as a string) to give us our answer to the only question for Day9. The final program should look like this:

Full Program

#!/usr/bin/python3

import requests
path = "/"
host = "http://10.10.169.100:3000"
values = []

while path != "/end":
   response = requests.get(host+path)
   json_response = response.json()
   path = "/" + json_response["next"]
   if path != "/end":
        values.append(json_response["value"])
print("".join(values))

When we run the program, we should be given our sole answer for the day:

python request.py

Program returns the flag

Video Tutorial :-

Disclaimer

This was written for educational purpose and pentest only.
The author will not be responsible for any damage ..!
The author of this tool is not responsible for any misuse of the information.
You will not misuse the information to gain unauthorized access.
This information shall only be used to expand knowledge and not for causing malicious or damaging attacks. Performing any hacks without written permission is illegal ..!

All video’s and tutorials are for informational and educational purposes only. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. We believe that it is impossible to defend yourself from hackers without knowing how hacking is done. The tutorials and videos provided on www.hackingtruth.in is only for those who are interested to learn about Ethical Hacking, Security, Penetration Testing and malware analysis. Hacking tutorials is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used.

All tutorials and videos have been made using our own routers, servers, websites and other resources, they do not contain any illegal activity. We do not promote, encourage, support or excite any illegal activity or hacking without written permission in general. We want to raise security awareness and inform our readers on how to prevent themselves from being a victim of hackers. If you plan to use the information for illegal purposes, please leave this website now. We cannot be held responsible for any misuse of the given information.

- Hacking Truth by Kumar Atul Jaiswal

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

PHP - The switch Statement

If you want to select one of many blocks of code to be executed, use the Switch statement.

The switch statement is used to avoid long blocks of if..elseif..else code.PHP The switch Statement

Syntax

switch (expression)
{
case label1:
code to be executed if expression = label1;
break;

case label2:
code to be executed if expression = label2;
break;
default:

code to be executed
if expression is different
from both label1 and label2;

}

Example

The switch statement works in an unusual way. First it evaluates given expression then seeks a lable to match the resulting value. If a matching value is found then the code associated with the matching label will be executed or if none of the lable matches then statement will execute any specified default code.

<!DOCTYPE html>
<html>
<head>

<title>PHP The Switch Statement </title>

</head>
<body>

<h1></h1>

<?php

$d = date("D");

switch ($d)
{

case "Mon":
echo "Today is Monday";
break;

case "Tue":
echo "Today is Tuesday";
break;

case "Wed":
echo "Today is Wednesday";
break;

case "Thu":
echo "Today is Thursday";
break;

case "Fri":
echo "Today is Friday";
break;

case "Sat":
echo "Today is Saturday";
break;

case "Sun":
echo "Today is Sunday";
break;

default:
echo "Wonder which day is this ?";
}

?>

</body>
</html>

Output

Today is wednesday

PHP - The if..ifelse...elseif Statement

The switch statement will be explained in the next chapter. ( Click Here )

Video on This Topic :- Soon

I hope you liked this post, then you should not forget to share this post at all.
Thank you so much :-)

What is Hacking and what is Ethical Hacking, is it Legal or Illegal.
What is Hacking? I welcome you to my blog. guys, I try to make the post written by me hundred percent correct. So that you can get the correct information and make it easy to read. Today's topic is related to hacking. So guys, today we will know what hacking is. What are the types of hackers. How is hacking done?

What is Hacking?

I welcome you to my blog. Friends, I try to make the post written by me hundred percent correct. So that you can get the correct information and make it easy to read. Bahral, we go to our topic. Today's topic is related to hacking. So friends, today we will know what hacking is. What are the types of hackers. How is hacking done? What is Hacking and what is Ethical Hacking, is it Legal or Illegal.

Nowadays the use of Computer and Smartphone is increasing very fast. It is almost impossible for people to do their work without Smartphone and Computer. Whether it is own business or working in a company / bank.

Computer is used everywhere, computer is used for doing small work.

Many problems have to be faced while doing the same work, in such a situation, when we are talking about computers, then the matter of cyber crime also becomes necessary.

Friends, you must have heard about Cyber Crime. If you have not heard, then I want to tell that Cyber Crime is a type of crime in which hackers steal personal details or data of others using computers. Due to which people suffer heavy losses. And blackmail them and grab lakhs of rupees. Due to cyber crime many organizations have to pay crores of rupees every year due to their data being stolen.

In the computer world, where the crime is not taking the name of stopping, how to protect the people of Longo from the files kept in their -2 computers and the data of the company and Bussiness from being hackers. So friends, we will give you the answer to this question in this post. So, you must read this article about

what is hacking?

Hacking means to find a weakness in a computer's system and take advantage of that weakness and hack that system. The person or person who does this Hacking, we call it Hacker. A Hacker has all kinds of knowledge related to computer, that is why he can easily hack Valunerbility from someone's computer system. On hearing the name, we realize that this is a wrong thing.

Types Of Hacking

Network Hacking

This type of Hacking means that it receives all the information over the Hacker Network itself, for which many tools are available such as -Telnet, NS, Lookup, Ping, tracert, Netstat etc. Its main purpose is only to reach the network system and its operation.
Website Hacking

In website hacking illegally gaining control over the association of its web server and website, ie Database or Interface.

Email Hacking

In email hacking, Hacker creates a duplicate Phishing page, reaches the user to that phishing page, if the user puts information in it then the Email ID gets hacked. It is used in illegal works in an unauthorized manner.

Ethical Hacking

This type of Hacking goes into many ethical tasks. In this Hacking, First Owner's Permission is taken by hacker to find Weakness in the system and Owner is helped in removing these Weakness.

Password Hacking

In this type of Hacking, passwords are cracked in an unauthorized manner, in which the system is hacked by stealing secret passwords kept in the computer.

Computer System Hacking

In this type of hacking, the hacker knows the ID and password of a computer's system and uses the computer illegally by sequre connection to it.

He deletes 2 files sitting at one place and also steals the data. hacking news

See Also

For More information :- Click Here

CEH v10 ( website ) :- Click Here

CEH V10 ( Videos ) :- Click Here

CEH V10 ( Videos ) :- Click Here

What are the types of hackers?

1. Black Hat Hacker

Black Hat Hacker illegally gain the ID and password of your website, Computer System, Android Smartphone, Facebook etc. without your permission.

And assert their authority over the information kept in them. Whether he deletes them or demands a ransom from the owner, Black Hat Hacker is very bloodthirsty. They do not hesitate at all to harm others. Ethical Hacking, is it Legal or Illegal.

2. White Hat Hacker

White Hat Hacker does hacking in an ethical way. Hackers of this category provide protection to our system, website and smartphone from being hacked. Such hackers take permission from the owner of the system and help us in protecting from the attacker. White hat hacker check the security of our website or system. This tells whether the system is a sequer or not. Finds weakness and provides sequrity. It is also called ethical hacker.

3. Gray Hat Hacker
Gray Hat Hacker is actually in a state of confusion. They may or may not play with anyone without permission. By the way, it can hack anyone's system to improve their skills, but they do not cause any harm but they cannot be called a white hat hacker and not a black hat hacker.