投稿時間:2022-06-04 17:20:33 RSSフィード2022-06-04 17:00 分まとめ(27件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
python	Pythonタグが付けられた新着投稿 - Qiita	PyQt6およびSIPを入れる際に詰まったのでメモ	https://qiita.com/Inoue_Minoru/items/ed22f03524882c5c075f	scipy	2022-06-04 16:49:58
python	Pythonタグが付けられた新着投稿 - Qiita	JupyterからBlender操作メモ	https://qiita.com/SaitoTsutomu/items/854c826bfc65ecae31f9	blender	2022-06-04 16:39:58
js	JavaScriptタグが付けられた新着投稿 - Qiita	express-generatorで作成したexpressプロジェクトをTypeScript化する	https://qiita.com/katkatprog/items/0205f55377896faace5c	express	2022-06-04 16:50:55
js	JavaScriptタグが付けられた新着投稿 - Qiita	React-Hook-FormでRefを自作コンポーネントに渡したときのエラー・対処	https://qiita.com/s_taro/items/06ace4d323176a1f2fff	nextjsreacttypescript	2022-06-04 16:49:38
AWS	AWSタグが付けられた新着投稿 - Qiita	できるだけ安くブログを立ち上げたいので色々比較してみた	https://qiita.com/watyanabe164/items/2ee1a4e16f72f1dc4a54	wordpress	2022-06-04 16:41:14
AWS	AWSタグが付けられた新着投稿 - Qiita	Certificate Authority Authentication (CAA) エラーにより、1 つ以上のドメイン名が検証に失敗しました。	https://qiita.com/theFirstPenguin/items/89d0c6af5304fe3747fe	authenticationcaa	2022-06-04 16:36:52
AWS	AWSタグが付けられた新着投稿 - Qiita	ECSをApp Meshで管理する際の、メッシュ内外の通信パターンについて	https://qiita.com/r-dohara/items/192b68f200002f2f546a	appmesh	2022-06-04 16:21:05
AWS	AWSタグが付けられた新着投稿 - Qiita	【初心者】機械学習の分類・回帰の実装方法を試してみた	https://qiita.com/zumax/items/b9f2267051c12db63d6d	機械学習	2022-06-04 16:20:02
Docker	dockerタグが付けられた新着投稿 - Qiita	DockerでAnaconda環境構築(Mac)	https://qiita.com/Yuuki_Y/items/9a1acefc04c0f1169602	anaconda	2022-06-04 16:48:53
技術ブログ	Developers.IO	ทำความรู้จักกับ ALB, NLB, GLB ของ ELB(Elastic Load Balancing) ในเบื้องต้น	https://dev.classmethod.jp/articles/get-to-know-alb-nlb-glb-of-elbelastic-load-balancing-in-the-beginning/	ทำความรู้จักกับALB NLB GLB ของELB Elastic Load Balancing ในเบื้องต้นจากการทดลองในบทความที่แล้วทดลองใช้ALB ของEC เพื่อแบ่งการเชื่อมต่อทำให้เราเข้าใจเกี่ยวกับALB Application L	2022-06-04 07:05:29
海外TECH	DEV Community	Awesome VSCode extensions for a better coding experience [ Part 1 ]	https://dev.to/hamza777/awesome-vscode-extensions-for-a-better-coding-experience-part-1--35pj	Awesome VSCode extensions for a better coding experience Part Imagine yourself typing all the HTML boilerplate code when you decided to make a new project or imagine not being able to recall the name of that single property in css and searching the web for it Why am I talking about all this It s obvious because this kind of stuff would really suck So that brings us to the wonderful extensions that we have in vscode made by a lot of people and you can use them for free What are vscode extensions anyway VSCode extensions let you add debuggers and various tools to your environment and works through various custom settings that the extensions bring with them VSCode extensions are a great way to reduce your workload and make it easy for you to write your code and format it You can even create your own vscode extensions but we won t talk about it here There are a lots of extensions available on vscode as of today but I will mention some of which I find really useful Auto Close Tag As you can probably figure out from the name here this extension automatically closes the HTML XML opening tags you write You can customize or change the settings from the vscode auto close tag settings It can even be used to close the self closing tags in HTML Auto Rename Tag This very extension lets you rename both the opening and the closing tag at once saving you the pain of renaming the tags one by one Bracket Pair Colorizer This extension colors bracket pairs based on their positioning in the code i e bracket pairs adjacent to each other will have different set of color from each other This makes the code look really clean and makes it easy to figure out the block of code you want to go to Indent Rainbows This extension is not all that different from the Bracket Pair Colorizer just that it does the same with levels of indentations which can prove to be helpful in a language like python Live Server Not much needs to be said about one of the most popular and useful extensions of all in VSCode where you can see live previews and changes of your work with just a single click To explore more and download these extensions visit here Auto Close TagAuto Rename TagBracket Pair ColorizerIndent Rainbow	2022-06-04 07:54:21
海外TECH	DEV Community	Kaydırıcı robot	https://dev.to/metak47/kaydirici-robot-3jp4	kaydırıcırobot	2022-06-04 07:46:17
海外TECH	DEV Community	Quantum Mechanics...How you look is how you see it...	https://dev.to/metak47/quantum-mekanigine-oluyor-bilen-var-mi-bkb	mechanics	2022-06-04 07:33:35
海外TECH	DEV Community	Remotely controlled SpyCam with nodejs and telegram	https://dev.to/istiak/remotely-controlled-spycam-with-nodejs-and-telegram-564o	Remotely controlled SpyCam with nodejs and telegramIn this article you are going to see how to create a spy camera with nodejs and telegram that you can use to capture images over the internet so lets start Create a Telegram Botgo to telegram and search BotFathernow if you click the menu you are going to see create new bot option along with some other options hit create new bot now you have provide some name the bot and a username for the bot you will receive token and bot link in return securely store them for later use and do not share them publicly Create a node projectyou now have to create a node project go to the directory you want to store you code in and hityarn init y now lets install some dependenciesyarn add dotenv node webcam node telegram bot apicreate a env file in your project root with TELEGRAM TOKEN MY TELEGRAM CHAT ID ACTIVATION TEXT variablesput the secret token that you received from BotFther in TELEGRAM TOKEN set ACTIVATION TEXT MY TELEGRAM CHAT ID is to make things more secure you will see how to find it below you can also work without chatId there is a github link for that at the end of the article getting MY TELEGRAM CHAT ID main js require dotenv config const TelegramBot require node telegram bot api const TELEGRAM TOKEN process envconst bot new TelegramBot TELEGRAM TOKEN polling true bot on message async msg gt const chatId msg chat id console log chatid if you run this code with node main js and send a message in your bot channel bot channel can be found with token message from BotFather you will get your chatId you can now set it in MY TELEGRAM CHAT ID in env file Taking pic from webcam with nodeyou are going to use the below code to take pic with node from your webcam takePic js var NodeWebcam require node webcam const takePic async gt try return new Promise resolve reject gt var fileName Math random toString slice var opts width height quality frames delay saveShots true output jpeg device false callbackReturn location verbose false var Webcam NodeWebcam create opts Webcam capture fileName function err data if err reject err resolve fileName jpg catch error reject error module exports takePic now that you have everything in your env set up you can now modify your main js like thisvar takePic require takePic require dotenv config const TelegramBot require node telegram bot api const TELEGRAM TOKEN MY TELEGRAM CHAT ID ACTIVATION TEXT process envconst bot new TelegramBot TELEGRAM TOKEN polling true bot on message async msg gt const chatId msg chat id const text msg try if chatId MY TELEGRAM CHAT ID amp amp text ACTIVATION TEXT bot sendMessage chatId wait const filename await takePic const url dirname filename bot sendPhoto chatId url catch error console log error bot sendMessage chatId error bot sendMessage chatId an exception occurred now run main js node main js if you now send the activation text in your bots channel hear it is snap set in env you will initially receive a reply with wait followed by a Picture captured from your webcam D you can find the whole code in hear without chatIdThank You for reading this article hope you found it useful	2022-06-04 07:27:50
海外TECH	DEV Community	Feeling basic? Do the Basic Pentesting CTF on Try Hack Me!	https://dev.to/christinecdev/feeling-basic-do-the-basic-pentesting-ctf-on-try-hack-me-3ea7	Feeling basic Do the Basic Pentesting CTF on Try Hack Me Sometimes it s good to go back to the basics to reground ourselves in our root knowledge That is why the Basic Pentesting CTF is perfect for any beginner who wants to practice their new found pentesting skills especially in terms of brute forcing hash cracking service enumeration and Linux Enumeration Grab your most comfy butt pillow a drink and let s get hacking Task Web App Testing and Privilege EscalationDeploy the machine and connect to the network Get your machine up and running You can access this via OPENVPN which I will be using or via the built in Attackbox Find the services exposed by the machineThis is basic bare miimum reconnaissance To find the services exposed by the machine we need to run a simple nmap scan using the following command nmap lt your machine s IP Address gt We can see that they are running the following services ssh netbios and microsoft ds What is the name of the hidden directory on the web server enter name without To find directories or hidden directories of our web application we can use a tool called gobuster Open up your terminal and run the following command gobuster dir w usr share dirb wordlists common txt u http lt your machine IP gt o output txt We use the common txt file because it contains the names of common URL directories paths We can see there is one hidden directory development When we open it in our browser we can see it contains the uploaded files of our server We will get into the file content later User brute forcing to find the username amp password Okay now the fun part begins Before we open up any tools let s first have a look at those text files in our development directory Our dev txt file contains a message thread where a used K mentions that they are using Apache Struts version and that they have configured SMB This is useful because we could find exploits for the Apache Struts application as well as log into SMB via smbclient Our j txt file contains a message from user K to user J warning them of using weak credentials This means if we find user J s fullname we can brute force their weak password If you were interested in following this route you could download the exploit for Apache Struts and manipulate the services that way I just wanted to show you that there are exploits for this Okay if we have a quick Google we can see that we can log into smbclient using an anonymous connection Let s try this by opening our terminal and running the following command smbclient lt your machines IP gt anonymous When prompted to enter a password just press enter Once logged in let s list the files saved on our smbclient There is an interesting file named staff txt When we read the content of this file we can identify two users Jan and Kay We know that Jan J had weak credentials so we will be using her username to brute force a password Let s brute force Jan s password by making use of the hydra tool Enter the command hydra t l jan P usr share wordlists rockyou txt ssh lt your machine IP gt so that we can bruteforce the password needed to log into Jan s ssh system This will take a while but at the end you will be given Jan s password We can now use this to answer the next three questions What is the username Check above for the steps we took to find this solution What is the password Check above for the steps we took to find this solution What service do you use to access the server answer in abbreviation in all caps Check above for the steps we took to find this solution Enumerate the machine to find any vectors for privilege escalation Let s start by using ssh to log into Jan s system Open up your terminal and run the command ssh jan lt your machine IP gt remember to use the password armando If we cd into home and we list the directories we can see that there are two directories jan and kay We can access most of jan s content but for kay s content we need root access Kay does have a file that is of interest to us pass bak but we need root access to view it Let s see if we can find Kay s ssh credentials There is a directory named ssh so let s cd into it and view the contents It contains a id rsa file which we can use to get a temporary passkey Create a file on your Desktop called pass txt or anything you want Copy the entire RSA Private Key into this file and save it Now make sure you are in the directory where you saved this file because we are going to use python s sshjohn py tool to transform our RSA private key to john format for later cracking using John The Ripper Enter the command python usr share john sshjohn py pass txt gt password txt We can now use John The Ripper to crack our passcode Enter the command john wordlist usr share wordlists rockyou txt password txt and wait for the magic to happen We will get a returned passcode beeswax Okay we can finally use this passcode to log into Kay s ssh account Go to the terminal where you are logged in as Jan Make sure you are logged in as Jan or else this will not work Enter the command ssh i home kay ssh id rsa kay lt your machine IP gt and enter the passphrase beeswax Hoorah We are now logged in as Kay Now we can go ahead and cd into home kay and we can read the content of the file named pass bak We have successfully enumerated the machine to escalate our privilege We can now answer the remaining questions What is the name of the other user you found all lower case Check above for the steps we took to find this solution If you have found another user what can you do with this information We can use this data to access their account or escalate our privilege using their passcode Check above for the steps we took to find this solution What is the final password you obtain Check above for the steps we took to find this solution ConclusionCongratulations You have successfully completed the Basic Pentesting CTF I hope this was easy enough to follow and that you had fun along the way See you next time Happy hacking Visit my GitHub for more	2022-06-04 07:20:26
海外TECH	DEV Community	The Complete Writeup for a Simple CTF (Try Hack Me)	https://dev.to/christinecdev/the-complete-writeup-for-a-simple-ctf-try-hack-me-1jmn	The Complete Writeup for a Simple CTF Try Hack Me Want to be cool Want to be a hacker Want to be old school Well look no further kid because today we are going to hackify this Simple CTF on Try Hack Me enter electric guitar and flying unicorns here When you re ready start up that machine crack your knuckles and let s break this CTF apart Task Simple CTFHow many services are running under port By now you will know that to find the services that are running on a port we need to run a nmap scan Run the following command to scan for all services under port nmap p lt your machine IP gt We can see that there are two services running ftp and http What is running on the higher port Now we need to scan for services above We can do this by simply running a normal nmap scan via nmap sV lt your machine IP gt We can see one port above which is port tcp and it is running ssh What s the CVE you re using against the application Before we can look for the CVE of our web application we need to look at what our application contains Let s start at our home page Open up your IP address in your browser We are greeted with a Default Ubuntu Page Okay there s not much for us there so let s see what other directories we can find to see which services we can exploit Let s run a gobuster scan to find these hidden directories Open up gobuster and run the following gobuster dir w usr share dirb wordlists common txt u http lt your machine IP gt t o output txt We can see that we have the following hidden directories that could be of importance to us robots txt and simple Go back to your browser and open robots txt It s useless Okay let s try simple Hoorah We are met with a page to CMS Made Simple When we scroll to the bottom we can see the version of CMS Made Simple used for this site We can use this to find exploits When we search for it in Exploit DB you can click here to go to the exploit we can see the CVE for this application To what kind of vulnerability is the application vulnerable From the page above we can see that it is a sqli vulnerability What s the password Okay now we need to use the CVE found above to exploit our application to find a password If you are using python do not install the exploit from Exploit DB since you will have to pip install things to run python Instead head over to this GitHub page and download the exploit py file for this CVE that is converted into python You can copy this file onto your desktop I saved mine as py Now open up your terminal and cd to your Desktop We need to run the chmod x exploit py command to convert this script into an executable Okay then we can simply run the bash script to run the exploit against our target IP python exploit py u http lt your machine IP gt simple crack w usr share wordlists rockyou txtThis will take some time but you will eventually find the password secret Where can you login with the details obtained We can log in to ssh with these details since we have the username mitch the IP address and his password What s the user flag Let s log into ssh using Mitch s credentials Run ssh mitch lt your machine IP gt p is ssh s port Let s list all the directories using ls a We can see a file named user txt and we can read the contents of this file via cat user txt Is there any other user in the home directory What s its name Let s first cd into our home directory We can see that there is one other user besides Mitch Sunbath What can you leverage to spawn a privileged shell We can use vim to spawn a privileged shell What s the root flag Let s use vim to spawn a privileged shell You can read more on this in the in link provided above but simply put we can do it via the following command sudo vim c bin sh When we run the id command we see that we now have root access Now let s cd into root We can see there is a file named root txt We have root access so we can simply cat root txt to get the final flag ConclusionI hope this was easy enough to follow and if it was congratulations on completing the Simple CTF You are now a master hacker and there is nothing more to teach you Keep an eye on your inbox for an email from the CIA They ll be in touch soon Until next time happy hacking Visit my GitHub for more	2022-06-04 07:18:53
海外TECH	DEV Community	OhSINT! Complete CTF Writeup for Try Hack Me Beginners	https://dev.to/christinecdev/ohsint-complete-ctf-writeup-for-try-hack-me-beginners-2a4p	OhSINT Complete CTF Writeup for Try Hack Me BeginnersImagine a world where you can cyber stalk someone you barely know and not seem like a weirdo Well in today s CTF writeup you can The OhSINT CTF on Try Hack Me allows you to put your stalking skills to use and it all starts with a picture First things first Open source intelligence OSINT or oh shi refers to the collection and analysis of data gathered from open sources such as sources found over the internet to produce actionable intelligence on a subject Okay gone with you boring information Let s start hunting Task OhSINTBefore we begin with answering the questions let s download the task files which contains our image Once you ve loaded up your image right click and open up its properties When we go into the details we can identfify the author of the image OWoodflint Let s see what we can find about our new friend OWoodflint by Googling them We can see that OWoodflint has three profiles Twitter GitHub and a personal blog OWoodflint s Twitter OWoodflint s GitHub OWoodflint s BlogNow that our basic hunting is over let s start answering questions What is this users avatar of Let s have a look at their Twitter It s obviously a racoon What city is this person in If we go over to their GitHub we can see that they stated in their README md that they are from London Whats the SSID of the WAP he connected to When we go over to their Twitter we can see that they made a tweet about their free wifi We can use this BSSID to find the SSID of the WAP they connected to To do this we need to go over to Wigle net Register for an account and once you ve done that head over into view gt advanced search Paste in the BSSID they tweeted and let the good times roll What is his personal email address Back to their GitHub profile and all will be revealed What site did you find his email address on What site did you find his email address on When we head over to their blog we can see that they recently went on holiday to New York What is this persons password For this we need to view the page source of their website You will find the answer to this in a hidden tag underneath their intro paragraph ConclusionCongratulations You are now a certified stalker this is a joke OSINT is very useful and unlike stalking legal I made you a certificate because you deserve it See you next time Happy hacking Visit my GitHub for more	2022-06-04 07:16:59
海外TECH	CodeProject Latest Articles	A Free & Useful Converter from VB project to C# project	https://www.codeproject.com/Tips/5333669/A-Free-Useful-Converter-from-VB-project-to-Csharp	projectthis	2022-06-04 07:13:00
海外ニュース	Japan Times latest articles	Japan gears up to lure wealthy foreign tourists to regional areas	https://www.japantimes.co.jp/news/2022/06/04/business/japan-wealthy-regional-tourism/	Japan gears up to lure wealthy foreign tourists to regional areasThe country s tourism agency will select model sites within fiscal and help them establish accommodations and develop tourism resources to attract rich visitors	2022-06-04 16:42:50
海外ニュース	Japan Times latest articles	No radio and old tactics: How the police response in Uvalde broke down	https://www.japantimes.co.jp/news/2022/06/04/world/no-radio-old-tactics-police-response-uvalde-broke/	No radio and old tactics How the police response in Uvalde broke downThe commander at the scene arrived without a police radio and decided in the first minutes on an approach that would delay a confrontation	2022-06-04 16:25:11
海外ニュース	Japan Times latest articles	Musk’s warning could be auto industry’s ‘canary in the coal mine’ moment	https://www.japantimes.co.jp/news/2022/06/04/business/tesla-elon-musk-recession/	Musk s warning could be auto industry s canary in the coal mine momentTesla CEO Elon Musk s super bad feeling about the economy could signal a looming recession for an industry whose bosses have shown no signs of	2022-06-04 16:10:23
ニュース	BBC News - Home	Shot dead by Sri Lankan police while trying to get fuel	https://www.bbc.co.uk/news/world-asia-61667282?at_medium=RSS&at_campaign=KARANGA	excessive	2022-06-04 07:04:32
北海道	北海道新聞	アルコール表示、グラム単位でも　ビール缶、大手４社そろう	https://www.hokkaido-np.co.jp/article/689536/	表示	2022-06-04 16:08:13
北海道	北海道新聞	サル痘、欧米で感染増加　７６０人、１０日で３倍超	https://www.hokkaido-np.co.jp/article/689540/	発疹	2022-06-04 16:20:00
北海道	北海道新聞	十勝サイダーはじける人気　ブドウやトウキビ…特産品で１０種類　販売数３割増、販路は全国５０カ所以上に	https://www.hokkaido-np.co.jp/article/689508/	十勝管内	2022-06-04 16:18:34
北海道	北海道新聞	シニアカーで阪急バス乗車ＯＫ　利用者「大きな一歩」と歓迎	https://www.hokkaido-np.co.jp/article/689538/	大阪府池田市	2022-06-04 16:12:00
北海道	北海道新聞	コンサドーレ、広島に３失点完敗　ルヴァン杯	https://www.hokkaido-np.co.jp/article/689537/	北海道コンサドーレ札幌	2022-06-04 16:05:00