投稿時間:2022-06-12 17:09:06 RSSフィード2022-06-12 17:00 分まとめ(11件)

カテゴリー等	サイト名等	記事タイトル・トレンドワード等	リンクURL	頻出ワード・要約等/検索ボリューム	登録日
python	Pythonタグが付けられた新着投稿 - Qiita	【お店探しのWebAR】DjangoでWebSocket編	https://qiita.com/KarT1994/items/c0324f4a89a8854aa1c1	django	2022-06-12 16:57:18
python	Pythonタグが付けられた新着投稿 - Qiita	PyQtGraphでうんこを描画する方法	https://qiita.com/kazunoriri/items/0c79503ba00af72e9ba2	rompyqtqtwidgetsimportqap	2022-06-12 16:56:19
python	Pythonタグが付けられた新着投稿 - Qiita	LCS(最長共通部分列）をPythonで解く	https://qiita.com/tetsuro731/items/bc9fb99683337ae7dc2e	最長共通部分列	2022-06-12 16:00:46
js	JavaScriptタグが付けられた新着投稿 - Qiita	【お店探しのWebAR】DjangoでWebSocket編	https://qiita.com/KarT1994/items/c0324f4a89a8854aa1c1	django	2022-06-12 16:57:18
AWS	AWSタグが付けられた新着投稿 - Qiita	新卒3年目と巡るAWS Summitの旅	https://qiita.com/suzuki_kento/items/1f27e9f494d85e253083	awssummit	2022-06-12 16:10:59
Git	Gitタグが付けられた新着投稿 - Qiita	ファイルを追加する、ステージの状態を見る	https://qiita.com/masatom86650860/items/2a5137606e9bce8457b4	gitadd	2022-06-12 16:58:09
海外TECH	DEV Community	15 Beautiful Color Gradients using CSS	https://dev.to/devash98/15-beautiful-colour-gradients-using-css-4em1	Beautiful Color Gradients using CSS I am here with another list In this post I have enlisted aesthetic color gradients using CSS examples of colour gradients in CSS which you can implement in your next projects I have used linear gradient method of CSS and only the gradient direction to bottom left There are many others gradient directions like to right to top etc to read about the linear gradient method you can refer to this freecodecamp article Let s jump into the list background image linear gradient to bottom right FFF DD background image linear gradient to bottom right FFD FE background image linear gradient to bottom right FFB D background image linear gradient to bottom right FD FFBDF background image linear gradient to bottom right DFCB background image linear gradient to bottom right CFF B background image linear gradient to bottom right FCEE background image linear gradient to bottom right FDFCFB EDC background image linear gradient to bottom right EC FBF background image linear gradient to bottom right FDABDD AA background image linear gradient to bottom right AD background image linear gradient to bottom right C DA background image linear gradient to bottom right B FCA background image linear gradient to bottom right FFDB ED background image linear gradient to bottom right FFED EF Congratulations You have successfully read this long list I have also tweeted this one you can bookmark it there for your future reference I have gathered this colourful ideas from Pinterest I Hope you have found it useful Share the article comment which one you are going to use and comment your feedbacks as well Also I write about web development on twitter follow me there for understanding web development technologies easily Thank you See you soon	2022-06-12 07:42:34
海外TECH	DEV Community	Let's Hack The World in The MR. Robot CTF! 👾	https://dev.to/christinecdev/lets-hack-the-world-in-the-mr-robot-ctf-4bj5	Let x s Hack The World in The MR Robot CTF Today we are going to take a crack at the Mr Robot CTF on Try Hack Me I must say before we start that I love the design of this lab The website is so cool and so well thought out it was just perfect I really encourage you to look at all the videos it s pretty hackery When you re ready put on your FSOCIETY hoodie and let s hack the world What is key Once your machine is loaded we can start with our basic enumeration First things first when we open up the IP address of the machine in our browser we are met with a command line like website Each command that you type in will load a video so it s not really that important but you can check it out if you want Let s run an nmap scan to see if we can find any services nmap sV Pn lt your machine IP gt Mhh we can see that our ssh port is closed There is a ssl http port that is of interest though Let s run a gobuster scan to see which directories we can enumerate gobuster dir w usr share wordlists dirbuster directory list small txt u lt your machine IP gt t We can see that there is a robots directory When we look at our hint it says Robots Let s navigate to our robots We can see that our robots txt mentions a key of txt file It also has a fsocity dic file which contains a list of passwords Save this file because we will need it later Let s navigate to it lt ip gt key of txt We ve found our first key What is key When we look back at our gobuster scan we can see that there is a login and wp login directory that indicates that the site is made with Wordpress Let s navigate to our wp login We won t get pretty far without a username and password duh If we run a wpscan scan on our web application to see if we can find a user we can see that we get nothing useful except the Wordpress version which we could maybe exploit wpscan url http lt your machine IP gt wp login enumerate uWe have one of two options now manually trying different usernames or making use of Burp Suite s intruder to find a username When I first did this CTF I tried my luck by going with the most obvious usernames MrRobot and Elliot Elliot won Now that we have a username we can go back to wpscan or in my case I chose hydra and enumerate through our fsocity dic file that we downloaded above to find a valid password for Elliot export ip lt your machine IP gt hydra l Elliot P Downloads fsocity dic ip V http form post wp login php log USER PASS amp wp submit Log In amp testcookie S Location This took my scanner minutes so to save you the effort I will reveal the password for you gt gt Elliot ER Let s log in using these credentials From here on our next moves are pretty standard Let s see if we can run a reverse shell using php by pasting our shell in the php file in the theme editor Remember to save this new file You can download the reverse shell from pentestmonkey and remember to update the IP address with the address of your OPENVPN not your machine IP and insert the port of your choice I left it at Start up a netcat listener nc nlvp lt your port insterted in reverse shell gt Now head over to lt your machine IP gt php and check your netcat listener We have successfully gained access via our reverse shell When we list the files of home robot we find our key of txt file There is also a password raw md file which we ll get to later We have our second key What is key Let s read the contents of our password raw md file It seems to be a hashed password for the user robot Let s see if we can crack this password hash Head over to Crackstation and enter this hash Let s see what user we are currently by running whoami We are running as daemon but we can log into the user robot s account since we have the password the one we just cracked whoamisu robotNow that we are logged in as robot let s then see what binaries we can access to see if we can escalate our privilege via exploiting our binary library find perm u s type f gt dev nullThe binary nmap looks prmising Head over to GTFObins and read up on how we can escalate our privilege using this library We need to run an interactive shell which will give us root access nmap interactiveFrom here on we can cd into root and read the contents of our final flag file key of txt And so we got our flag ConclusionThere s a bunch of steps I took in between that didn t pan out into anything There weren t any vulnerabilities for the Wordpress version in case you were wondering Ultimately it was quite an easy CTF I hope this was easy enough for you to follow and until next time happy hacking See more on my GitHub	2022-06-12 07:35:07
ニュース	BBC News - Home	Rail strike: Agency staff could cover future disruption	https://www.bbc.co.uk/news/uk-61773437?at_medium=RSS&at_campaign=KARANGA	workers	2022-06-12 07:33:25
北海道	北海道新聞	北海道内８１２人感染、１人死亡　２９日連続で前週比減　新型コロナ	https://www.hokkaido-np.co.jp/article/692583/	北海道内	2022-06-12 16:18:24
北海道	北海道新聞	ソ０―３ヤ（１２日）　高橋が今季初完封で５勝目	https://www.hokkaido-np.co.jp/article/692588/	両リーグ	2022-06-12 16:20:00