Admirer is an easy Hack The Box Linux-based machine released on the 2nd of May 2020 and reachable on the IP address 10.10.10.187.

    For whose who don't know it yet, Hack The Box is an online platform where vulnerable machines are deployed in a private network accessible via VPN, and where users need to hack their way into the systems to collect flags as proofs of their success.

    HTB Admirer information card

    Read more Security CTF Web

    Traceback is an easy Linux-based machine released on the 14th of March 2020 and reachable on the IP address 10.10.10.181 (despite what's written on the info card).

    HTB Traceback information card

    Read more Security CTF Web

    Enjoying HackerOne's CTF?

    If you want to make sure not to inadvertently miss any single flag while skimming through web pages, you can ask ZAP to catch them for you with this regex: \^FLAG\^[\w\d]{64}\$FLAG\$

    ZAP settings to capture Hacker 101 flags automatically

    A "Flag" tag will appear next the requests containing a flag in their response:

    HTTP request captured with ZAP containing a Hacker 101 flag

    This technique is particularly useful when a flag appears in a non-obvious location such as an HTML comment.

    Security CTF ZAP Web

    Scapy is an incredible tool when it comes to playing with the network. As it is written on its official website, Scapy can replace a majority of network tools such as nmap, hping and tcpdump.

    One of the features offered by Scapy is to sniff the network packets passing through a computer's NIC. Below is a small example:

    This little sniffer displays the source and the destination of all packets having an IP layer:

    $ sudo python3 sniff_main_thread.py
    [*] Start sniffing...
    [!] New Packet: 10.137.2.30 -> 10.137.2.1
    [!] New Packet: 10.137.2.30 -> 10.137.2.1
    [!] New Packet: 10.137.2.1 -> 10.137.2.30
    [!] New Packet: 10.137.2.1 -> 10.137.2.30
    [!] New Packet: 10.137.2.30 -> 216.58.198.68
    [!] New Packet: 216.58.198.68 -> 10.137.2.30
    [!] New Packet: 10.137.2.30 -> 216.58.198.68
    [!] New Packet: 10.137.2.30 -> 216.58.198.68
    [!] New Packet: 216.58.198.68 -> 10.137.2.30
    [!] New Packet: 216.58.198.68 -> 10.137.2.30
    [!] New Packet: 10.137.2.30 -> 216.58.198.68
    [!] New Packet: 10.137.2.30 -> 216.58.198.68
    [!] New Packet: 216.58.198.68 -> 10.137.2.30
    [!] New Packet: 10.137.2.30 -> 216.58.198.68
    ^C[*] Stop sniffing
    

    It will continue to sniff network packets until it receives a keyboard interruption (CTRL+C).

    Read more Programming Python Scapy

    Angular has different mechanisms for sharing data between components. The choice of the sharing method mostly depends on the relationship of the related components. Typically, within the context of a parent-child topology, the most straightforward choice would be to use the @Input and @Output decorators. For sibling components, relying on a data sharing service seems to be the most obvious solution. In any case, once you have settled on the choice of a communication topology, you need to decide which data propagating mechanism to use.

    Generally, components use EventEmmiter objects to share data with each other. When you pass data into an Angular component with an @Input decorator, you are actually using an EventEmitter object. Although this solution is appropriate for the majority of situations, this is not always the case. Let's consider the following example:

    Diagram of the data propagation using an EventEmitter

    Read more Programming Angular Web