Admirer is an easy Hack The Box Linux-based machine released on the 2nd
of May 2020 and reachable on the IP address 10.10.10.187.
For whose who don't know it yet, Hack The Box is an online platform where vulnerable machines are deployed in a private network accessible via VPN, and where users need to hack their way into the systems to collect flags as proofs of their success.
Traceback is an easy Linux-based machine released on the 14th of March 2020 and
reachable on the IP address 10.10.10.181 (despite what's written on the info
card).
Enjoying HackerOne's CTF?
If you want to make sure not to inadvertently miss any single flag while
skimming through web pages, you can ask ZAP to catch them for you with
this regex: \^FLAG\^[\w\d]{64}\$FLAG\$
A "Flag" tag will appear next the requests containing a flag in their response:
This technique is particularly useful when a flag appears in a non-obvious location such as an HTML comment.
Scapy is an incredible tool when it comes to playing with the network. As it is written on its official website, Scapy can replace a majority of network tools such as nmap, hping and tcpdump.
One of the features offered by Scapy is to sniff the network packets passing through a computer's NIC. Below is a small example:
from scapy.all import *
interface = "eth0"
def print_packet(packet):
ip_layer = packet.getlayer(IP)
print("[!] New Packet: {src} -> {dst}".format(src=ip_layer.src, dst=ip_layer.dst))
print("[*] Start sniffing...")
sniff(iface=interface, filter="ip", prn=print_packet)
print("[*] Stop sniffing")
This little sniffer displays the source and the destination of all packets having an IP layer:
$ sudo python3 sniff_main_thread.py
[*] Start sniffing...
[!] New Packet: 10.137.2.30 -> 10.137.2.1
[!] New Packet: 10.137.2.30 -> 10.137.2.1
[!] New Packet: 10.137.2.1 -> 10.137.2.30
[!] New Packet: 10.137.2.1 -> 10.137.2.30
[!] New Packet: 10.137.2.30 -> 216.58.198.68
[!] New Packet: 216.58.198.68 -> 10.137.2.30
[!] New Packet: 10.137.2.30 -> 216.58.198.68
[!] New Packet: 10.137.2.30 -> 216.58.198.68
[!] New Packet: 216.58.198.68 -> 10.137.2.30
[!] New Packet: 216.58.198.68 -> 10.137.2.30
[!] New Packet: 10.137.2.30 -> 216.58.198.68
[!] New Packet: 10.137.2.30 -> 216.58.198.68
[!] New Packet: 216.58.198.68 -> 10.137.2.30
[!] New Packet: 10.137.2.30 -> 216.58.198.68
^C[*] Stop sniffing
It will continue to sniff network packets until it receives a keyboard
interruption (CTRL+C).
Angular has different mechanisms for sharing data between components. The choice
of the sharing method mostly depends on the relationship of the related
components. Typically, within the context of a parent-child topology, the most
straightforward choice would be to use the @Input and @Output decorators.
For sibling components, relying on a data sharing service seems to be the most
obvious solution. In any case, once you have settled on the choice of a
communication topology, you need to decide which data propagating mechanism to
use.
Generally, components use EventEmmiter objects to share data with each other.
When you pass data into an Angular component with an @Input decorator, you are
actually using an EventEmitter object. Although this solution is appropriate
for the majority of situations, this is not always the case. Let's consider the
following example:
