# --- キーペアの生成 -----------------------------
ssh-keygen -t ed25519 -P "" -f id_ed25519
# --- プロキシの設定 -----------------------------
vim squid.conf
acl localnet src 0.0.0.1-255.255.255.255
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<form action="http://10.0.2.15:8000/" method="post"> | |
<input type="text" name="args"> | |
<input type="submit"> | |
</form> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from http.server import BaseHTTPRequestHandler, HTTPServer | |
from urllib.parse import parse_qs | |
class RequestHandler(BaseHTTPRequestHandler): | |
def do_POST(self): | |
content_length = int(self.headers.get('Content-Length', 0)) | |
request_body = self.rfile.read(content_length) | |
# POSTパラメータを取得 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ------- pre install command ----------- | |
# sudo apt update | |
# sudo apt install python3-pip python3-dev libffi-dev libssl-dev | |
# sudo pip3 install mitmproxy | |
# ------- running tool ------------------ | |
# mitmproxy -p 8080 -s proxy.py | |
from mitmproxy import http | |
import re |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"log" | |
"net/http" | |
"regexp" | |
"io/ioutil" | |
"strings" | |
"github.com/elazarl/goproxy" | |
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const http = require('http'); | |
const httpProxy = require('http-proxy'); | |
// プロキシサーバーへの転送 | |
const proxy = httpProxy.createProxyServer({}); | |
// リクエストハンドラー | |
const requestHandler = (req, res) => { | |
// リクエストされたURLを取得 | |
const targetUrl = req.url; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from z3 import * | |
""" | |
以下は C 社で運用されている人件費計算処理の概要説明文である。 | |
この説明文からシステム化要件を読み取り、要件を満たすプログラムを実際に作成せよ。 | |
--- | |
それぞれ異なる時間単価が設定された i 人の社員が居る。 | |
これらの社員はそれぞれ異なる j 時間の稼働実績を持っている。 | |
これにより会社は総額 i * j 円の人件費を計算し、月次の支払い勘定科目に計上している。 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# フォルダ構成 | |
各フォルダやファイルの所有者はphpの実行ユーザー(通常はwww-data)にしておきます | |
customフォルダ配下のconfファイルは空白で構いません | |
``` | |
. | |
├── conf | |
│ ├── custom | |
│ │ ├── test1.conf | |
│ │ ├── test2.conf | |
│ │ └── test3.conf |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### 環境情報 | |
- サーバ環境として https://www.parrotsec.org/download/ の Security Edition を使用 | |
- VirtualBox 上の VM として Parrot をインストール | |
- Parrot OS には今回使用する Apache、PostgreSQL、PHP がプリインストールされており、その他ツールも準備されている事からセキュリティ検証で使いやすいディストリビューションであるため | |
### DB設定 | |
``` | |
# ユーザー名postgresでpsqlを実行する | |
sudo -u postgres psql |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# このコードはセキュリティエンジニア育成のためのサンプルとして作成しているため悪用は厳禁です | |
# コードを利用する際は利用者の責任において利用してください | |
# 当方ではこのコードに起因するあらゆる問題の責任は負いません | |
from flask import Flask, request | |
import os | |
from datetime import datetime, timedelta | |
app = Flask(__name__) |
NewerOlder