このサイトへ攻撃を行う。
ツイート一覧が表示されているサイト。search wordに文字列、limitに数字を入力することで絞り込みが可能。
とりあえずSQLインジェクションかなと思ってsearch wordに1' OR 1 = 1; --と入力してみるとあっさり成功。
次にサーバーのソースコードを読んで見る。
// ...
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| " ヒストリーに保存しないコマンド | |
| let s:histignore = [ | |
| \ 'history', | |
| \ 'h\%[elp]', | |
| \ 'qa\?!\?', | |
| \ 'wq\?a\?!\?' | |
| \ ] | |
| function! s:delIgnoreHistory() abort | |
| let l:history = histget(':', -1) | |
| for l:ignore in s:histignore |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "env": { | |
| "node": true, | |
| "es2021": true | |
| }, | |
| "plugins": ["@typescript-eslint"], | |
| "parser": "@typescript-eslint/parser", | |
| "parserOptions": { | |
| "sourceType": "module" | |
| }, |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| yarn add -D \ | |
| typescript \ | |
| jest \ | |
| ts-jest \ | |
| @types/jest |
shun-shobon
/ LicenseIchiyo.svg
Last active
May 17, 2020 05:16
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| on: push | |
| jobs: | |
| lint: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - uses: actions/setup-node@v1 | |
| with: |
Hide private address on Amazon
- Install Stylus for Chrome, Firefox.
- Click here to install
hide-address.user.css.
Customize code font of GitHub.
- Install Stylus for Chrome, Firefox.
- Click here to install
customize-github-font.user.css.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma once | |
| // 可変長配列の宣言 | |
| #define VEC_DECLARE(T) \ | |
| typedef struct { \ | |
| size_t cap; \ | |
| size_t len; \ | |
| T *ptr; \ | |
| } vec_##T; \ | |
| void vec_init_##T(vec_##T *vec); \ |
shun-shobon
/ keybase.md
Created
January 23, 2021 00:54
I hereby claim:
- I am shun-shobon on github.
- I am shunshobon (https://keybase.io/shunshobon) on keybase.
- I have a public key ASBm4a9qGzOI-u1yvt5KA4mNfHoQurxp7ASZLUAIROG2zwo
To claim this, I am signing this object:
OlderNewer