View blog.md

壊れかけのRadio(スクリプト)

思春期に~少年から~(自粛

ということで、 #ssmjp Advent Calendar 12月7日の記事になります。

https://adventar.org/calendars/2286

動機

View default
# プラグインに対するアクセスを拒否する
location ^~ /wp-content/plugins/ {
access_log /var/log/nginx/plugins.log format;
error_log /var/log/nginx/plugins.log;
return 403;
}
# テーマに対するアクセスを拒否する
location ^~ /wp-content/themes/ {
access_log /var/log/nginx/themes.log format;
View gist:1bdfb77b161da4f18bcde42da679246e
# ---------------------------------------------------------------
# CMS Rule Set
# Copyright (C) 2015 Yoshinori Matsumoto All rights reserved.
# ---------------------------------------------------------------
#
# WHITE LIST
#
SecRule REMOTE_ADDR "@ipMatch 113.37.16.194" \
View fix.php
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>お問い合わせフォーム</title>
</head>
<body>
<h1>お問い合わせフォーム</h1>
<div style="background-color:pink">
このフォームにはXSSがひとつあります。発生個所と対策(ソースのここを直す)を指摘してください。
View AndroidMalwareMemo.md

#Androidマルウェア解析メモ

##はじめに ここでは偶然入手したAndroidアプリが、ユーザの意図しないタイミングで送信されていることが分かり、簡単に解析をしたので、メモレベルですが共有します。

##ダイレクトメール

私の元にこのようなメールが届きました。私も携帯の電池切れには悩んでいるので、このような便利なアプリがあればぜひ使いたいと思い調査しようと思いました。

Mail

View dirindex.conf
<IfModule dir_module>
DirectoryIndex index.php
</IfModule>
View wp-config.php
<?php
/**
* The base configurations of the WordPress.
*
* This file has the following configurations: MySQL settings, Table Prefix,
* Secret Keys, WordPress Language, and ABSPATH. You can find more information
* by visiting {@link http://codex.wordpress.org/Editing_wp-config.php Editing
* wp-config.php} Codex page. You can get the MySQL settings from your web host.
*
* This file is used by the wp-config.php creation script during the
View twitter_test.py
def search(self, text) :
api = tweepy.API()
results = api.search(urllib.quote_plus(text.encode('utf-8')), include_entities=True, lang=self.config[0]['lang'])
for result in results :
if result.entities.has_key('media') :
medias = result.entities['media']
text = '@' + result.from_user + "\n" + result.text
for m in medias :
media_url = m['media_url']
print media_url
View test.html
<!DOCTYPE html>
<html>
<head>
<title>test</title>
<meta charset="utf-8">
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.8.1/jquery.min.js"></script>
<script>
$(function(){
var url = "http://localhost/";
$.getJSON(url,null,function(data){
View gist:3742070
warning: no files found matching '*.txt' under directory 'src/lxml/tests'
src/lxml/lxml.etree.c: In function '__pyx_f_4lxml_5etree__getFilenameForFile':
src/lxml/lxml.etree.c:26088:7: warning: variable '__pyx_clineno' set but not used [-Wunused-but-set-variable]
src/lxml/lxml.etree.c:26087:15: warning: variable '__pyx_filename' set but not used [-Wunused-but-set-variable]
src/lxml/lxml.etree.c:26086:7: warning: variable '__pyx_lineno' set but not used [-Wunused-but-set-variable]
src/lxml/lxml.etree.c: In function '__pyx_pf_4lxml_5etree_4XSLT_18__call__':
src/lxml/lxml.etree.c:132276:81: warning: passing argument 1 of '__pyx_f_4lxml_5etree_12_XSLTContext__copy' from incompatible pointer type [enabled by default]
src/lxml/lxml.etree.c:130237:52: note: expected 'struct __pyx_obj_4lxml_5etree__XSLTContext *' but argument is of type 'struct __pyx_obj_4lxml_5etree__BaseContext *'
src/lxml/lxml.etree.c: In function '__pyx_f_4lxml_5etree__copyXSLT':
src/lxml/lxml.etree.c:133665:79: warning: passing argument 1 of '__p