▪️Today I flew back to germany the whole day, but I managed to program a little bit at the airport. I finished a few codewars challenges. Time spent: 2 hours
—> total: 2 hours
—> weekly total: 9h
This week I wasn’t able to program so much, because of personal reasons, but from this week on, I should be able to get back to the intensity of before 😊👍🏻
Last weeks short-term goals:
▪️Finishing theLibrary Application
—> time horizon: 1-3 weeks
▪️Finishing the Library Application
▪️Finishing the pair programming part
—> time horizon: 1-2 weeks
100 Days of Web Application Penetration testing
Remote File Inclusion -
Sometimes the domains/web applications include files from other Remote domains/web servers/web applications , normally they do it by requesting that resource through the URL/URI.
So the Remote File Inclusion vulnerability occurs when the user can change the address requested in the URI and the web application includes that resource requested by the attacker
For example if a web application in requesting a resoource A then the attacker will change it and make the web application to request for resource B, which can be anything a payload or something else malicious.
for example - this is the original link- https://example.com/path=https://sandust.com/img1
and then the attcker changes it to
Keywords in the Url to check
How to find this Vulnerability ?
1. Spider the web application and search for the above mentioned keywords in the urls
2. Once you find any link with any of these keywords try changing the parameters given to them , to some other resource of same type on any other domain/web server . etc
3. if that page includes the file from the address given by the attacker/user then it it vulnerable to remote file inlusion .
Spotlighting our first in house app, Trak.
Trak is an expense management app that is currently in private beta and set to launch early October 2019
Trak makes taking control of your finances simpler, quicker, and easier with all of your expenses in one place. No bank account connections or annoying feeds of things you’ve already withdrawn. Push notifications straight to your phone for upcoming bills and more!
V1 is set to launch soon!
There's some people say that people in social media always act like they are living #perfect life and had perfect partners with perfect love!
For me I think they didn't act anything.
They just share with us their perfect moments .
They never said they are living perfect life.
we should always remember perfectionist had different meaning from someone to other maybe what I see is perfect, others see it bored or just normal !
And What we'll get if we share our sadness? Just making people sad more and more!
I think we have to share our happiness, love,and peace cause the world is bad enough.
if we shared our good moments less we can give is making beautiful smiles on many different faces!