This is very simple web crawler I coded for fun. It uses a breadth first search algorithm in crawling urls.
– This tool might be useful in finding subdomains
When performing illogical ranges in Ruby and converting it to an array it uses 100% memory, disk and CPU which will freeze your computer. I have tested this issue on a Windows 10 64-bit machine. In a 64-bit Ubuntu machine after sometime the process will get killed when the process is out of memory. These types of issues can be caused in most languages, in which it tries to allocate more and more memory. This is a simple example I found in Ruby.
ruby 2.3.1p112 (2016-04-26 revision 54768) [x64-mingw32]
What is load_extension?
This interface loads an SQLite extension library from the named file.
sqlite3 *db, /* Load the extension into this database connection */
const char *zFile, /* Name of the shared library containing extension */
const char *zProc, /* Entry point. Derived from zFile if 0 */
char **pzErrMsg /* Put error message here if not 0 */
More information: https://www.sqlite.org/c3ref/load_extension.html
You can use this function to load a SQLite extension. However by default sqlite3_enable_load_extension() is turned off by default to prevent this in SQL injection attacks. You can read more from here https://www.sqlite.org/c3ref/enable_load_extension.html
The syntax would be
select load_extension(‘path\dll’, ‘EP’);
However this path, const char *zFile can be a SMB share too.
O’Reilly’s video training website is http://www.infiniteskills.com/. One day while I was browsing I found out that their online player can be spoofed with our own content. For example I was able to watch my favorite music videos😉
After reporting I was given to choose any 2 courses for free. Thanks for the reward🙂
I was able to bypass their XSS filter. After responsibly disclosing the vulnerability I got acknowledged.
As usual responsible disclosure🙂