DFI Computer Programming thread

[IndianYonko]

I guess a bit of CSS and lots of JS

I was inquiring about the framework
-- angular or,
-- vue or,
-- react

 

[FalconZero]

@FalconZero muh nigg@ need ya help

A friend wants to work on a website that revolves around map so need some advise from our resident web dev faculty.

The map of look like this.

When the mouse is brought over a river it will highlight and on clicking it will display a pop up windown.
The window will have detail of the map.
-Length
-Citeies on the river it's significance
-History
Etc

Yes sir, so if you just want to display sort of 3d map then you can use this library: https://www.openglobus.org/
Last year while working on one of my papers, i used this : https://leafletjs.com/ which was pretty good if you want to add customizations, labels etc. etc.

Or if you want very specific functionality from the map, like when you click on particular part of the India it should show related information then you will have to manually work on that. One suggestion i can say is that creating sort of buttons with custom positioning but they will not be too dynamic which means they will be restricted to particular screen size which will be no issue when using a laptop but with smartphones maybe you will face some issues...

You don't need any framework or anything just you will have to prep a small dataset in js file and add controllers on another js file. A bit work but it's possible.

 

[cannonfodder]

Yo @Peter nibba tell some more things about it so what can be done to encourage the programme based economy.

Yo Haldi nigga has point. There is some advantage in using local languages in programming because brain thinks in mother tongue first.
Hans translate words for each new tech that comes in like word quadcopter. Most of our local languages have words from english which do not have regional equivalent or not popular enough. Only small percentage of Indian population can still read and understand english. Why throw other population under the bus or deemed unsuitable for doing science.

 

[Johny_Baba]

Tip,

use tracking protection to be safe from these chadarmods,

assuming you use google chrome (but this will work with firefox or other browsers supporting extensions,too) i'd suggest for Privacy Badger which is a good trackers protection extension, and a new extension that specifically work with removing tracking elements from big tech giants and so,ClearURL, this one specifically removes tracking elements from url,
for example of Amazon itself, say your browser shows this url

https://www.amazon.com/dp/exampleProduct/ref=sxin_0_pb?__mk_de_DE=%C3%85M%C3%85%C5%BD%C3%95%C3%91&keywords=tea&pd_rd_i=exampleProduct&pd_rd_r=8d39e4cd-1e4f-43db-b6e7-72e969a84aa5&pd_rd_w=1pcKM&pd_rd_wg=hYrNl&pf_rd_p=50bbfd25-5ef7-41a2-68d6-74d854b30e30&pf_rd_r=0GMWD0YYKA7XFGX55ADP&qid=1517757263&rnid=2914120011

with that second extension it will turn into this

https://www.amazon.com/dp/exampleProduct

^trackers cleaned

Edit = forgot to put links for both extensions,
Privacy Badger = https://privacybadger.org/
CleanURL = https://gitlab.com/KevinRoebert/ClearUrls

Along with this, ditch chrome switch to Firefox, brave etc and use ublock origin (adblock cum tracker block) with clean cookies extension.

People who are more concerned about privacy, reddit has r/privacy sub, which will answer all your queries.

From what i've read on privacy sites, Brave is a honeypot now, they are slowly moving away from their aim to create most privacy insentive browser alternative to chrome to using some of the chrome dependencies themselves for 'better performance'.

if you want something that's free from google dependency, use Ungoogled Chromium builds, but be aware these are custom builds by users like you and me so they are kinda buggy at some place, but nothing serious.
for real Pros i'd suggest get repo of these builds and compile yourself, for normal users just download zip file, uncompress and use it.
some links for Ungoogled Chromium builds,
> https://chromium.woolyss.com/
^marmaduke build is highly recommended, albeit some AVs show malware in it which the builder calls false positive
> https://github.com/Eloston/ungoogled-chromium
^ this one's another good build, free from all google dependencies and AVs show no error

As for Firefox itself, do not use it as Default i.e. it does have some privacy invasive features (remember Mozilla is a woke org, being cali based etc) but you can still tweak it out easily for getting good privacy, follow these links
> https://restoreprivacy.com/firefox-privacy/
> https://www.privacytools.io/browsers/#about_config
> https://spyware.neocities.org/guides/firefox.html
for pro uses, who can tweak around with custom js template
> https://github.com/arkenfox/user.js/
and of course DNS Encryption
> https://libredns.gr/
Another idea that works => Firefox ProfileMaker = Online tool will help you to create a Firefox profile with the defaults you like. You select which features you want to enable and disable and in the end you get a download link for a zip-file with your profile template. The website is up to date with the latest privacytools.io recommendations.
> https://ffprofile.com/
In case someone wants firefox fork that's privacy oriented,LibreWolf = A community-maintained fork of Firefox with a focus on privacy and security. Ships with most of the privacy mitigations by default. It has uBlock Origin prepackaged.
> https://gitlab.com/librewolf-community/browser/linux

Finally DO NOT USE OPERA AT ANY CIRCUMSTANCES IT IS CHOYNEEZ BROWSER NOW! JUST READ HOW OPERA SOLD 12 MILLION USERS' DATA TO DUBIOUS COMPANIES SINCE CHOYNEEZ TAKEOVER!
Instead use an Opera Fork that is based on chromium but aims to recreate the best aspects of the classic Opera (12.x) UI using Qt5, named Otter = https://otter-browser.org/

kaapi pasting a reddit post on Brave
Brave browser funded by DoD contractor Palantir Technologies


Here’s an archived version of Brave’s Wikipedia article in case that information disappears somehow See the section #Business model
https://web.archive.org/web/20200227000950/https://en.wikipedia.org/wiki/Brave_(web_browser)
Peter Thiel is the chairman of Palantir Technologies. Wikipedia describes Palantir Technologies like this:
https://web.archive.org/web/20200128121847/https://en.wikipedia.org/wiki/Palantir_Technologies

Further along the Wikipedia article, some interesting stuff starts coming up:

Which is really concerning if you ask me. This is also in line with how Brave whitelists Facebook and Twitter tracking scripts while advertising itself as a privacy conscious browser. Seems like a honeypot to me.

reposts from Political Thread, on Browsers and Privacy

 

[Leonardo Alves]

reposts from Political Thread, on Browsers and Privacy

sir,unable to download librewolf on mobile.
Please provide a screenshot of the download button.

 

[Johny_Baba]

sir,unable to download librewolf on mobile.
Please provide a screenshot of the download button.

oh my bad i just kopy pasted link for Linux build,
here, you can find all major builds for various OSes,

Browser · GitLab

Our repositories and issue tracker have moved to https://codeberg.org/librewolf. Releases and CI will stay on GitLab for a while, so if you are...

gitlab.com

Assuming you need it for Windows OS, here is link for windows releases,

Releases · LibreWolf / Browser / Windows · GitLab

/ downloads / issues /

gitlab.com

just download installer for current build and presto!

 

[mokoman]

Yo Haldi nigga has point. There is some advantage in using local languages in programming because brain thinks in mother tongue first.
Hans translate words for each new tech that comes in like word quadcopter. Most of our local languages have words from english which do not have regional equivalent or not popular enough. Only small percentage of Indian population can still read and understand english. Why throw other population under the bus or deemed unsuitable for doing science.

i believe chinese write software in english , comments and documentation will be in chinese.

notihg stops you from using local language , but core keywords that are part of language and any stuff from external library will be in english.

so you can write in python something like

टट्टी=1
print(टट्टी)

 

[Suryavanshi]

@hawwk
U can use this thread to eduacate us noobs a bit abouts penetration testing.

Not the whole thing just give us a surface level introductory.

Skills like yours is extremely rare I'm sure someone might be interested

 

[hawwk]

@hawwk
U can use this thread to eduacate us noobs a bit abouts penetration testing.

Not the whole thing just give us a surface level introductory.

Skills like yours is extremely rare I'm sure someone might be interested

Sure, I can guide about the penetration testing. As I'm an intermediate is this field but we all can work together to hopefully create a cyber team

 

[Kumata]

Sure, I can guide about the penetration testing. As I'm an intermediate is this field but we all can work together to hopefully create a cyber team

Being a infra guy, we are always at logger heads with security folks...

Which tool u use...

 

[hawwk]

Being a infra guy, we are always at logger heads with security folks...

Which tool u use...

What's Infra? That famous FB page or something?
EDIT - Tools depends on the use case. there's different for OSINT. I'm interested in online IP-Cameras these days. I've been reading about it. Looks like there are many unauthorized open cctv out on web that I might try my techniques on ig.
Well obviously the Pakistani ones

 

[DownWithCCP]

What's Infra? That famous FB page or something?
EDIT - Tools depends on the use case. there's different for OSINT. I'm interested in online IP-Cameras these days. I've been reading about it. Looks like there are many unauthorized open cctv out on web that I might try my techniques on ig.
Well obviously the Pakistani ones

Have you done any certifications (OSCP, SANS etc)?

 

[hawwk]

Have you done any certifications (OSCP, SANS etc)?

Preparing for OSCP and CEH. 0xB on tryhackme and Hacker on HacktheBox. haven't been doing some boxes lately

 

[Spindrift]

What's Infra? That famous FB page or something?
EDIT - Tools depends on the use case. there's different for OSINT. I'm interested in online IP-Cameras these days. I've been reading about it. Looks like there are many unauthorized open cctv out on web that I might try my techniques on ig.
Well obviously the Pakistani ones

About online IP cameras, have you tried Shodan or Censys?

 

[Haldilal]

About online IP cameras, have you tried Shodan or Censys?

Ya'll Nibbiars After reading this you are really the I 20 Nibba.

 

[hawwk]

About online IP cameras, have you tried Shodan or Censys?

Shodan is a great weapon fr

 

[Spindrift]

@hawwk
U can use this thread to eduacate us noobs a bit abouts penetration testing.

Not the whole thing just give us a surface level introductory.

Skills like yours is extremely rare I'm sure someone might be interested

In order to learn hacking firstly get clear understanding of the basic concepts of computing i.e. Operating systems, networking, web services, etc, then do some reading about different kinds of vulnerabilities and try practice exploiting them manually on platforms which @hawwk mentioned tryhackme and Hacker on HacktheBox and after that try automating the manual process of hacking using any scripting language of your choice.

 

[omaebakabaka]

In order to learn hacking firstly get clear understanding of the basic concepts of computing i.e. Operating systems, networking, web services, etc, then do some reading about different kinds of vulnerabilities and try practice exploiting them manually on platforms which @hawwk mentioned tryhackme and Hacker on HacktheBox and after that try automating the manual process of hacking using any scripting language of your choice.

#1 rule, do not trust or anyone on forums including Hawk, apply your discretion and do not download from unofficial sources and always compare the signatures....even with doing all this you still have intentional vulnerabilities that are introduced or hidden on purpose....this is where larger community and governments invest money and time like China, Russia and US. Most hacks are due to idiot admins, bad configurations (too complex and too many options), lack of knowledge end to end or understanding weakest links concept and finally insider compromises....last one is very predominant now. Most products now are hard to break without an idiotic implementation

 

[Suryavanshi]

#1 rule, do not trust or anyone on forums including Hawk, apply your discretion and do not download from unofficial sources and always compare the signatures....even with doing all this you still have intentional vulnerabilities that are introduced or hidden on purpose....this is where larger community and governments invest money and time like China, Russia and US. Most hacks are due to idiot admins, bad configurations (too complex and too many options), lack of knowledge end to end or understanding weakest links concept and finally insider compromises....last one is very predominant now. Most products now are hard to break without an idiotic implementation

Is it possible to install spyware on Windows without the user knowing about it or the OS detecting it.

 

[hawwk]

In order to learn hacking firstly get clear understanding of the basic concepts of computing i.e. Operating systems, networking, web services, etc, then do some reading about different kinds of vulnerabilities and try practice exploiting them manually on platforms which @hawwk mentioned tryhackme and Hacker on HacktheBox and after that try automating the manual process of hacking using any scripting language of your choice.

Ye it's fun and stuff but these practicing stuff were meant to be hacked. Like I said nothing beats testing irl with real machines. Ofc with permission ig?. Best skill I would say is to Google Dorking which even I haven't mastered it now. My networking skills are pretty ok, it's just I'm a lazy at enumerating stuff haha

For attacking websites, main is sql-injection, cross site scripting.
For e-mail ports, they tend to be more vulnerable. CVE of some frequently used services on mail ports are high as 10 with RCE and RCE as root!!!. Tho SQL Injection is the way to go and learn to get out neat stuff from Database.
I even found a SQL Injection on my school website Their service versions are from stone-age.