control data – (P2WSH-nestedin-P2SH) Problem solving questions 1 + 5 = 6

This is my first question on this platform.

this case has badly scratched my head, pay patient please to read my question.

I'm trying to move the traditional tx p2sh into the tx p2wsh-nestedin-p2sh and it's also a tx ANYONE_CAN_SPEND.

scriptpubkey (hex) = a9149a6185672bafea7a16309a9f6e2fe03927499c6e87

scriptpubkey (asm) = OP_HASH160 OP8E

scriptsig (hex) = 2200201f41c545a5c0b1c370c2e2812b3256d690fc098ae56aa21c94cd98d7c3ca5ec6

p2sh redeemscript (hex) = 00201f41c545a5c0b1c370c2e2812b3256d690fc098ae56aa21c94cd98d7c3ca5ec6

until now, all i mentioned above is simple traditional lock / unlock p2sh, my serialized base tx show now.

01000000012649c299694db1b608d4463e3b0535b3b8c0d5a1e9558b4d71be3790bde1dce800000000232200201f41c545a5c0b1c370c2e2812b3256d690fc098ae56aa21c94cd98d7c3ca5ec6ffffffff01401f0000000000001976a91451d2a5e04d25ceaa86e600a6ec34bd24431c675d88ac00000000

this is correct because the result generated from https://testnet.smartbit.com.au/txs/pushtx indicates "PUSH TRANSACTION ERROR: 64: NON-OBLIGATORY-SCRIPT-VERIFY-FLAG (THE WITNESS PROGRAM WAS PASSED TO AN EMPTY WITNESS ").

so what I will do next, is to solve the data of the witnesses.

Witness data:

P2WSH-RedeemScript (hex) = 55935687

P2WSH-RedeemScript (asm) = OP_5 OP_ADD OP_6 OP_EQUAL

witness items (hex) = 51

witness elements (asm) = OP_1

So now the serialized series looks like this and the bold part is my new changes from the previous one.

010000000001012649c299694db1b608d4463e3b0535b3b8c0d5a1e9558b4d71be3790bde1dce800000000232200201f41c545a5c0b1c370c2e2812b3256d690fc098ae56aa21c94cd98d7c3ca5ec6ffffffff01401f0000000000001976a91451d2a5e04d25ceaa86e600a6ec34bd24431c675d88ac020151045593568700000000

when I submit this message, the error told me "PUSH TRANSACTION ERROR: 64: NON-OBLIGATORY-SCRIPT-VERIFIER-FLAG (SCRIPT EVALUATED WITHOUT ERROR, BUT FINISHED WITH ELEMENT HIGHLY FALSE / EMPTY)"

I do my best to solve the puzzle and magically I succeed when I change my script

010000000001012649c299694db1b608d4463e3b0535b3b8c0d5a1e9558b4d71be3790bde1dce800000000232200201f41c545a5c0b1c370c2e2812b3256d690fc098ae56aa21c94cd98d7c3ca5ec6ffffffff01401f0000000000001976a91451d2a5e04d25ceaa86e600a6ec34bd24431c675d88ac020101045593568700000000

so my last tx show presented here https://testnet.smartbit.com.au/tx/e627feb66ed572b97ef393f20be0e76edb8dfe34fd98a9c606f62af04496341d

gross tx issue here https://api.blockcypher.com/v1/btc/test3/txs/e627feb66ed572b97ef393f20be0e76edb8dfe34fd98a9c606f62af04496341d?limit=50&includeHex=true

I do not understand why change can solve my math puzzle. 🙁

Version Control – Should I accept that a client adds changes to the source code on an ongoing development?

I am currently in a situation (I am a technical manager) where the client has changed the source code itself, and I am told to accept the changes and continue working on this version. Technically, he owns the code, but he decided to make a change and did not inform me.

Its modifications will not follow any convention, no good practice and, because of a reporting requirement, have made a change to the data structure.

My boss told me to accept it and to occupy it. I replied by asking him then why should I impose any standard on my team if a customer ruined everything we took so much effort to maintain the quality of the code.

The customer acknowledged that he would agree to cancel the changes, but data has already been created with this change and canceling these changes would mean losing them.

Regardless of the details, my question remains. Should I accept the fact that the client has modified the source code and that I have to continue with it, or should I remain faithful to the standards of the team and refuse to continue?

Edit: I did some research on the subject but I found only topics on the ownership of the source code.

no control working on this shell

I'm trying to reset the root password of my Ubuntu 12.04.When the Grub menu is open, I click the e button & # 39; e & # 39; and add rw init = / bin / bash instead of ro ​​splash. The transfer is fast enough. After closing, this root shell opens but can not be inserted. anything with the keyboard. There is an error without job control in this shell.

java – Competition control between a non-blocking method and a blocking method

Please refer to the following examples to illustrate my incremental improvements in achieving competition control:

import java.util.Queue;
import java.util.concurrent.*;

public class ThreadTest1 {
    private static final ThreadTest1 INSTANCE = new ThreadTest1();
    private Queue holders = new ConcurrentLinkedQueue<>();
    public static ThreadTest1 instance() {
        return INSTANCE;
    }
    public void updateHolders(String resource) {
        System.out.println("Updating holders " + holders);
        holders.forEach(h -> h.setResource(resource));
        System.out.println("Finished updating holders " + holders);
    }
    public void addHolder(int delay) throws InterruptedException {
        Holder holder = new Holder();
        holder.setResource(ExternalResource.getResource());
        System.out.println("Adding holder " + holder);
        TimeUnit.SECONDS.sleep(delay);  // more work to do
        holders.add(holder);
        System.out.println("Finished adding holder " + holder);
    }
    public Queue getHolders() {
        return holders;
    }

    public static class Holder {
        private static int holderId = 1;
        private int id;
        private String resource;
        public Holder() {
            this.id = holderId++;
        }
        public void setResource(String resource) {
            this.resource = resource;
        }
        @Override
        public String toString() {
            return "H" + id + "(" + resource + ")";
        }
    }

    public static class ExternalResource {
        private static String resource = "A";
        public static String getResource() {
            return resource;
        }
        public static void setResource(String resource) {
            ExternalResource.resource = resource;
            System.out.println("External resource changed to " + resource);
            ThreadTest1.instance().updateHolders(resource);
        }
    }

    public static Callable callAddHolderWithDelay(int delay) {
        return () -> {
            ThreadTest1.instance().addHolder(delay);
            return null;
        };
    }

    public static Callable callSetResource(String resource) {
        return () -> {
            ExternalResource.setResource(resource);
            return null;
        };
    }

    public static void main(String() args) throws ExecutionException, InterruptedException {
        ExecutorService executor = Executors.newFixedThreadPool(10);
        executor.submit(callAddHolderWithDelay(1));
        TimeUnit.SECONDS.sleep(1);
        executor.submit(callAddHolderWithDelay(5));
        TimeUnit.SECONDS.sleep(1);
        executor.submit(callSetResource("B"));
        TimeUnit.SECONDS.sleep(1);
        executor.submit(callAddHolderWithDelay(1));
        TimeUnit.SECONDS.sleep(5);
        System.out.println(ThreadTest1.instance().getHolders());
        executor.shutdown();
    }
}

Exit:

Adding holder H1(A)
Adding holder H2(A)
Finished adding holder H1(A)
External resource changed to B
Updating holders (H1(A))
Finished updating holders (H1(B))
Adding holder H3(B)
Finished adding holder H3(B)
Finished adding holder H2(A)
(H1(B), H3(B), H2(A))

The first test is the most basic without any control of simultaneity because you can see that an unfortunate event has occurred and H2 finished with the outfit A instead of B.

An improvement has been made to ensure that the above will not occur as follows (highlighting only the changes):

public class ThreadTest2 {
    private static final ThreadTest2 INSTANCE = new ThreadTest2();
    private Queue holders = new ConcurrentLinkedQueue<>();
    private ReentrantReadWriteLock lock = new ReentrantReadWriteLock();
    public static ThreadTest2 instance() {
        return INSTANCE;
    }
    public void updateHolders(String resource) {
        lock.writeLock().lock();
        System.out.println("Updating holders " + holders);
        holders.forEach(h -> h.setResource(resource));
        System.out.println("Finished updating holders " + holders);
        lock.writeLock().unlock();
    }
    public void addHolder(int delay) throws InterruptedException {
        lock.readLock().lock();
        Holder holder = new Holder();
        holder.setResource(ExternalResource.getResource());
        System.out.println("Adding holder " + holder);
        TimeUnit.SECONDS.sleep(delay);  // more work to do
        holders.add(holder);
        System.out.println("Finished adding holder " + holder);
        lock.readLock().unlock();
    }
    ...

Exit:

Adding holder H1(A)
Adding holder H2(A)
Finished adding holder H1(A)
External resource changed to B
Finished adding holder H2(A)
Updating holders (H1(A), H2(A))
Finished updating holders (H1(B), H2(B))
Adding holder H3(B)
Finished adding holder H3(B)
(H1(B), H2(B), H3(B))

Test 2 is a typical use of a read-write lock and the result is correct. However, it is not very effective as you can see Add support H3 (B) was pushed until after Updated updated members (H1 (B), H2 (B))but in reality it should not be blocked because External resource changed to B had already arrived and therefore Add support H3 (B) could take the new value without reason to wait Updated updated members (H1 (B), H2 (B)).

So, what I can optimize here is a non-blocking addHolder and a blockage updateHolderswhere it only blocks when one or more threads are working on addHolder already (for example H2) but should ignore the following calls to addHolder (for example. H3) because they are the only ones to get the last value. I used a list of locks to implement this:

public class ThreadTest3 {
    private static final ThreadTest3 INSTANCE = new ThreadTest3();
    private Queue holders = new ConcurrentLinkedQueue<>();
    private Queue locks = new ConcurrentLinkedQueue<>();
    public static ThreadTest3 instance() {
        return INSTANCE;
    }
    public void updateHolders(String resource) {
        locks.forEach(l -> l.lock());
        System.out.println("Updating holders " + holders);
        holders.forEach(h -> h.setResource(resource));
        System.out.println("Finished updating holders " + holders);
    }
    public void addHolder(int delay) throws InterruptedException {
        Lock lock = new ReentrantLock();
        lock.lock();
        locks.add(lock);
        Holder holder = new Holder();
        holder.setResource(ExternalResource.getResource());
        System.out.println("Adding holder " + holder);
        TimeUnit.SECONDS.sleep(delay);  // more work to do
        holders.add(holder);
        System.out.println("Finished adding holder " + holder);
        lock.unlock();
        locks.remove(lock);
    }

Exit:

Adding holder H1(A)
Adding holder H2(A)
Finished adding holder H1(A)
External resource changed to B
Adding holder H3(B)
Finished adding holder H3(B)
Finished adding holder H2(A)
Updating holders (H1(A), H3(B), H2(A))
Finished updating holders (H1(B), H3(B), H2(B))
(H1(B), H3(B), H2(B))

The result of Test 3 is correct and more efficient than before, as you can see Add support H3 (B) happens now before Completed updates (H1 (B), H3 (B), H2 (B)), Therefore addHolder is non-blocking. I can settle here, but further optimization seems possible H1 has not been updated until Finished by adding H2 support (A) or updateHolders was waiting for the end, THEN update for all. It can certainly update H1 first as addHolder for H1 had finished and is waiting for that H2, so H1 can get the update sooner.

Please indicate if my use of the lock list is an excess and can be simplified to achieve the same purpose, and if my subsequent optimization can be achieved by which means? Thank you.

Abuse of SSH to keep control of Windows

I am curious how an attacker could install SSH on a Windows server without an established RDP session. (Only the cmd.exe shell)

Does anyone know any techniques or references to this?

Suppose an attacker has access to a Windows server via a reverse meterpreter tcp shell post-exploitation. How could the attacker download and install an ssh service via a basic cmd shell (with or without Powershell).

What are the biometric data stored by border control in the UK when EU citizens scan their biometric passport at the airport (at the entrance and exit, from / to the airport)? # 39; Europe)

Battery Exchange Network

The Stack Exchange network includes 175 question-and-answer communities, including Stack Overflow, the largest and most reliable online community on which developers can learn, share knowledge and build their careers.

Visit Stack Exchange

linux – More than one control terminal in a session?

I can have two or more gnome terminal windows open at the same time in one session (for example, when logged in as a user with a UID = 1000)

No, because this is not what the specification means by "session".

In the context of signals and control terminals, a session is created by calling setsid (3), and is used only as a "supergroup" of process groups, for signal transmission purposes.

This has nothing to do with the session objects followed by systemd-logind, nor with X11 SM / ICE sessions, nor with the desktop environment sessions (gnome-session & c.), Nor with the session sessions. general connection that you mentally associate with processes "run as the same UID".

In other words, the same environment (login session, for lack of a better term) can have as many POSIX sessions as it wants – the terminal emulator typically calls setsid () for each window or tab, ensuring that each pty corresponds to a POSIX session.

USB on the move – Unable to switch from USB control to phone control .. Samsung A9

I'm trying to transfer photos from my samsung A9 to the sandisk dual storage drive. And it goes into charging mode. How can I change role on phone and adjust the settings on MTP. When trying to change roles, it is impossible to change roles. And that happened suddenly, until now, many times, I copied the photos to the USB stick of my phone. But suddenly, this error appears. Pls help with samsung A9 specific settings.thank.

Version Control – Are pre-commit or pre-push hooks worth it?

I guess the argument in favor of the pre-commit anchor points would be that each commit is clean.

The argument against them is that they take a long time to run, which can add up if you commit often.

The same would go for pre-push hooks, except that they probably happen less often. In addition, if you have a continuous integration configuration, you should normally wait twice when the result will be almost identical each time.

access control – What is the reason for the "Allow-Origin: *" and "Allow-Credentials: true" headers?

Access-control-allow-origin: * and Access-control-allow-credentials:
true

First of all, let me tell you what these headers are. The Access-Authorization-Allow-Origin control is a response header sent by a website that tells the browser to relax the same original policy for the specified website. The wildcard * means origin (domain, subdomain) can send a request and receive a response. The access-authorize-credentials control is an answer header that asks the browser to send cookies with the request.

What if Access-control-allow-origin: * and
Access control, access authorization: true is defined?

An attacker could take you to a website, which could then send a request to another website with the configuration and read the answer. This would cause considerable damage on the Internet.

Why websites are allowed Access-control-allow-origin: * and
Access control, access authorization: true?

Browsers simply ignore it If Access-control-allow-origin is set to a wildcard, the browser will not allow the submission of cookie information with the request, which would render any attack unnecessary given that you can not target anyone without their cookies.

So why do websites send this combination of response headers?

First and foremost for non-ID requests. Secondly, this could be due to the modification of the ACAO with the original header. If no origin is specified, the ACAO response contains the wildcard character. But I have nothing to save this part of the answer