dnd 5e – How does a Cloak of Displacement interact with a tortle’s Shell Defense?

The cloak has a property that causes creatures to have disadvantage on attack rolls against the one wearing it (emphasis mine):

While you wear this cloak, it projects an illusion that makes you appear to be standing in a place near your actual location, causing any creature to have disadvantage on attack rolls against you. If you take damage, the property ceases to function until the start of your next turn. This property is suppressed while you are incapacitated, restrained, or otherwise unable to move (DMG, pg 158).

The way Shell Defense is described

You can withdraw into your shell as an action… While in your shell, you are prone, your speed is 0 and can’t increase, you have disadvantage on Dexterity saving throws, you can’t take reactions, and the only action you can take is a bonus action to emerge from your shell (EGW, pg 181).

is effectively the same as being both incapacitated and restrained, with the only notable difference being that an attack against a prone creature

has advantage if the attacker is within 5 feet of the creature. Otherwise, the attack roll has disadvantage (PHB, pg 292).

While extremely similar mechanically, the tortle using Shell Defense is technically neither restrained nor incapacitated. Furthermore, the ability to emerge from its shell as a bonus action implies the capacity to then move during that turn if the tortle chooses to, so neither are they otherwise unable to move.

As such, would the Cloak of Displacement work for a tortle using Shell Defense (and thus cancel out the advantage melee attackers would normally have due to the prone condition)?

RAW and RAI interpretations are both desired.

linux – shell globbing doesn’t work the way I expect

I retired several years ago and back when I was working I was using Linux, Solaris, and SunOS. As I remember, if I did

mkdir x
cd x
echo hello > x*

The shell would respond with something like “x*: no match” and the echo command was not executed. But now when I do it on Debian Linux it creates the file x*. I tried it with both /bin/bash and /bin/sh; same results.

So then I stumbled across failglob and shopt. Apparently failglob is not set on debian linux so I put this in my .bashrc file:

shopt -s failglob

Is having failglob unset normal behavior? Is it peculiar to Debian, or Linux?

linux – How can I open a kernel shell in GNOME?

When I don’t have GNOME installed, I can log in using GNU/Linux’s text based login manager, then I’m presented with a shell. There are no GUIs running, and echo $TERM gives Linux.

Once I install GNOME and I’m logged in with the desktop manager running, I can access a terminal using GNOME’s gnome-terminal, which has $TERM = xterm, but I can’t figure out how to launch one of those original kernel-provided shells with $TERM = Linux. Does GNOME provide a way to do this, or is there any other way of accessing one of these shells while GNOME is running?

Django can send email from Python Shell but Gmail blocks mail when sent from front end form

I’m trying to make a password reset via email page following the tutorial here:
https://developer.mozilla.org/en-US/docs/Learn/Server-side/Django/Authentication#password_reset_templates

I can send emails while in the Python-Django shell but when I try to send it via that form, Gmail blocks my messages.

I have my email settings in settings.py configured as:

#gmail_send/settings.py
EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
EMAIL_HOST = 'smtp.gmail.com'
EMAIL_HOST_USER = 'foo@gmail.com'
EMAIL_HOST_PASSWORD = os.environ('EMAIL_PASSWORD')
EMAIL_PORT = 587
EMAIL_USE_TLS = True
DEFAULT_FROM_EMAIL = EMAIL_HOST_USER
SERVER_EMAIL = EMAIL_HOST_USER

When I do this using the shell, I’m able to receive the email:

>>> from django.core.mail import send_mail
>>> send_mail('test email', 'hello world', 'your@email.com', ('test@email.com'))

My password reset form looks like this (base_generic just has some bootstrap and jquery CDN stuff along with a navbar)

{% extends "OracleOC/base_generic.html" %}

{% block content %}
  <form action="" method="post">
  {% csrf_token %}

  {% if form.email.errors %}
    {{ form.email.errors }}
  {% endif %}
      <p>Please enter your email:</p>
      <p>{{ form.email }}</p>
    
    <input type="submit" class="btn btn-primary main_menu_button" value="Reset password">
  </form>
{% endblock %}

When I press submit, everything looks fine and I get a

(17/Jan/2021 07:04:12) "GET /accounts/password_reset/done/ HTTP/1.1" 200 2105

in my Django console but I get a copy of the message in my sender gmail box with this message:
Gmail blocked my message!

No authentication error, Insecure Apps setting on.

php – what dose this code do to my website is it harmful seems like shell

what dose this code do to my website is it harmful

<?php
namespace wapmorganUnifiedArchive;

class LzwStreamWrapper
{
    private static $registered = false;
    private static $installed = 0;

    public static function registerWrapper()
    {
        if (!self::$registered)
            stream_wrapper_register('compress.lzw', __CLASS__);
        self::$registered = true;
    }

    public static $TMP_FILE_THRESHOLD = 0.5;
    private static $AVERAGE_COMPRESSION_RATIO = 2;
    public static $forceTmpFile = false;
    /** High limit. unit: MBytes.
    */
    public static $highLimit = 512;

    private $mode;
    private $path;
    private $tmp;
    private $tmp2;
    private $data;
    private $dataSize;
    private $pointer;
    private $writtenBytes = 0;

    /**
     * @param $path
     * @param $mode
     * @param $options
     * @return bool
     * @throws Exception
     */
    public function stream_open($path, $mode, $options)
    {
        // check for compress & uncompress utility
        if (self::$installed === 0) {
            $this->exec('command -v compress', $output);
            if (empty($output))
                throw new Exception(__FILE__.', line '.__LINE__.
                    ': compress command is required');
            $this->exec('command -v uncompress', $output);
            if (empty($output))
                throw new Exception(__FILE__.', line '.__LINE__.
                    ': uncompress command is required');
            self::$installed = true;
        }

        $schema = 'compress.lzw://';
        if (strncasecmp($schema, $path, strlen($schema)) == 0)
            $path = substr($path, strlen($schema));

        if (file_exists($path)) {
            $this->path = realpath($path);
            $expected_data_size = filesize($path)
             * self::$AVERAGE_COMPRESSION_RATIO;
            $available_memory = $this->getAvailableMemory();
            if ($expected_data_size <=
                (self::$TMP_FILE_THRESHOLD * $available_memory)
                && !self::$forceTmpFile
                && $expected_data_size < (self::$highLimit * 1024 * 1024)) {
                $this->read();
            } else {
                $prefix = basename(__FILE__, '.php');
                if (($tmp = tempnam(sys_get_temp_dir(), $prefix)) === false)
                    throw new Exception(__CLASS__.', line '.__LINE__.
                        ': Could not create temporary file in '.
                        sys_get_temp_dir());
                if (($tmp2 = tempnam(sys_get_temp_dir(), $prefix)) === false)
                    throw new Exception(__CLASS__.', line '.__LINE__.
                        ': Could not create temporary file in '.
                        sys_get_temp_dir());
                $this->tmp = $tmp;
                $this->tmp2 = $tmp2;
                $this->read();
            }
        } else {
            $this->path = $path;
            if (self::$forceTmpFile) {
                $prefix = basename(__FILE__, '.php');
                if (($tmp = tempnam(sys_get_temp_dir(), $prefix)) === false)
                    throw new Exception(__CLASS__.', line '.__LINE__.
                        ': Could not create temporary file in '.
                        sys_get_temp_dir());
                if (($tmp2 = tempnam(sys_get_temp_dir(), $prefix)) === false)
                    throw new Exception(__CLASS__.', line '.__LINE__.
                        ': Could not create temporary file in '.
                        sys_get_temp_dir());
                $this->tmp = $tmp;
                $this->tmp2 = $tmp2;
                $this->pointer = 0;
            } else {
                $this->pointer = 0;
            }
        }
        $this->mode = $mode;

        return true;
    }

    /**
     * @return float|int|string
     * @throws Exception
     */
    public function getAvailableMemory()
    {
        $limit = strtoupper(ini_get('memory_limit'));
        $s = array('K', 'M', 'G');
        if (($multipleer = array_search(substr($limit, -1), $s)) !== false) {
            $limit = substr($limit, 0, -1) * pow(1024, $multipleer + 1);
            $limit -= memory_get_usage();
        } elseif ($limit == -1) {
            $limit = $this->getSystemMemory();
        }
        // var_dump(('multipleer' => $multipleer));
        // var_dump(('memory_limit' => $memory_limit));
        return $limit;
    }

    /**
     * @return string
     * @throws Exception
     */
    public function getSystemMemory()
    {
        $this->exec('free --bytes | head -n3 | tail -n1 | awk '{print $4}'',
            $output, $resultCode);

        return trim($output);
    }

    /**
     * @param $command
     * @param $output
     * @param null $resultCode
     * @throws Exception
     */
    private function exec($command, &$output, &$resultCode = null)
    {
        if (function_exists('system')) {
            ob_start();
            system($command, $resultCode);
            $output = ob_get_contents();
            ob_end_clean();

            return;
        } elseif (function_exists('exec')) {
            $execOutput = array();
            exec($command, $execOutput, $resultCode);
            $output = implode(PHP_EOL, $execOutput);

            return;
        } elseif (function_exists('proc_open')) {
            $process = proc_open($command, array(1 =>
                fopen('php://memory', 'w')), $pipes);
            $output = stream_get_contents($pipes(1));
            fclose($pipes(1));
            $resultCode = proc_close($process);

            return;
        } elseif (function_exists('shell_exec')) {
            $output = shell_exec($command);

            return;
        } else {
            throw new Exception(__FILE__.', line '.__LINE__
                .': Execution functions is required! Make sure one of exec'.
                ' function is allowed (system, exec, proc_open, shell_exec)');
        }
    }

    /**
     * @throws Exception
     */
    private function read()
    {
        if ($this->tmp !== null) {
            $this->exec('uncompress --stdout '.escapeshellarg($this->path).
                ' > '.$this->tmp, $output, $resultCode);
            // var_dump(('command' => 'uncompress --stdout '.
            // escapeshellarg($this->path).' > '.$this->tmp, 'output' =>
            // $output, 'resultCode' => $resultCode));
            if ($resultCode == 0 || $resultCode == 2 || is_null($resultCode)) {
                $this->dataSize = filesize($this->tmp);
                // rewind pointer
                $this->pointer = 0;
            } else {
                throw new Exception(__FILE__.', line '.__LINE__.
                    ': Could not read file '.$this->path);
            }
        } else {
            $this->exec('uncompress --stdout '.escapeshellarg($this->path),
                $output, $resultCode);
            $this->data = &$output;
            if ($resultCode == 0 || $resultCode == 2 || is_null($resultCode)) {
                $this->dataSize = strlen($this->data);
                // rewind pointer
                $this->pointer = 0;
            } else {
                throw new Exception(__FILE__.', line '.__LINE__.
                    ': Could not read file '.$this->path);
            }
        }
    }

    /**
     * @return array
     */
    public function stream_stat()
    {
        return array(
            'size' => $this->dataSize,
        );
    }

    /**
     * @throws Exception
     */
    public function stream_close()
    {
        // rewrite file
        if ($this->writtenBytes > 0) {
            // stored in temp file
            if ($this->tmp !== null) {
                // compress in tmp2
                $this->exec('compress -c '.escapeshellarg($this->tmp).' > '.
                    escapeshellarg($this->tmp2), $output, $code);
                // var_dump(('command' => 'compress -c '.
                // escapeshellarg($this->tmp).' > '.escapeshellarg($this->tmp2),
                // 'output' => $output, 'code' => $code));
                if ($code == 0 || $code == 2 || is_null($code)) {
                    // rewrite original file
                    if (rename($this->tmp2, $this->path) === true) {
                        // ok
                    } else {
                        throw new Exception(__FILE__.', line '.__LINE__.
                            ': Could not replace original file '.$this->path);
                    }
                } else {
                    throw new Exception(__FILE__.', line '.__LINE__.
                        ': Could not compress changed data in '.$this->tmp2);
                }
            } else { // stored in local var
                // compress in original path
                // $this->exec('compress '.escapeshellarg($this->tmp).' > '.
                // escapeshellarg($this->tmp2), $output, $resultCode);
                if (!function_exists('proc_open')) {
                    throw new Exception('proc_open is necessary for writing '.
                        'changed data in the file');
                }
                //var_dump(('command' => 'compress > '.
                // escapeshellarg($this->path), 'path' => $this->path));
                $process = proc_open('compress > '.escapeshellarg($this->path),
                    array(0 => array('pipe', 'r')), $pipes);
                // write data to process' input
                fwrite($pipes(0), $this->data);
                fclose($pipes(0));
                $resultCode = proc_close($process);
                if ($resultCode == 0 || $resultCode == 2) {
                    // ok
                } else {
                    throw new Exception(__FILE__.', line '.__LINE__.
                        ': Could not compress changed data in '.$this->path);
                }
            }
        }
        if ($this->tmp !== null) {
            unlink($this->tmp);
            if (file_exists($this->tmp2)) unlink($this->tmp2);
        } else {
            $this->data = null;
        }
    }

    /**
     * @param $count
     * @return bool|string
     */
    public function stream_read($count)
    {
        if ($this->tmp !== null) {
            $fp = fopen($this->tmp, 'r'.(strpos($this->mode, 'b') !== 0 ? 'b'
                : null));
            fseek($fp, $this->pointer);
            $data = fread($fp, $count);
            $this->pointer = ftell($fp);
            fclose($fp);

            return $data;
        } else {
            $data = substr($this->data, $this->pointer,
                ($this->pointer + $count));
            $this->pointer = $this->pointer + $count;

            return $data;
        }
    }

    /**
     * @return bool
     */
    public function stream_eof()
    {
        return $this->pointer >= $this->dataSize;
    }

    /**
     * @return mixed
     */
    public function stream_tell()
    {
        return $this->pointer;
    }

    /**
     * @param $data
     * @return bool|int
     */
    public function stream_write($data)
    {
        $this->writtenBytes += strlen($data);
        if ($this->tmp !== null) {
            $fp = fopen($this->tmp, 'w'.(strpos($this->mode, 'b') !== 0 ? 'b'
                : null));
            fseek($fp, $this->pointer);
            $count = fwrite($fp, $data);
            $this->pointer += $count;
            fclose($fp);

            return $count;
        } else {
            $count = strlen($data);
            $prefix = substr($this->data, 0, $this->pointer);
            $postfix = substr($this->data, ($this->pointer + $count));
            $this->data = $prefix.$data.$postfix;
            $this->pointer += $count;

            return $count;
        }
    }

    /**
     * @param $offset
     * @param int $whence
     * @return bool
     */
    public function stream_seek($offset, $whence = SEEK_SET)
    {
        switch ($whence) {
            case SEEK_SET:
                $this->pointer = $offset;
                break;
            case SEEK_CUR:
                $this->pointer += $offset;
                break;
            case SEEK_END:
                $actual_data_size = (is_null($this->tmp)) ? strlen($this->data)
                    : filesize($this->tmp);
                $this->pointer = $actual_data_size - $offset;
                break;
            default:
                return false;
        }

        return true;
    }

    /**
     * @param $operation
     * @return bool
     */
    public function stream_lock($operation)
    {
        if ($this->tmp !== null) {
            return false;
        } else {
            return true;
        }
    }

    /**
     * @param $new_size
     */
    public function stream_truncate($new_size)
    {
        $actual_data_size = (is_null($this->tmp)) ? strlen($this->data)
            : filesize($this->tmp);
        if ($new_size > $actual_data_size) {
            $this->stream_write(str_repeat("0", $new_size
                - $actual_data_size));
        } elseif ($new_size < $actual_data_size) {
            if ($this->tmp === null) {
                $this->data = substr($this->data, 0, $new_size);
            } else {
                $fp = fopen($this->tmp, 'w'.(strpos($this->mode, 'b') !== 0
                    ? 'b' : null));
                ftruncate($fp, $new_size);
                fclose($fp);
            }
        }
    }
}

what dose this code do to my website is it harmful? in what way is it harmful it seems like shell
can it be used to gain accesses to my server

what dose this code do to my website is it harmful? in what way is it harmful it seems like shell
can it be used to gain accesses to my server

malware – Is it possible to achieve persistence in Windows through using WinLogon without touching userinit, notify, or shell keys?

I am interested in finding out if it is possible to achieve persistence through winlogon without using one of those 3 mentioned keys. I am trying to determine if it’s safe to ignore registry key entries made into Winlogon parent directory. I’ve never seen an instance of malware achieving persistence through winlogon without using any of those keys, does anyone know of any techniques?

linux – How to add unallocated free space using shell in Centos?

I have some free space unallocated and this problem affects more instances.

Number  Start   End     Size    Type     File system  Flags
        32.3kB  1049kB  1016kB           Free Space
 1      1049kB  1075MB  1074MB  primary  xfs          boot
 2      1075MB  34.4GB  33.3GB  primary               lvm
        34.4GB  53.7GB  19.3GB           Free Space

How can I fix this issue using shell scripting? It is impossible to do the operations using cfdisk on every instance.

penetration test – Why is the first step for an attacker to get Reverse Shell after getting RCE?

If someone is having a Remote Code Execution, that means, one can run the commands on the server, then why does he need to get the Reverse Shell?

Even though I can run system commands, then why do I go for Reverse Shell?

I am finding the primary reason behind it.

What is the Oracle Cloud shell password for default user

I searched for some similar question like
What is the default password in Google Developers Console?

But most of answer is not suitable for Oracle Cloud Shell since sudo command is not installed here.

It is also not documented in Oracle docs. Then come to the title, What is the Oracle Cloud shell password for default user?

terminal – Python 3 Not Updating in Shell on Mac Mini M1

You can use pyenv to manage your many python3 versions installed on your system.

To install pyenv:

You can do the following:

# if you dont have homebrew already, install it by:
$ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
# install pyenv with homebrew
brew install pyenv
# source pyenv in your .bash_profile if you are using bash
echo 'eval "$(pyenv init -)"' >> ~/.bash_profile
# source pyenv in your .zshrc if you are using zsh
echo 'eval "$(pyenv init -)"' >> ~/.zshrc

Open a new terminal or source your bash_profile or shell profile by: source ~/.bash_profile or source ~/.zshrc.

Now to install a new version, you can check the list by:

pyenv install -l | grep anaconda

Find your versions, that you want to install by:

pyenv install <python-version-to-install>

Now you will be able to see all the installed versions by:

pyenv versions

You can choose any of the above output from previous command by:

pyenv global <your-installed-version>

For more details see their git repo at: https://github.com/pyenv/pyenv