DEV Community: shiahalan

TaskTimer

shiahalan — Wed, 04 Mar 2026 23:52:07 +0000

Overview

I’m currently building TaskTimer, a lightweight and minimal task timer web app (with a mobile version coming soon) designed to help users track daily tasks alongside dedicated focus timers.

The concept is intentionally simple:

Add a task
Set a duration
Start

You can check out the early version here: https://tasktimerapp.com

Why I'm Building It

I wanted something minimal.

Most productivity apps feel bloated, overly complex, or distracting. That's why I decided to build a simple task timer.

Disclaimer

⚠️ This app is currently under active development.
Features, design, and functionality are still evolving.

MacroPilot: Piloting Tasks with Automated Macros

shiahalan — Sat, 15 Jun 2024 06:37:03 +0000

MacroPilot: Piloting Tasks with Automated Macros

Description

MacroPilot is an open-source software solution designed to streamline task management and enhance productivity through automated macros. With MacroPilot, users can automate repetitive tasks, freeing up valuable time.

Source Forge Downloads:

Features:

Auto Clicker:
- Customize Click Speed: Adjust the speed of clicks to match your requirements by adjusting the interval between clicks.
- Infinite Loop or Set Number of Clicks: Choose between clicking indefinitely (until stopped) or specifying a precise number of clicks to execute.
- Left and Right Clicks: Perform both left or right clicks.
- Single or Double Clicks: Execute single clicks or double clicks.
- Customizable Hotkey: Customize a hotkey to trigger the auto-clicking function (default F9).

Planned Features:

Auto Keyboard Clicker:
- Automate keyboard inputs with precision and reliability, further streamlining your workflow and reducing manual intervention.
Input Recorder:
- Record mouse and keyboard inputs effortlessly, with intervals between inputs intelligently saved for accurate playback.
- Capture complex sequences of actions with ease, empowering users to automate intricate tasks effortlessly.
Custom Keybind Macro:
- Create custom keybind macros to execute a series of actions with a single keystroke, optimizing efficiency and productivity.
- Tailor macros to your unique workflow requirements, unlocking a new level of automation and convenience.

User Instruction Manual:

Disclaimer:

By using "MacroPilot," you acknowledge and agree that the software is provided for legitimate and ethical purposes only. While MacroPilot aims to simplify task management and improve productivity, it is essential to use it responsibly and in accordance with applicable laws and regulations. The creator of MacroPilot shall not be held liable for any misuse of the software, including but not limited to using automated macros for cheating, unethical behavior, or any other unlawful activities. Users are solely responsible for ensuring that their use of MacroPilot complies with all relevant laws and ethical standards.

Security Note:

The creator of MacroPilot is not responsible for any unauthorized access or misuse of the software resulting from hacking or security breaches. While efforts are made to maintain the security and integrity of MacroPilot, users should take appropriate precautions to protect their data and systems from potential vulnerabilities. Use of MacroPilot is at the user's own risk, and users are encouraged to implement additional security measures as needed to safeguard their information and privacy.

Redeemer | HackTheBox Write-up

shiahalan — Wed, 24 Jan 2024 13:18:08 +0000

Introduction

This is a basic box that mainly has us interact with a Redis database. We use basic enumeration tools such as nmap to find the only open port hosting the Redis service. We then use redis-cli to connect to the database and find a key containing the contents of the flag.

Enumeration

After starting up the machine, the first thing we do is ping the target to make sure it's alive:

Since we are getting a response, the target can be confirmed as active.

Next, we are going to do an nmap scan (Network Mapper) to see what services are running on what ports on the target machine. I'm going to also use the -sV flag to see what versions the services are running on, as well as to get host OS information:

This didn't yield us any results. This time we're going to scan all ports using the -p- flag, while also speeding up the process with -T5...

After the scan was complete, it yielded no results. I then issued another ping command to the target to ensure it was still alive, however, it was not.

After resetting the machine, I tried out the original nmap scan again with the -p- flag:

P.S.
Sometimes this machine can be extremely buggy or slow. So if nmap scans are not yielding anything even when scanning over all ports with multiple techniques, then the machine probably needs maintenance. You can instead just scan for the needed port using the flag -p for port 6379.

Redis

Redis is an in-memory databases that utilizes RAM space to increase speed. They are faster than traditional databases since they have fewer restrictions imposed on them.

We can use the redis-cli command to interact with the Redis database being hosted on the target machine. To specify a target machine, we need to use the -h flag.

If the command redis-cli is not already installed on your computer, you can use the command sudo apt install redis-tools if you are on a Linux machine.

To list information about the Redis database, we can issue the info command:

... SNIPPED ...

We can see on the first few lines of the output that the version is currently 5.0.7. At the very end of the output (not shown in screenshot) we can see that there are 4 keys.

To obtain all the keys in the Redis database, we can use the command keys *:

To get the contents of the key, we simply need to use the command get with the name of the key:

The flag for this box has been captured!

Various Questions:

Which TCP port is open on the machine?
6379

Which service is running on the port that is open on the machine?
redis

What type of database is Redis? Choose from the following options: (i) In-memory Database, (ii) Traditional Database
In-memory Database

Which command-line utility is used to interact with the Redis server? Enter the program name you would enter into the terminal without any arguments.
redis-cli

Which flag is used with the Redis command-line utility to specify the hostname?
-h

Once connected to a Redis server, which command is used to obtain the information and statistics about the Redis server?
info

What is the version of the Redis server being used on the target machine?
5.0.7

Which command is used to select the desired database in Redis?
select

How many keys are present inside the database with index 0?
4

Which command is used to obtain all the keys in a database?
keys *

Submit root flag
Try it yourself :)

Dancing | HackTheBox Write-up

shiahalan — Fri, 12 Jan 2024 12:18:20 +0000

Introduction

This box is a basic introduction to SMBs (Server Message Block). In order to obtain the flag, we simply need to find an available share that we can connect to without a password. From there, we can download the file containing the flag. We use a few basic commands such as: nmap, ping, smbclient, ls, cat, cd, and get.

Enumeration

To start off, we are going to ping (ICMP Echo request) the target to check whether it is alive or not:

Since we are getting a response back, the target is indeed alive.

Next, we are going to enumerate the ports on the target machine to see what services are available. We can achieve this using nmap (network mapper). I will also be using the -sV flag to check the services' respective version information:

We can see that on port 445 there is a service named microsoft-ds. Upon a quick Google search, we can see that this is an SMB (Server Message Block).

SMB (Server Message Block)

We can attempt to access this smb server using the smbclient command. Before we try and establish a connection to a share on the smb server, we are going to list what available shares exist. We can accomplish this by using the smbclient command with the -L flag to list available shares:

We can see four listed shares. We can try to access a share using the smbclient command with format: smbclient //targetIP/sharename.

Upon trying to access each share, we see that the only share accessible without entering a password is the WorkShares share:

Using the ls command, we can list directories and files while connected to the smb:

Upon changing directories using cd, we can spot the flag.txt* file located in the directory named James.P.

In order to download the file to our computer, we can use the get command:

After downloading the file successfully to our computer, we can simply cat the file to see the contents of flag.txt!

We have captured the flag!

Various Questions:

What does the 3-letter acronym SMB stand for?
Server Message Block

What port does SMB use to operate at?
445

What is the service name for port 445 that came up in our Nmap scan?
microsoft-ds

What is the 'flag' or 'switch' that we can use with the smbclient utility to 'list' the available shares on Dancing?
-L

How many shares are there on Dancing?
4

What is the name of the share we are able to access in the end with a blank password?
WorkShares

What is the command we can use within the SMB shell to download the files we find?
get

Submit root flag
Try it yourself :)

Photon Lockdown | HackTheBox Write-up

shiahalan — Thu, 11 Jan 2024 13:05:10 +0000

Introduction

This challenge is fairly simple. What we mainly needed to do was figure out the filetype of the rootfs file using the file command. After that, we just needed to do some basic research on how to extract the data from a SquashFS file (unsquashfs). Using grep on the entire extracted filesystem, we were able to locate the file that the flag was in.

First Impressions

After downloading the challenge file and unzipping the contents, we see three files listed as so: fwu_ver, hw_ver, and rootfs.

Upon a little research, we can see that the file named rootfs is an abbreviation for root file system.

Using ls paired with the -l flag, we can see more information about the three files. What I'm mainly interested in is the size of each file:

We can see that the the file rootfs is by far the biggest, and this is probably due to the fact that it is a root file system.

We are first going to inspect the rootfs file. Since there are no visible extensions for the file, we are going to use the file command to gain more information about the type of file it is, as well as some basic information regarding the file's contents.

From this, we can see that it is a Squashfs filesystem that has been compressed.

SquashFS

After some basic research, it was found that SquashFS is a compressed read-only file system.

In order to restore the filesystem to a more readable format, we need to extract the filesystem from rootfs.

After some more research, it was found that we can do this using the unsquashfs command. For this to work however, we need to run the command as a super user. This can be accomplished with the sudo command plus the command we wish to execute.

After we successfully run the command, we are given a new directory called squashfs-root containing the extracted filesystem from rootfs.

After changing directories to the extracted filesystem using cd...

GREP

I figured to find the flag, I would just use the grep command to find the regular expression HTB, since that is what HackTheBox flags start with. By pairing the grep command with -l (list files that contain a match) and -r (recursive mode to traverse directories), I searched the entire filesystem for an expression that contained HTB, which would be the starting characters for the challenge's flag.

This yielded three files with a match: bin/ip, bin/tc, and etc/config_default.xml. Using cat on the first two yielded nothing but machine code that is unreadable. The third one (etc/config_default.xml), however, was in plaintext.

I then decided to use grep again for HTB by piping the output of cat on the config_default.xml.

This yielded the flag we were looking for, as well as valuable login information.

Fawn | HackTheBox Write-up

shiahalan — Thu, 11 Jan 2024 12:26:06 +0000

Introduction

This box has us delve into basic nmap enumeration and ftp connection. We first need to enumerate over the target computer to check for available ports. Upon noticing that there is a service running on port 21 (ftp), we then just need to access the file being shared on the FTP using an anonymous account to capture the flag (flag.txt). This box uses basic commands such as: ping, nmap, ftp, cat, and more...

Enumeration

To start off, we should ping the target computer in order to check whether it is alive or not and responsive. We can do so using the ping command (ICMP echo test):

As we can see, since we are getting a response back from the target, it is indeed alive.

Next, we will enumerate the target for any open/closed ports using an nmap (network mapper) scan on the target. We are going to use the basic flag -sV in order to check for versions of services on the target, as well as host information.

From the nmap scan we can see that port 21 is open, with service ftp (file transfer protocol). It is running version vsftpd 3.0.3.

We can also see host information. For example, the host is running on the OS (operating system) Unix.

FTP (File Transfer Protocol)

In order to use the FTP being hosted on the target computer, we simply need to use the ftp command to connect to the service. We can do so in the following format: ftp username@targetIP. To login to an account on ftp without a password, you can use the username anonymous. The following command would then look like ftp anonymous@targetIP.

Doing this with our target IP will yield:

P.S. when you are prompted for a password, to use no password just press enter again for the password prompt...

Using the ls command while in the ftp, we can list the available files.

We see one of the files listed available is flag.txt!

In order to download that file, we use the get command plus the file name (get example.txt).

As you can see, we have downloaded the flag.txt file which contains our flag.

In order to view it, simply use the exit command to exit ftp, and then use the cat command plus the filename in order to read the contents of the file.

The flag has been successfully captured!

Various Questions

What does the 3-letter acronym FTP stand for?
File Transfer Protocol

Which port does the FTP service listen on usually?
21

What acronym is used for the secure version of FTP?
SFTP

What is the command we can use to send an ICMP echo request to test our connection to the target?
ping

From your scans, what version is FTP running on the target?
vsftpd 3.0.3

From your scans, what OS type is running on the target?
Unix

What is the command we need to run in order to display the 'ftp' client help menu?
ftp -h

What is username that is used over FTP when you want to log in without having an account?
anonymous

What is the response code we get for the FTP message 'Login successful'?
230

There are a couple of commands we can use to list the files and directories available on the FTP server. One is dir. What is the other that is a common way to list files on a Linux system.
ls

What is the command used to download the file we found on the FTP server?
get

Submit root flag
Try it yourself :)

Meow | HackTheBox Write-up

shiahalan — Sat, 06 Jan 2024 13:43:25 +0000

Introduction

This box introduces us to many basic concepts and tools used in ethical hacking. We explore using commands such as: ping, nmap, telnet, and more. For this box, to capture the flag we need to ultimately login to the telnet service running on the box in order to read the file containing the flag (flag.txt).

Enumeration

To start off, we ping (also known as an ICMP (internet control message protocol) echo test) the target box (computer) in order to make sure it is actually alive:

Since we are receiving back packets from the target computer, we can confirm it is up and running.

Next, we are going to run an nmap (network map) to enumerate for running services and their respective ports on the target machine:

We can see that port 23 is open, running the service telnet. Telnet is an old text-based protocol that allows for remote computer access.

Telnet

Using the telnet command, we can try to login to the target machine:

We are met with a login screen.

After trying various login usernames, we were granted access without a password using login name root.

Using the command ls (list) we can view what contents are in the current directory.

We see the flag.txt file, which is what we are looking for to complete the box. Using the cat (concatenate) command we can view the contents of the file.

As we can see, we have captured the flag for this box.

Various Questions:

What does the acronym VM stand for?
Virtual Machine

What tool do we use to interact with the operating system in order to issue commands via the command line, such as the one to start our VPN connection? It's also known as a console or shell.
terminal

What service do we use to form our VPN connection into HTB labs?
openvpn

What tool do we use to test our connection to the target with an ICMP echo request?
ping

What is the name of the most common tool for finding open ports on a target?
nmap

What service do we identify on port 23/tcp during our scans?
telnet

What username is able to log into the target over telnet with a blank password?
root

Submit root flag
Try it yourself :)

Project Six (Python): Basic Calculator

shiahalan — Fri, 19 Aug 2022 07:56:00 +0000

Why?

Hello, this is my fifth posted project. This project was created with the intention of exposing myself to Python, Stack Overflow, GitHub BASH, and Tkinter.

How

This project uses Python's built in module Tkinter to create an interactable GUI.

Conclusion

I hope you enjoy this part of my learning journey.
GitHub

Advice?

Advice is greatly appreciated (post in comment section).

Project Five (Python): Conway's Game of Life

shiahalan — Thu, 18 Aug 2022 10:56:00 +0000

Why?

Hello, this is my fifth posted project. This project was created with the intention of exposing myself to Python, Stack Overflow, GitHub BASH, and Pygame.

How

This project uses Pygame to create an interactable GUI. The cells in the Game of Life follow a specific ruleset that determines whether they spawn, die, or continue living.

Conclusion

I hope you enjoy this part of my learning journey.
GitHub

Background on Conway's Game of Life

Conway's Game of Life is a cellular automaton originally created by John Conway in 1970. The game is a zero-player game where cells interact with each other by abiding to four rules. Thus, the outcome of the game is predetermined by the initial configuration of what cells are alive and dead.

Rules of the game:

Any live cell with fewer than two live neighbours dies, as if by underpopulation.
Any live cell with two or three live neighbours lives on to the next generation.
Any live cell with more than three live neighbours dies, as if by overpopulation.
Any dead cell with exactly three live neighbours becomes a live cell, as if by reproduction.

Advice?

Advice is greatly appreciated (post in comment section).

Project Four (Python): Restaurant Recommender

shiahalan — Sun, 12 Jun 2022 22:14:00 +0000

Why?

Hello, this is my fourth posted project. This project was created with the intention of exposing myself to Python, Stack Overflow, GitHub BASH, and the quicksort algorithm.

How

This project uses a dataset provided by Codecademy, the quicksort algorithm, and various while loops to gather user input.

Conclusion

I hope you enjoy this part of my learning journey.
GitHub

Advice?

Advice is greatly appreciated (post in comment section).

Project One (C++): Tic Tac Toe

shiahalan — Mon, 16 May 2022 04:06:49 +0000

Why?

Hello, this is my first posted C++ project. This project was created with the intention of exposing myself to C++, stack overflow, GitHub workflow, and developer tools.

How

The project uses beginner coding concepts in order to create a simple tic-tac-toe game in a terminal. It uses the iostream standard library. The board is represented by an array of size nine.

GitHub

Conclusion

I hope you enjoy this part of my C++ journey!

Advice?

Advice is greatly appreciated (post in comment section).

Project Three (Python): Sudoku Solver

shiahalan — Sat, 07 May 2022 06:09:58 +0000

Why?

Hello, this is my third posted project. This project was created with the intention of exposing myself to Python, Stack Overflow, GitHub BASH, and the backtracking algorithm.

How

This project uses a 2D list for the representation of the board. The solver works by implementing the backtracking algorithm. Utilizing recursion backtracking, the algorithm can use brute-force to solve the board.

Conclusion

I hope you enjoy this part of my learning journey.
GitHub

Advice?

Advice is greatly appreciated (post in comment section).