DEV Community: Yulin

Netlify proxy ending stream unexpectedly: CORS Introduction

Yulin — Wed, 09 Jul 2025 18:25:48 +0000

Let's get into the problem

Using Netlify as a hosting service where it proxy requests coming from web client to backend server, while the backend server was still streaming data the stream was dropped unexpectedly. The streaming failure was intermittent and a red herring to the actual problem, and disguised itself in different forms on different browsers:

On Firefox, logs a stream deserialization error error decoding response body
On Chrome, stream ended before completing

There is a clue in Netlify documentation:

Proxy rewrite requests will time out after 26 seconds. If you are proxying to a longer-running process, we recommend making an asynchronous request rather than waiting for a response.

Netlify rewrites are used to map a URL in the visitor's address bar to a different resource on the server, without changing the displayed URL. This is useful for single-page applications (SPAs), proxying requests to other services, or transitioning legacy content while keeping the original URL visible.

Within a Netlify toml file in your UI project, you can put in a redirect directive to reroute the calls to API endpoints, so that no extra CORS headers need to be added on server side. However, this was causing more headaches than it solves, stream was dropped after 10-20 seconds intermittently. To regain the some control back to allow the streamed data to come through, we actually cannot reply on Netlify proxy and will need to write CORS headers in the server responses.

Note that there is another layer of complication on top of Netlify proxy timeout, Chrome and Firefox will log errors ERR_INCOMPLETE_CHUNKED_ENCODING and NS_ERROR_NET_PARTIAL_TRANSFER if no data has been sent for over 60 seconds, so be wary of multiple big requests coming into the server at the same time.

What is CORS?

To understand what is CORS, perhaps the first question we should be asking is what came before CORS? The was the same-origin policy, the primary mechanism for restricting web page access to resources from different origins. This policy was designed to enhance security by preventing malicious websites from accessing sensitive data on other domains. It meant that a webpage loaded from http://example.com could only access resources on http://example.com and not, for example, http://anothersite.com.

CORS (Cross-Origin Resource Sharing) was introduced as a mechanism to relax the same-origin policy in a controlled way, allowing web applications to access resources from different origins under specific conditions. Therefore if your service is not accessed from the same domain as the browser page, without a proxy, in order to make requests directly to the API backend you will need to specify in the server:

allowed methods Access-Control-Request-Method: GET, POST, PUT DELETE, OPTIONS (the intended method of the request)
allow headers Access-Control-Request-Headers, if you are using custom headers
allowed origin Access-Control-Allow-Origin, set as environment variable for example with the base URL of expected client. You may want to allow any origin for development.

Only the allowed origin is compulsory for Simple requests (GET, POST, and HEAD), otherwise browser makes an automatic pre-flight request using the OPTIONS method to determine the full CORS capabilities of the server before the actual request is executed.

CORS is flawed..

CORS (Cross-Origin Resource Sharing) is a security feature implemented by browsers to prevent malicious websites from making unauthorized requests to your backend services (like APIs) on behalf of a logged-in user. It’s a necessary part of web security, but it has some issues. CORS is a helpful layer, but it’s not a complete security solution. Think of it as a gatekeeper for browsers — useful, but easily bypassed if your server isn’t properly secured.

Only enforced by browsers

CORS is a client-side mechanism — it protects users in a browser. If someone uses tools like curl, Postman, or scripts outside a browser, they can bypass CORS completely.

Easy to misconfigure

Many developers unintentionally open up their APIs by setting Access-Control-Allow-Origin: * or enabling too many headers/methods, which can expose sensitive data.

Annoying complexity

CORS introduces preflight OPTIONS requests, credential flags, and other configurations that often confuse developers. It’s easy to break things or introduce bugs if you're not careful.

Not real protection for your backend

Since it only works in browsers, CORS doesn’t protect your server by itself. You still need authentication, authorization, rate limiting, etc., on the backend to stay secure.

How to Test and Reduce Duplications in GitHub Actions Workflows

Yulin — Fri, 30 May 2025 17:51:26 +0000

If you are seeing duplications in your pipeline and are looking for a way of reusing either part or whole of that workflow, wondering how you would variablise your current workflow, you are at the right place! I've encountered similar issues before and going to walk you through the steps so you can manage your pipelines to reduce the likelihood of human error. GitHub has the steps well documented, this article is both for my own benefit to highlight the trial and error I've been through.

There are in general three ways of refactoring your GitHub actions

Composite actions
Reusable workflows
Matrix strategy

As an overview, in terms of size of repeated action YAML chunks reused from workflows, from smallest to largest: composite actions (variates action steps), matrix strategy (variates action jobs), reusable workflows (variates workflows).

Composite actions

In my own use case, I wanted to run the same test commands for all my modules, this means that I have to repeat the same set of steps under the run test job. I could use a matrix test setup but that would duplicate the compilations because the matrix runs at per job level, it would repetitively run the installations for each test. I want to have variations for the set of job steps, such that I can pass an input which will be the name of the module to execute the steps on. Here's a snippet you can copy as a template, referenced from Github documentation, it takes an input and output (both are optional):

The composite action:

name: 'Hello World'
description: 'Greet someone'
inputs:
  who-to-greet:  # id of input
    description: 'Who to greet'
    required: true
    default: 'World'
outputs:
  random-number:
    description: "Random number"
    value: ${{ steps.random-number-generator.outputs.random-number }}
runs:
  using: "composite"
  steps:
    - name: Set Greeting
      run: echo "Hello $INPUT_WHO_TO_GREET."
      shell: bash
      env:
        INPUT_WHO_TO_GREET: ${{ inputs.who-to-greet }}

    - name: Random Number Generator
      id: random-number-generator
      run: echo "random-number=$(echo $RANDOM)" >> $GITHUB_OUTPUT
      shell: bash

The caller of the composition action:

on: [push]

jobs:
  hello_world_job:
    runs-on: ubuntu-latest
    name: A job to say hello
    steps:
      - uses: actions/checkout@v4
      - id: foo
        uses: OWNER/hello-world-composite-action@SHA
        with:
          who-to-greet: 'Mona the Octocat'
      - run: echo random-number "$RANDOM_NUMBER"
        shell: bash
        env:
          RANDOM_NUMBER: ${{ steps.foo.outputs.random-number }}

Hints

File structure

You must have an action.yaml, action.yml or Dockerfile file nested under your specified action name, other you will hit error

Error: Can't find 'action.yml', 'action.yaml' or 'Dockerfile' under '/.github/actions/test-composite-action'. Did you forget to run actions/checkout before running your local action?

The folder structure for your workflows should look something like this

my-app/
├─ .github/
│  ├─ workflows/
│  │  ├─ my-composite-action/
│  │  │  ├─ action.yaml
│  │  ├─ my-workflow

Specify shell

If you have run within your step, it is compulsory to add a shell property within a composite action shell: bash, otherwise you will hit the error:

Required property is missing: shell

Matrix Strategy

This is useful if you want to run variations of a job within a workflow, all unique combinations of the variables will be executed for the job, as an example the following creates 6 jobs, taken from Github documentation:

  example_matrix:
    strategy:
      matrix:
        version: [10, 12, 14]
        os: [ubuntu-latest, windows-latest]

One big pro of the matrix strategy approach is that each combination is run in parallel, whereas composite actions are run sequentially. However matrix strategy has less reusability compared to composite actions, because it is tied to the specific workflow job.

Reusable workflows

This is generally desirable if the same workflow has to be triggered for multiple repositories, in which case you don't want to copy and paste the same workflows for each repositories, this will introduce extra maintenance overheads. Instead you should consider having a central repository to store the reusable workflows. Examples of good candidates for reusable workflows are testing and formatting. Here's a snippet of a reusable workflow which takes an input and a secret, both optional (taken from Github Documentation):

# workflow-B.yml
name: Reusable workflow example

on:
  workflow_call:
    inputs:
      config-path:
        required: true
        type: string
    secrets:
      token:
        required: true

jobs:
  triage:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/labeler@v4
      with:
        repo-token: ${{ secrets.token }}
        configuration-path: ${{ inputs.config-path }}

Caller of the reusable workflow:

name: Call a reusable workflow

on:
  pull_request:
    branches:
      - main

jobs:
  call-workflow-passing-data:
    permissions:
      contents: read
      pull-requests: write
    uses: octo-org/example-repo/.github/workflows/workflow-B.yml@main
    with:
      config-path: .github/labeler.yml
    secrets:
      token: ${{ secrets.GITHUB_TOKEN }}

How to test workflows

The most obvious way to test the workflows is to create a dummy change that will trigger the workflow, however this does not work if your workflow only runs on push to main. Even if you added a trigger temporarily for pull requests, this still doesn't fully replicate the environment e.g. commits on PR are squashed into one by the checkout action. It also pollutes the commit history on pull requests with dummy test commits. An easier way is to add

on:
  workflow_dispatch:

to your workflow. This then allows you to trigger the workflow manually. Navigate to the Actions tab, find your workflow, once you click on it you will see a Run workflow button with an option of the branch you want to run it on.

Resolving dpkg Lock Contention in Ubuntu Deployments

Yulin — Tue, 11 Mar 2025 20:38:04 +0000

Are you seeing the following error causing a failure in your deployment process?

module.nginx.digitalocean_droplet.nginx (remote-exec): E: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7264 (apt-get)
module.nginx.digitalocean_droplet.nginx (remote-exec): N: Be aware that removing the lock file is not a solution and may break your system.
module.nginx.digitalocean_droplet.nginx (remote-exec): E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?
╷
│ Error: remote-exec provisioner error
│ 
│   with module.nginx.digitalocean_droplet.nginx,
│   on nginx/main.tf line 55, in resource "digitalocean_droplet" "nginx":
│   55:   provisioner "remote-exec" {
│ 
│ error executing "/tmp/terraform_1926178835.sh": Process exited with status
│ 100
╵

and different variations of it occasionally popping up

E: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 7264 (apt-get)

E: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 9983 (unattended-upgr)

This is a race condition, the issue occurred because two system processes were running simultaneously: an automated package update service (unattended-upgrades) and an initialization process for cloud-based environments (cloud-init script) which includes a apt-get command. unattended-upgrades runs as soon as the container starts up and it is responsible for automatically updating software packages within aptitude, the underlying package management system. When unattended-upgrades runs, it acquires a lock on the dpkg frontend to ensure that no other processes modify packages until all updates are complete. This lock prevented other processes from installing or removing software until the update process was complete.

Investigation

Check /var/log/unattended-upgrades for the frequency of unattended-upgrades, it should be running periodically once enabled but have seen it ran at irregular frequencies unsure why. It is also a good idea to check syslogs, dpkg logs and check the individual config for apt-daily timers, and cron config. You can run the following to see the scheduled upcoming timers and last ran, look for apt-daily-upgrade.timer and apt-daily.timer Unit in the output table:

systemctl list-timers

Resolving dpkg Lock Contention in Ubuntu Deployments

We should look to disable unattended-upgrades during the cloud-init process and re-enabling it afterwards.

Increase DPKG lock timeout in script
```
sudo apt-get -o DPkg::lock::Timeout=600 [insert-your-command]
```
unattended-upgrades can take up to 10 minutes (or more) to complete,
ensure you set an appropriate timeout to allow sufficient time for the
upgrades. See Waiting for apt locks without the hacky bash scripts for more.
Disable unattended-upgrades during the initialisation process and re-enabling it afterwards.

sudo systemctl stop unattended-upgrades
# execute your custom script with apt-get commands
sudo systemctl start unattended-upgrades
sudo unattended-upgrade

Consider adding the following line to the start of your script to fail immediately once it hits an error for early error detection:

set -euo pipefail

Glossary

What is dpkg?

dpkg (Debian Package Manager) is the low-level package management tool used in Debian-based Linux distributions (like Ubuntu). It handles the installation, removal, and management of .deb packages. However, dpkg does not handle dependencies automatically—if a package requires other software to function, dpkg won’t fetch them automatically.

What is aptitude?

aptitude is a higher-level package manager that works as a user-friendly interface for dpkg. It provides advanced dependency resolution and additional features. aptitude is similar to apt (apt-get), but it offers a more interactive interface, allowing users to browse and manage packages easily.

Key features of aptitude:

Handles dependencies automatically (unlike dpkg)
Provides a text-based interactive UI
Can be used as a command-line tool like apt-get

WSL Error: no space left on device

Yulin — Sun, 14 Apr 2024 22:20:40 +0000

Are you running Ubuntu or some kind of Linux distribution inside of Windows Operating System, and all of a sudden you're getting the error while you are on your code editor



nospc ENOSPC: no space left on device

Your code editor, let's say VS Code server, won't connect to WSL anymore and you're stuck with local changes you haven't yet commit to Github.

Run wsl df -h / in your Powershell and you shall see that the assigned virtual hard disk for your Linux distribution has reached 100% - it is time to expand the allowed space for file storage within the Linux environment. Learn to manage WSL disk space and resize virtual hard disk here.

After you have expanded the virtual disk for the Linux distribution following the link above, when you are attempting to spawn VS Code from WSL using code ., you could encounter a module not found error if your VS Code closed unexpectedly as a downstream consequence of the no space left inside your WSL instance, an example of such error is



Loading "minimist" failed
Error: Cannot find module 'minimist'

The reason for this error could be that the remote WSL connection was closed off and killed the VS Code server on WSL, and then the module is removed/corrupted on the remote host.

You should first try to reboot and shutdown all wsl instances using wsl --shutdown. If none of that worked, you can delete the .vscode-server folder entirely in your WSL home directory, and then spawn VS Code from a WSL prompt as usual using code . to initiate a reinstallation of the VS Code remote.

Be aware that the deletion of .vscode-server folder will remove all your extensions as well, so it's better to keep a backup of the extensions before you remove the .vscode-server folder



mv ~/.vscode-server/extensions ~/.vscode-server-backup/extensions



rm -rf ~/.vscode-server

VS Code should now open up successfully from WSL, close it off so we can recover the extensions with the following commands.

Remove the new automatically created extensions folder:



rm -rf ~/.vscode-server/extensions

and copy over the backed up extensions:



mv ~/.vscode-server-backup/extensions ~/.vscode-server/extensions

Now if you start up VS Code again, it should connect and work as well as before.

Efficiency of Programs: What is the Big O Notation?

Yulin — Wed, 08 Feb 2023 17:19:30 +0000

When we talk about efficiency of a program, the first thing jumps to mind is the running time. The actual running time of your program depends on

what machine it is running on
what other tasks the machine is doing asynchronously

As memory requirement of your program increases, the program slows down, not because the machine is running out of memory but the program is competing with other programs running on computers. The OS is putting things in and out of memory, the higher the memory load the more time you lose for the program to not be in memory.

Therefore to measure the efficiency of your algorithm, time is not the best metric, instead count the number of primitive constant time operations.

Orders of Growth: The Big O notation

In mathematical terms, we say running time t as a function of input size n t(n), is a member of, say quadratic time O(n |-> n^2), but doesn't equate to it. The constant factors have been omitted because we're considering large inputs which the constant factors are miniscule in comparison to the variable factor.

The Big Theta Notation often used interchangeably with the Big O Notation, it tells you how closely related t(n) and n are.

Worth noting that Big O Notation represents the worst case scenario (read more)

If an algorithm is of Θ(g(n)), it means that the running time of the algorithm as n (input size) gets larger is proportional to g(n).
If an algorithm is of O(g(n)), it means that the running time of the algorithm as n gets larger is at most proportional to g(n).

There are some common families of time complexity per type of algorithms:
1.For searching algorithms, in order of increasing time:

Θ(1) constant time, e.g. hash table
Θ(log n)
Θ(n) linear time

2.For sorting algorithms, in order of increasing time:

Θ(n log n), e.g. cutting data structure in halves, and continuously sorting in halves in a binary search tree
Θ(n^2) quadratic time

3.For matrix algorithms:

Θ(n^2)

4.Intractable running times:

Theoretically we can write programs to have such running time, but practically the program would never finish running for large input size. You need an approximate solution that is good enough:

Θ(2^n)
Θ(n!)
Θ(n^n)

Case Study: Recursion and Iteration

In recursion, each recursive call to the function has to set aside memory for its input, until a base case is found then the inner-most procedure reports back to the parent procedures and starts evaluation on the way out. This isn't a question about the running time, but the memory usage which is linear to the size of the problem.

Iterative approach does evaluations on the way in, when you reach the base case the whole computation is already complete. All the work is done prior to the recursive call, there's no need to remember which procedure is waiting for the intermediate answer and only one chunk of memory is needed for the final answer.

Conclusion

First get the program to work, and then worry about efficiency. You should not take preference of iterative because it is more efficient, it is better to get the procedures running correctly and readable. An ounce of mathematics is worth a pound of computing.

Credit to Berkeley The Structure and Interpretation of Computer Programs lectures.

Why is Functional Programming Important? An Introduction to Computer Science

Yulin — Thu, 26 Jan 2023 16:46:36 +0000

Learning happens when the attention is focussed.

If you don't have a good theory of learning, then help yourself focus by removing interference.

Now let's begin by defining what is computer science.

Computer Science is perhaps the wrong name for the field, it is neither about science nor computers (electrical engineering is the study of machines). Programming is more like engineering where the building takes majority of the time, so software engineering would've been a more suited term. However, software engineering has already been taken to represent a whole philosophy of other things. In software engineering there are two areas you should build your understanding in:

complexity engineering, control of complexity
programming paradigms (e.g. functional programming)

It helps to answer the question: why is there more than one programming language? Different languages have different design principles; for example, in scheme everything is first class, in another language it could be that everything is efficiently compile-able.

Being able to implement compact computer programs is an important part of computer literacy. There are three parts to computer literacy:

access literacy, or reading code
creative literacy, or writing code
genre literacy, or adapting to different literatures

Why is the idea of function important?

Firstly, functions are well understood by theoreticians, and it is easier to do reasonings about a computer software system that is built functional.

Computers can do more than one task at a time, this is even truer these days because there are multi-core processors on one chip. If your program is entirely made of functions, the function is by definition unaffected by the behaviour of the rest of the program. The program can be run in parallelism, which is why most people care about functional programming.

You can also compose composition functions without having lots of parameter variables lying around. In Pascal, you can use function as input to another function, but not as return value. It is an arbitrary restriction, because relatively hard for compilers to allow functions as return values.

Terminologies

A function takes some inputs and gives some outputs, and it will always deterministically give you the same outputs given the same inputs. If a function depends on some external variable, then it is not a function because you won't always get the same outputs. The domain of a function is the kinds of things the function takes as arguments, and the range is what it returns as results.

A predicate is a function that returns true or false, in other words, a predicate is a function whose range is boolean.

A procedure is a sequence of steps for computing a function; same function can have different procedures. Inside the computer, there are only procedures.

A procedure is functional if it always creates new values and change nothing about inputs, that new values may or may not point to the same memory as inputs.

For a function f(x) (* x x)

x is the formal parameter, a name for the placeholders of arguments in a function, which will later be substituted with actual argument expression or actual argument value
(* x x) is the function, a prefix notation of multiplication

Calling the function can look like: f (+ 2 3), where the expression in bracket is called the actual argument expression. The actual argument value is 5 which is invisible.

When we say input or argument of a function, it can mean any of the three: formal parameter, actual argument expression, or actual argument value.

Special Form

Special Form is a primitive function where not all its arguments are evaluated, it has its evaluation rules following variable bindings.

Recursion is an example of special form, the first recursion cannot be fully evaluated, otherwise end up in an infinite loop of running the recursive call in the condition statement. The conditional statement has its own evaluation rule and terminates once it finds a base case. As a side note, the base case should always come before the recursive call, otherwise you won't ever find out if it has hit the base case.

Other examples of special form are the if-then-else conditional statement, and defining a function. So a special form is really a special expression with a predefined language keyword as the name.

There are two types of evaluation based on the order:

Applicative Order Evaluation： evaluate the arguments and then apply

Evaluate all the argument sub-expressions to turn all the actual argument expressions into actual argument values. Then pass the actual argument values to procedures, by substituting the formal parameters in the body of the procedures. This is illustrated in the example above.

Normal Order Evaluation： fully expand and then reduce

Take the actual argument expressions and substitute them in the function body. Nothing gets evaluated until a primitive is called.

Why does order matter?
When you have a non-functional argument where you'd get a different output each time e.g. a random integer, the normal order evaluation will give you different answers each time. Functional programming protects you to having think about what's going on and where inside the computer.

Function as Data: Generalising Patterns

In everyday language, we categorise words into nouns, verbs, etc. In programming by metaphor, data is the noun and procedures are the verbs. However, this is not how it works in programming, the line between data and function is blurred.

Higher order procedures either take a procedure as an argument or returns a procedure. A higher order procedure represents a higher order function, it does that in order to generalise patterns.

Taking function as an argument in another function, the argument does get evaluated in an applicative order, but evaluating is not the same as invoking. Evaluating recognises the argument is a function with certain name, invoking runs the nested function with arguments.

In other words, treat functions as data, i.e. first class data types. Function names are no different than variable names, with their values being the lambda expression with formal parameters and body. You can use procedures as data to build any control mechanism you want.

A data type is first class in a language if things of that type can be value of a variable (i.e. assigning a procedure in this case), or can be anonymous (a lambda function, procedure without name). A first class data type can be a member of an aggregate e.g. an array. Here's a list of capabilities for a first class type in no particular order:

the value of a variable
anonymous
argument to a procedure
value returned by a procedure
a member of an aggregate

In every language, numbers are first class. Characters in a string are first class in some languages, but not all (e.g. C). Data aggregates are rarely first class, but pointers to the aggregates are. Hardly any language gives procedures as first class, but that's changing e.g. Python has lambda, Java has anonymous class.

A powerful programming language should not only provide means to instruct computers to do tasks, but also serve as a framework within which you can organise your ideas about procedures. This is achieve through three things: primitive expressions, means of combining and abstracting elements.

Credit to Berkeley The Structure and Interpretation of Computer Programs lectures.

How to Write Clean Code? A Chapter on Functions and Names

Yulin — Wed, 19 Oct 2022 14:37:50 +0000

No one writes clean code from the get go, our first attempt is always to make the code run and heavily biassed towards code production speed than code quality. Many developers skip the cleaning step because it takes about same amount of time it took to write the code.

As a developer, there are two parts to your job

Communicate with computers
Communicate with peers

Getting the code run (communicate with computers) is only half of the job, and it is the least important. You must write code that is maintainable by someone else(communicate with peers) .

The only way to go fast is to go well.

What is Clean Code?

Clean code is a piece of code which make up a function that does one thing well. How do you define or measure one thing? Objectively speaking, you know you have a clean code if you cannot extract out another meaningful function from it.

Clean code is simple and direct, reads like well written prose.

Clean code looks like written by someone who cares.

Clean code is when each routine you read is exactly as you expect, and there are no surprises.

Good Practices for Functions

Function names should be verbs, because functions carry out actions.

Function should take no more than 3 arguments, because the number of ways to place the arguments increases factorially. For large number of arguments, make an object or use other data structures. Don’t pass boolean into functions in most cases, because it means the function must have an if statement in the function body, better to have two separate functions and call the corresponding one in each case. For a group of functions that manipulates a common set of variables, use a class.

As aside to function inputs, outputs out of context can be distracting too. If returning error, prefer exceptions to returning error codes.

The First Rule of Functions:
Function bodies should be small, which means they should do one thing. Continuously extract logics from them until you can't anymore. You will end up with a semantic tree of functions with function names, packages and modules.

Every line of a function should be at the same level of abstraction. It is like journalism, level of details increases as you read on and each title is self explanatory. It allows readers to exit early and only read parts that are interesting to them. Bad code means readers have to understand and read each and every single line of code without choice.

Avoid switch statements, it is fragile and not easily adaptable. There are two associated drawbacks:

One should be able to extend the behaviour of a module without modifying it, which is not possible with switch statements. Creating base classes instead would solve such problem.

Open-Closed Principle (one of SOLID principle): a module should be open for extension but closed for modification.
Switch statements act as a dependency magnet, makes it difficult to independently compile and deploy programs e.g. jar file is a runtime linking loader, so you can independently deploy parts of program like the GUI which constantly changes (Isolate GUI from business rules and database).

Use explanatory variables where appropriate to explain context/content.

Don't repeat yourself - DRY principle.

Structure of Functions

There are two types of functions:

command functions have side effects, change state of the system
query functions have no side effects, simply return values

Side effect functions come in pairs (e.g. new-delete, open-close), pairs of functions must be called in the right order, so contain the pair within the same function make more sense to avoid memory leaks (usually such function will return void). Garbage collection makes it easy to forget free allocated memories.

By convention, you should aim for command and query separation.

Every algorithm can be written out of sequence, iteration, selection(if-else), so then algorithm can be proven correct (No goto statements in Java)

However, programming is not the exact equivalent to math theorems, we write tests to prove the software is not incorrect instead of proving it to be correct.

credit @clean Code Uncle Bob Lesson 1

What is the Internet? How is Data Transmitted Across Networks?

Yulin — Thu, 30 Jun 2022 16:37:19 +0000

The web is one of the many applications to access the internet, and web browsers are just a computer program that enables you to view and download webpages. What happens when you click enter on the address bar?

What is the Internet?

The internet is a decentralised network of networks (of computers). Each connected computer have an unique address called IP (Internet Protocol) address. The internet is composed of three parts:

The last mile, provided to homes and businesses through TV companies, fibre optics, telephone cables, towers (wireless).
Data centres, rooms of servers that store data and host content.
The backbone, networks that carry data between data centres and consumers.

Data Centres <--> Backbone <--> Last Mile (Consumers)

You can use the built-in ping program to see if your computer is alive on the internet. Open the terminal and type the following command:

ping www.google.com

The ping program maps the domain name to the computer's IP address, sends a ICMP (Internet Control Message Protocol) request and comes back with a reply.

Transmission of Data

The human readable data needs to be resolved into electronic signals for machines before it reaches the backbone, protocol stack in the operating system takes care of this job.

Message on the sender machine goes through 4 protocol layers in a broad sense:

Application Protocol Layer, where user interacts and specific for each application e.g. HTTP
Transmission Control Protocol (TCP) Layer, directs packets of data to the correct application (i.e. listening port) once it arrives on the target computer
Internet Protocol Layer, packets directed to computer associated with the IP address
Hardware layer, converts between binary data and network signals

TCP/IP standard is the foundation of modern internet, which is why the protocol stack is also known as TCP/IP stack.

The packets then will make their journey through several routers and backbones until they find the target destination. Each router knows its sub-networks and holds an IP address table for that region, it acts as a packet switch to direct packets in the routing hierarchy. Use the trace route program to see the path taken in action:

traceroute www.google.com

On the receiver side, the packets of data goes through the layers in reverse order to reconstruct the original message.

Well Known Port Numbers

Protocol	Port
FTP	20/21
Telnet	23
SMTP	25
HTTP	80

References

The Internet Explained
How Does the Internet Work?

The Most Difficult Syntax in Go for a Programming Newbie

Yulin — Mon, 23 May 2022 10:06:57 +0000

This is a soft introduction to Go for those who have never coded in a typed language before. Go is a simple language and exposes some syntax like pointers which are hidden in other higher level languages. You might have heard of concurrency and channels in passing and you will come across these concepts in Go. There are also some interesting types in Go which can improve code performance if used in right places, i.e. empty interface and struct.

Quick Links:
Pointers
Empty Interface
Empty Struct
Concurrency

Pointers

Variables are passed as arguments into a function by their values in Go, meaning that the variable themselves are not modified by the function. A new copy of the variables are created and stored in separate memory spaces the moment they are passed as arguments. To actually change the variables through the operations in the function, we must pass the variables by pointers by adding a ampersand in front of the variables.

Let's see some examples to illustrate the concept

Pass by values

Run the following code, you'll find the variable remain unchanged

package main

import "fmt"

func changeNumber(number int){
        number = 5
}

func main() {
    i := 40
    changeNumber(i)
    fmt.Println(i)
}

Pass by pointers

Notice the two symbols used here:
* applied on a pointer denotes the underlying value of the pointer, which allows us to change the original value the pointer stored.

* applied to a Go type, denotes a pointer of that type.

& applied on a variable generates a pointer of that variable.

package main

import "fmt"

func changeNumber(number *int){ //pass pointer type *int, which is a pointer to the type int
        *number = 5 // set number through the pointer
}

func main() {
    i := 40
    changeNumber(&i) //pointer to variable i
    fmt.Println(i)
}

Empty Interface

An object is of a certain interface type if it implements all of the methods detailed in the interface. An empty interface is an interface that specifies zero methods. Therefore any type implements the zero method empty interface.

type empty interface{} // named empty interface
var empty interface{} // anonymous empty interface

This is useful where a function does not know the type of the input parameters, for example:

package main

import "fmt"

func printAnything(something interface{}){ 
        fmt.Printf("%v is of type %T\n", something, something)
}

func main() {
    // declare variable "anything" to be an empty interface type
    var anything interface{} 
    // assign 1 to the variable, which is of type int
    anything = 1
    printAnything(anything)
    // reassign the variable with a different type, allowed because "anything" implements the empty interface
    anything = "word"
    printAnything(anything)
}

Empty Struct

A struct in Go is a way to construct an object, a struct contains named fields each has a name and a type.

type empty struct{} // named empty struct
var empty struct{} // anonymous empty struct

An empty struct is special in rust because it has no memory cost:

fmt.Println(unsafe.Sizeof(empty)) //size 0

This makes an empty struct a perfect option for maps that checks the existence of an element or filter through an duplicated array, or make a synchronisation channel:

package main

import "fmt"

func main() {
        // an array of duplicated integers
    nums := []int{1, 2, 3, 4, 5, 1, 2, 3}
        // map to stored unique integers from the array
    checkNumExist := make(map[int]struct{})
    for _, num := range nums {
        checkNumExist[num] = struct{}{}
    }
    for key := range checkNumExist {
        if _, exist := checkNumExist[key]; exist {
            fmt.Printf("num %d exists!", key)
        }
    }
}

Concurrency

Normally you would expect your code to execute from top to bottom in the exact order you've written it. Concurrency when the code execution is out of order, multiple computations happening at the same time to get a faster result. If the number of tasks is more than the number of processors available, time slicing is a technique used by the processors to simulate concurrency by switching between tasks. A common concurrency related problem is race condition, whereby the relative timing of the concurrent modules can return an inconsistent result if you were running the program non-concurrently. They are hard to debug because the reproducibility of the same outcome is hard.

In terms of communication, there are two models for concurrent programming:

Shared Memory

Concurrent modules have the same access to the same object.

Message Passing

Concurrent modules communicate through channels, sending and receiving messages from and to channels.

Make Channels

In Go, the syntax for making channels:

ch1 := make(chan int) //unbuffered channel, takes one message
ch2 := make(chan int, 5) //buffered channel, takes multiple messages

Sending to an unbuffered channel will be blocked until the message has been received. Sending to a buffered channel on the other hand is a non-blocking operation as long as the channel hasn't used up its full capacity.

Write a message to a channel:

ch1 <- 1

Receive/read a message from a channel:

msg := <- ch1
msg, closed := <- ch1 // closed is true if channel closed

Open a thread

To run a function in a separate thread, add the keyword "go" before you call the function. All goroutines share the same memory space, to avoid race conditions make sure you synchronise memory access e.g. by using "sync" package.

package main
import (
"fmt"
)

func main(){
// make an int type channel
ch := make(chan int)

// anonymous goroutine
go func(){
    fmt.Println(<- ch) // print the received
}()

ch <- "Hello World!" //send to channel

}

This is a simple example on a goroutine, pay attention to the order of the goroutine, it comes before the send. This is because for an unbuffered channel, communications are sync, use buffered channels for async.

Here's another example on coordinating goroutines, taken from riptutorial:

func main() {
    ch := make(chan struct{})
    go func() {
        // Wait for main thread's signal to begin step one
        <-ch

        // Perform work
        time.Sleep(1 * time.Second)

        // Signal to main thread that step one has completed
        ch <- struct{}{}

        // Wait for main thread's signal to begin step two
        <-ch

        // Perform work
        time.Sleep(1 * time.Second)

        // Signal to main thread that work has completed
        ch <- struct{}{}
    }()

    // Notify goroutine that step one can begin
    ch <- struct{}{}

    // Wait for notification from goroutine that step one has completed
    <-ch

    // Perform some work before we notify
    // the goroutine that step two can begin
    time.Sleep(1 * time.Second)

    // Notify goroutine that step two can begin
    ch <- struct{}{}

    // Wait for notification from goroutine that step two has completed
    <-ch
}

Side Notes on Go Map

The Go's implementation of a map is a hashmap. A hashmap uses a hash function that takes a key and returns a deterministic value derived from the key. Each item in the hashmap gets an unique index, so called a hash. The hashmap data structure is an array of buckets, each contains a pointer/unique index to an array of key-value pairs. The map methods are converted to calls to the runtime during code compilation. To read more about Go maps click here.

Useful resources & References

Tour of Go
Net Ninja Youtube playlist
Concurrency - MIT
Concurrency - RIP tutorial

OverTheWire Natas Levels 0-11 Thinking Out Loud

Yulin — Fri, 29 Apr 2022 08:52:16 +0000

level 0 - Inspect
Level 1 - Shortcut
Level 2 - Sources
Level 3 - robots.txt
Level 4 - HTTP request
Level 5 - Cookies
Level 6 - PHP
Level 7 - local file
Level 8 - PHP
Level 9 - Command Injection
Level 10 - grep
Level 11 - Cookie

Level 0

Open the website in Chrome browser. Once logged in to level 0, right click > View Page Source, or right click > Inspect Element. The password for next level is simply commented out below the visible content of the html document.

Level 1

Right click is disabled on the website, so we need to find an alternatively to inspect the webpage. On windows, the shortcut to bring up inspector tools is F12, or ctrl+shift+i. On Mac, the corresponding shortcut is cmd+opt+i. The password again is hidden in the comment.

Level 2

This time, when we go to the Elements section in the developer window, instead of a comment we get an image tag. When we hover over the src of the image, it displays a link. A click on the link directs us to the path:

http://natas2.natas.labs.overthewire.org/files/pixel.png

There isn't anything interesting to see. Let's go back a step and just add /files to the end of the natas url:

http://natas2.natas.labs.overthewire.org/files

There is a text file called users.txt which looks promising, opening the file indeed shows the password for next level!

Level 3

The clue for this level is within the comment in html:

No more information leaks!! Not even Google will find it this time...

Google uses web crawlers/robots to index web pages, web site owners use the /robots.txt file to give instructions about their site to web robots; this is called The Robots Exclusion Protocol. Robots.txt is a publicly available file, let's checkout the robots.txt file on this website

http://natas3.natas.labs.overthewire.org/robots.txt
User-agent: *
Disallow: /s3cr3t/

"User-agent: *" means this section applies to all robots.
"Disallow: /s3cr3t/" tells the robot that it should not visit directory /s3cr3t of this site. Need a separate "Disallow" line for every URL prefix you want to exclude.

This is telling us passwords must be in the excluded directory!

http://natas3.natas.labs.overthewire.org/s3cr3t

We see a text file containing the password just like before.

About robots.txt

Level 4

Access disallowed. You are visiting from "" while authorized users should come only from "http://natas5.natas.labs.overthewire.org/"

This message is telling us that we opened the link directly in browser and was not redirected to the current page from http://natas5.natas.labs.overthewire.org/. How does the website know this information?

In HTTP, "Referer" (a misspelling of Referrer) is the name of an optional HTTP header field that identifies the address of the web page (i.e., the URI or IRI), from which the resource has been requested. By checking the referrer, the server providing the new web page can see where the request originated.

Get the ModHeader plugin for Chrome, while you're on the http://natas4.natas.labs.overthewire.org/ page, click on the plugin and put the required referer. Give the page a quick refresh to apply the HTTP proxy interception.

Remember to clear the referer after you get the password as this setting will be applied on all webpages you visit...

Level 5

Access disallowed. You are not logged in

Normally there will a form for us to type our login details if login is required. Some websites use cookies to remember the user login information and grants us access without having to login next time.

A cookie is an HTTP request header and contains the cookies previously sent by the server using set-cookies.

Let's check what cookies the server has in place:
Right click > Inspect to open the developer console. Go to the Applications tab on the console. Expand the Cookies dropdown under the Storage section.

Cookies are set of key-value pairs, under the domain natas5.natas.labs.overthewire.org has a key loggedin which is set to 0. This looks like a boolean key where 0=false, and tells the server the user has not been logged in. Let's modify our request header using the plugin, set cookie loggedin=1.

Level 6

Password: aGoY4q2Dc6MgDq4oL4YtoKtyAg9PeHa1

Go to "View sourcecode" link where PHP code is exposed (PHP code runs on the web server, cannot be seen on "Source" in Dev Tools). PHP code is always wrapped between <?php and ?>:

 <?  
 include "includes/secret.inc";  
   if(array_key_exists("submit", $_POST)) {  
     if($secret == $_POST['secret']) {  
     print "Access granted. The password for natas7 is <censored>";  
   } else {  
     print "Wrong secret";  
   }  
   }  
 ?>

Reading the code line to line, it first imports an external file in relative path "includes/secret.inc", then it checks if user clicked the submit button with some input data. If so, it compares user input to a variable $secret, which must have came from the external file. If the $secret and user input matches, the password is displayed.

Navigate to the relative path of the external file:

http://natas6.natas.labs.overthewire.org/includes/secret.inc

Copy value of $secret, go back to the homepage and paste it into input field to reveal the password for next level.

HELP: Comment below if you know what < censored > tag is!

Level 7

Passsword: 7z3hEENjQtflzgnT29q7wAvMNfZdh0i9

From the comments in source code, we know that the password is in etc/nats_webpass/natas8.

Notice in the URL, there is a path parameter "page" that changes depending on what page is on display. We can try tamper with the path parameter:

http://natas7.natas.labs.overthewire.org/index.php?page=etc/natas_webpass/natas8

But this does not work! We need to access files that is outside current directory. Read about File Inclusion vulnerability for hints.

The File Inclusion vulnerability allows an attacker to include a file, usually exploiting a "dynamic file inclusion" mechanisms implemented in the target application. The vulnerability occurs due to the use of user-supplied input without proper validation.

Local File Inclusion (also known as LFI) is the process of including files, that are already locally present on the server, through the exploiting of vulnerable inclusion procedures implemented in the application. This vulnerability occurs, for example, when a page receives, as input, the path to the file that has to be included and this input is not properly sanitized, allowing directory traversal characters (such as dot-dot-slash) to be injected.

Since the page parameter takes a relative path, we can use "../" to go back up a level on the filesystem tree structure. How many steps it takes to go back to the root directory is unknown, but we can just keep adding the path traversal as there is no consequence of having too many "../". Password appears in the following URL:

http://natas7.natas.labs.overthewire.org/index.php?page=../../../../etc/natas_webpass/natas8

Testing for Local File Inclusion

Level 8

Password: DBfUBfqQG69KvJvJ1iAbMoIpwSNQ9bWe

Click on "View Sourcecode" and read PHP code line by line:

<?

$encodedSecret = "3d3d516343746d4d6d6c315669563362";

function encodeSecret($secret) {
    return bin2hex(strrev(base64_encode($secret)));
}

if(array_key_exists("submit", $_POST)) {
    if(encodeSecret($_POST['secret']) == $encodedSecret) {
    print "Access granted. The password for natas9 is <censored>";
    } else {
    print "Wrong secret";
    }
}
?>

The first line assigns a string to variable $encodedSecret. The function encodeSecret takes the input submitted by user and encode in base64, reverse the string, then converts hexadecimal to binary. This encoded user input is then compared with $encodedSecret and only shows the password if they match.

The $encodedSecret needs to be "decoded" before pasted into the input box. In order to reverse the encoding, you have to write some PHP code, either on a web server with PHP installed, or run on your local machine. The easiest way is to run the PHP code on the command line.

Install PHP on MacOs:

brew install php

Open PHP interactive shell:

php -a

Reverse the encoding:

$encodedSecret = "3d3d516343746d4d6d6c315669563362";
echo base64_decode(strrev((hex2bin($encodedSecret))));

Exit the shell:
ctrl + c

Level 9

Password: W0mMhUcRRnG8dcghE4qvk3JA9lGt8nDl

Click on "View Sourcecode" and read the PHP code for this level:

<pre>
<?
$key = "";

if(array_key_exists("needle", $_REQUEST)) {
    $key = $_REQUEST["needle"];
}

if($key != "") {
    passthru("grep -i $key dictionary.txt");
}
?>
</pre>

First line declares a $key variable and assigns an empty string to it. The first if statement looks for a key "needle" in the request, and assigns the key value to variable $key. The second if statement checks if the variable $key is not an empty string, and passes through the command "grep -i $key dictionary.txt". The "grep" command searches in the dictionary.txt for text that contains $key, "-i" makes it an case insensitive search.

Notice in the URL path parameter there is a key "needle", which matches what is expected in the PHP source code. Whatever you input in the search bar ends up being assigned to the "needle" key param, which is then copied to variable $key.

Level 7 reveals the directory of all passwords: "etc/natas_webpass/", so you need to navigate to that directory somehow. The only place you can interact with the server is when $key has a value.

Read about Shell Injection

To complete this level, you should also know "ls" and "cat" terminal commands.

Now, you can use shell sequential execution character ";" to execute additional commands. Try the following in the search bar:

; ls

The semicolon skips over "grep" search output and executes "ls" command, which returns the file in current directory. Learning from level 7 using path traversal, try the following one by one:

; ls ..
; ls ../..
; ls ../../../../etc/natas_webpass

Notice a file called natas10 in /etc/natas_webpass, to view the content in the file, use "cat" command:

; cat ../../../../etc/natas_webpass/natas10

Reference

Command Injection

Level 10

Password: nOpp1igQAkUzaI1GUUjzn1bFVj7xCNzu

Click on "View Sourcecode" to view the PHP code:

<pre>
<?
$key = "";

if(array_key_exists("needle", $_REQUEST)) {
    $key = $_REQUEST["needle"];
}

if($key != "") {
    if(preg_match('/[;|&]/',$key)) {
        print "Input contains an illegal character!";
    } else {
        passthru("grep -i $key dictionary.txt");
    }
}
?>
</pre>

Compared to last level, there is some extra code to sanitise user input, so you cannot use any kind of sequential command this time. The only place of exploitation is the "grep" command.

Grep is an acronym that stands for Global Regular Expression Print. When it finds a match, it prints the line with the result. To search multiple files with the grep command, insert the filenames you want to search, separated with a space character.

With the single "grep" command execution, we can search multiple files on the server! Try the following in search bar:

1  /etc/natas_webpass/natas11

This searches the number "1" in both dictionary.txt and natas11, because dictionary.txt contains word only, the output displayed is just the password from natas11.

Level 11

Password: U82q5TCMMQ9xuFoI3dYX61s7OZD9JKoK

Click "View Sourcode", there are 2 sets of PHP code:

<?
if($data["showpassword"] == "yes") {
    print "The password for natas12 is <censored><br>";
}

?>

This hints that the $data object has the key "showpassword", and must be set to "yes" to reveal the password.

<?

$defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff");

function xor_encrypt($in) {
    $key = '<censored>';
    $text = $in;
    $outText = '';

    // Iterate through each character
    for($i=0;$i<strlen($text);$i++) {
    $outText .= $text[$i] ^ $key[$i % strlen($key)];
    }

    return $outText;
}

function loadData($def) {
    global $_COOKIE;
    $mydata = $def;
    if(array_key_exists("data", $_COOKIE)) {
    $tempdata = json_decode(xor_encrypt(base64_decode($_COOKIE["data"])), true);
    if(is_array($tempdata) && array_key_exists("showpassword", $tempdata) && array_key_exists("bgcolor", $tempdata)) {
        if (preg_match('/^#(?:[a-f\d]{6})$/i', $tempdata['bgcolor'])) {
        $mydata['showpassword'] = $tempdata['showpassword'];
        $mydata['bgcolor'] = $tempdata['bgcolor'];
        }
    }
    }
    return $mydata;
}

function saveData($d) {
    setcookie("data", base64_encode(xor_encrypt(json_encode($d))));
}

$data = loadData($defaultdata);

if(array_key_exists("bgcolor",$_REQUEST)) {
    if (preg_match('/^#(?:[a-f\d]{6})$/i', $_REQUEST['bgcolor'])) {
        $data['bgcolor'] = $_REQUEST['bgcolor'];
    }
}

saveData($data);

?>

In summary, the $data object has keys "showpassword" and "bgcolor", and the $data "showpassword" value is normally set in cookies is XOR encrypted. It is not as easy as changing "showpassword":"no" to "showpassword:yes" in the cookies now.

The first line in PHP sets a value for the default parameter $defaultdata, it is an associative array with key "showpassword" and "bgcolor".

Function loadData() is called first, it takes $defaultdata, copies the array to a local variable $mydata. It checks if there is a cookie data, if so, the cookie data is base64 decoded, xor_encrypted, json decoded to the associative array and saved in $tempdata. If $tempdata is an array that has keys "showpassword" and "bgcolor" just like $mydata, the values replace the ones in $mydata. loadData() returns $mydata and saved in $data.

$data is json encoded, xor_encrypted, base64_encoded and set as the new cookie data through saveData().

Check the cookie by Right Click > Inspect > Application > Cookies, the current value of data is:

ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxEIaAw%3D

This is indeed a string in base64.

Take a closer look at xor_encrypt(), It has a local variable $key which is censored. $text takes a copy of input parameter $in, in this case it is the cookie data. The for loop goes through each character of cookie data and XOR with characters of $key.

"^" is the bitwise exclusive or operator, which acts on binary numbers. The XOR operator on two binary numbers gives a 1 where only one of the numbers has a 1, hence exclusive (0^0 = 0, 0^1 = 1, 1^0 = 1, 1^1 = 0).

When you use XOR on characters, you're using their ASCII values. These ASCII values are integers (order on the ASCII table), so they're implicitly converted from decimal to binary before XOR, then converted back to decimal.

To find the password:

Find $key in xor_encrypt() so you can run the function locally
change "showpassword"=>"no" to "showpassword"=>"yes" in $defaultdata and pass it through the series of encoding
Paste the new encoded data in cookies

Find key

A XOR B = C means that C XOR A = B, so you can XOR again to reverse and get the key. You will need to run some PHP code:

$defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff");

function xor_encrypt($in) {
    $key = base64_decode("ClVLIh4ASCsCBE8lAxMacFMZV2hdVVotEhhUJQNVAmhSEV4sFxEIaAw%3D");
    $text = $in;
    $outText = '';

    // Iterate through each character
    for($i=0;$i<strlen($text);$i++) {
    $outText .= $text[$i] ^ $key[$i % strlen($key)];
    }

    return $outText;
}

$key = xor_encrypt(json_encode($defaultdata));

echo $key;

The output is a repetition of qw8J:

qw8Jqw8Jqw8Jqw8Jqw8Jqw8Jqw8Jqw8Jqw8JqwnJq

This is expected because the json encoding string is probably longer than the key, and the XOR for loop cycles through the characters of key.

Let's double check the guess that $key=qw8J :

$defaultdata = array( "showpassword"=>"no", "bgcolor"=>"#ffffff");

$data = base64_encode(xor_encrypt(json_encode($defaultdata)));

echo $data;

This indeed returns the cookie data that is seen in Dev Tools.

Show password

Now set the associative array "showpassword" to "yes":

$defaultdata = array( "showpassword"=>"yes", "bgcolor"=>"#ffffff");

$data = base64_encode(xor_encrypt(json_encode($defaultdata)));

echo $data;

This returns the new encoded cookie data, with "showpassword" set as "yes":

ClVLIh4ASCsCBE8lAxMacFMOXTlTWxooFhRXJh4FGnBTVF4sFxFeLFMK

New cookie data

Paste this new base64 string into the value for cookies, and give the page a refresh, you shall see the password shown on the page.

OverTheWire Bandit Levels 19-34 Hints and Notes

Yulin — Thu, 24 Mar 2022 16:39:12 +0000

Level 19 - setuid
Level 20 - nc
Level 21 - cron
Level 22 - Script
Level 23 - Script
Level 24 - for loop
Level 25 - more
Level 26 - shell
Level 27 - git clone
Level 28 - git log
Level 29 - git branch
Level 30 - git tag
Level 31 - gitignore
Level 32 - bash
Level 33

Level 19

Use the setuid binary in the homedirectory to access /etc/bandit_pass/bandit20

ls -l on the homedirectory file you will see letter s in the permissions in place of the user execution.

Setuid, which stands for set user ID on execution, is a special type of file permission in Unix and Unix-like operating systems such as Linux and BSD. It is a security tool that permits users to run certain programs with escalated privileges.

When an executable file's setuid permission is set, users may execute that program with a level of access that matches the user who owns the file. For instance, when a user wants to change their password, they run the passwd command. The passwd program is owned by the root account and marked as setuid, so the user is temporarily granted root access for that limited purpose.

Here, the homedirectory bandit20-do has the setuid permission set, and /etc/bandit_pass/bandit20 can only be read by the owner bandit20. We can open /etc/bandit_pass/bandit20 at the runtime of bandit20-do binary:

./bandit20-do cat /etc/bandit_pass/bandit20

Level 20

A setuid binary in the homedirectory that does the following: it makes a connection to localhost on the port you specify as a commandline argument. It then reads a line of text from the connection and compares it to the password in the previous level (bandit20). If the password is correct, it will transmit the password for the next level (bandit21)

1.Check which ports are in use

nmap localhost

2.Open a connection on an unused port and send current password

echo password | nc -l -p 60000 &

The & at the end allows you to listen to port in the background, so you can run the next command in the same terminal.
3.Run the setuid binary on the port

./suconnect 600000

Level 21

A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed

Let's look at what is inside the crontab file for bandit22. A crontab file is a simple text file containing a list of commands meant to be run at specified times.

cat cronjob_bandit22

Typical format for a cron job is:
Minute(0-59) Hour(0-24) Day_of_month(1-31) Month(1-12) Day_of_week(0-6) Command_to_execute

Cron offers some special strings, which can be used in place of the five time-and-date fields:

@reboot, run once at startup
@yearly, run once a year, "0 0 1 1 *"
@annually, same as @yearly
@monthly, run once a month, "0 0 1 * *"
@weekly, run once a week, "0 0 * * 0"
@daily, run once a day, "0 0 * * *"
@midnight, same as @daily
@hourly, run once an hour, "0 * * * *"

program &> /dev/null, which will redirect both stderr and stdout to /dev/null, so nothing will be printed on screen. /dev/null is a special file (i.e. a virtual device, known as the null device) that’s present in every single Linux system and purely used to write. Everything you write to /dev/null will be discarded.

Now let's see the bash script that is been executed

cat /usr/bin/cronjob_bandit22.sh

#!/bin/bash is called a shebang line, this script runs in the bash environment
chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv chmod 644 means only the owner are allowed to write/modify, read-only for others (group) included
cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv gets password from bandit22 and redirects stdout to /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv

To view the password for next level:

cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv

Level 22

A program is running automatically at regular intervals from cron, the time-based job scheduler. Look in /etc/cron.d/ for the configuration and see what command is being executed

Output from cat /usr/bin/cronjob_bandit23.sh :

#!/bin/bash

myname=$(whoami)
mytarget=$(echo I am user $myname | md5sum | cut -d ' ' -f 1)
echo "Copying passwordfile /etc/bandit_pass/$myname to /tmp/$mytarget"
cat /etc/bandit_pass/$myname > /tmp/$mytarget

The first line is shebang as usual, defining the bash environment in which the script is run.

The second line assigns output from command whoami to variable myname.

The next line uses a new command md5sum.

When downloading files, particularly installing files from websites, it is good to verify that the download is valid. A website will often display a hash value for each file to make sure the download is completed correctly. md5sum is one of the tools you can use to validate file transfer.

If a file has changed, the checksum will throw a warning. Here we're simply displaying the hash for text I am user $(whoami), clean the output with cut and assign the hash to variable mytarget.

Output from echo I am user $myname | md5sum:

8169b67bd894ddbb4412f91573b38db3  -

There's an extra dash after the hash. cut -d cut -d ' ' -f 1 specifies the delimiter (-d) as space (' '), and select the first field with -f. -d ' ' separates the hash and dash since there's a space between them, returns the hash only.

When this script is being run, it will write the currently logged-on user’s password into a file.

We can see the password is redirected to /tmp/hash. There is a caveat here, the currently logged-on user is bandit22, but we want the password for bandit23:

echo I am user bandit23 | md5sum | cut -d ' ' -f 1

This gives us the file name in tmp directory that stores bandit23 password. Now we just need to view it using cat /tmp/hash.

Level 23

Follow the same procedure as the previous level, the shell script running in /usr/bin/cronjob_bandit24.sh:

#!/bin/bash

myname=$(whoami)

cd /var/spool/$myname
echo "Executing and deleting all scripts in /var/spool/$myname:"
for i in * .*;
do
    if [ "$i" != "." -a "$i" != ".." ];
    then
        echo "Handling $i"
        owner="$(stat --format "%U" ./$i)"
        if [ "${owner}" = "bandit23" ]; then
            timeout -s 9 60 ./$i
        fi
        rm -f ./$i
    fi
done

First the shebang is declared, then myname saves user who is currently logged on the system. Goes inside the directory /var/spool/$myname, prints the task it is about to carry out on screen with echo.

The for loop for i in * .* matches all files in the currently directory, including hidden files starting with a dot. for i in * returns all regular files in the working directory, for i in .* returns all hidden files (starting with a dot).

if [ "$i" != "." -a "$i" != ".." ] skips the special files . and .. in the for loop.

The stat command displays file status. Try stat -x file to see the output from stat. --format option allows you to design the desired output from stat. %U format specifier returns the owner of the file/file system. There are many versions of stat, on Mac, the equivalent command is stat -f %Su file.

The timeout allows the user to execute a command and then terminate it after a set time has passed. The timeout command uses the “SIGTERM” to stop a process, but many processes ignore the “SIGTERM” signal. To forcefully terminate a process using the “SIGKILL” signal -s 9, cannot be ignored by any process.

Here, it checks if the owner of file is bandit23. If so, execute the file, and terminate after 60 seconds.

At the end of the for loop, it removes each file/folder.

Find where the password is stored
From previous levels, we know that all passwords are in /etc/bandit_pass. Password for bandit24 will be in /etc/bandit_pass/bandit24. However, we get a permission denied when we directly cat /etc/bandit_pass/bandit24.
Make the bash script
We do have permissions to create, read and write files in /tmp, make a new folder in tmp with mybandit23.sh that contains the following bash script (/tmp/dir23/mybandit23.sh):
```
#!/bin/bash                                             
cat /etc/bandit_pass/bandit24 > /tmp/dir23/bandit24pass       
```
Make the file executable by changing the mode to have all permissions:
```
chmod 777 mybandit23.sh
```
You might want to change the permissions of the entire dir23 folder to make it writable by others.
Copy the bash script to be run by bandit24

We know that if we make an executable script in /var/spool/bandit24, it will be run with a timeout of 60 seconds.
```
cp mybandit23.sh /var/spool/bandit24/mybandit23.sh
```
Check our bash script is there:
```
cat /var/spool/bandit24/mybandit23.sh
```

Wait until the shell script file in the folder is deleted, and check the /tmp/dir23 directory, a bandit24pass file should appear. cat bandit24pass to get the password.

Level 24

A daemon is listening on port 30002 and will give you the password for bandit25 if given the password for bandit24 and a secret numeric 4-digit pincode. There is no way to retrieve the pincode except by going through all of the 10000 combinations, called brute-forcing.

nc localhost 30002 asks for the password and a 4 digit pin code on a single line. The steps we need to take are get all combinations of the password and pins, pass each one to port 30002.

Navigate to /tmp where we are granted write permissions, and make a new folder called mydir24. Inside /tmp/mydir24, create a shell script bruteforce.sh that would loop through 4 digit numbers and append each one to pins.txt

#!/bin/bash
for i in {0000..9999}
do 
    echo "password $i" >> pins.txt
done

Make the bash script executable by user:

chmod 700 bruteforce.sh

Now run the script to create pins.txt, and give the output to port 30002:

nc localhost 30002 < pins.txt

cat pins.txt | nc localhost 30002

Level 25

Logging in to bandit26 from bandit25 should be fairly easy… The shell for user bandit26 is not /bin/bash, but something else. Find out what it is, how it works and how to break out of it.

In the home directory of bandit25, there is a bandit26.sshkey private key file,

ssh -i bandit26.sshkey bandit26@localhost

the connection closes immediately. Let's take the hint from the task and checkout what shell bandit26 is using.

The /etc/passwd file is a text file with one record per line, each describing a user account. It consists of 7 fields, the last field is the program that is started every time the user logs into the system, i.e. the shell for an interactive user.

cat /pwd/passwd | grep bandit26

Instead of /bin/bash, bandit26 uses /usr/bin/showtext. A quick cat /usr/bin.showtext gives

#!/bin/sh

export TERM=linux

more ß/text.txt
exit 0

The code that terminates the shell is exit 0, and the only command that runs before is more ~/text.txt.

more command is used to view the text files in the command prompt, displaying one screen at a time in case the file is large.

Minimise your terminal before ssh into bandit26 to trigger more. The large “bandit26” ASCII art banner will force a “more” message to prompt you to continue. Press v to enter the default vim text editor, and type ":e /etc/bandit_pass/bandit26" to open bandit26 password file within vim.

Level 26

The shell still immediately terminates after ssh login. Do the same trick again, minimise the terminal window and then ssh login. Press "v" to enter vim and change shell type ":set shell=/bin/bash". Now type ":shell" should take you back to the bash shell. Do "ls -l" to see all files in the home directory.

The file "bandit27-do" has the special permission for the user access level, which means we can directly "cat" the password in /etc/bandit_pass/bandit27 (only bandit27 has the read permission) while we execute bandit27-do. A file with SUID always executes as the user who owns the file, regardless of the user passing the command.

./bandit27-do cat /etc/bandit_pass/bandit27

Level 27

There is a git repository at ssh://bandit27-git@localhost/home/bandit27-git/repo. The password for the user bandit27-git is the same as for the user bandit27. Clone the repository and find the password for the next level.

ssh login to bandit27 as usual, make a new directory within /tmp/ where we have the write permission.

mkdir -p /tmp/dir27

cd into the directory, then

git clone ssh://bandit27-git@localhost/home/bandit27-git/repo

Enter the password when you're prompted on the command line. There is only one file contained in the repository, cat the file to see bandit28 password.

Level 28

There is a git repository at ssh://bandit28-git@localhost/home/bandit28-git/repo. The password for the user bandit28-git is the same as for the user bandit28. Clone the repository and find the password for the next level.

Same procedure as the previous level, mkdir -p /tmp/dir28, then git clone ssh://bandit28-git@localhost/home/bandit28-git/repo. This time when you cat the README.md, it doesn't show the password. Let's have look at the commit history to see if there's any clue. Type following command within the repository:

git log

commit edd935d60906b33f0619605abd1689808ccdd5ee
Author: Morla Porla morla@overthewire.org
Date: Thu May 7 20:14:49 2020 +0200
fix info leak
commit c086d11a00c0648d095d04c089786efef5e01264
Author: Morla Porla morla@overthewire.org
Date: Thu May 7 20:14:49 2020 +0200
add missing data
commit de2ebe2d5fd1598cd547f4d56247e053be3fdc38
Author: Ben Dover noone@overthewire.org
Date: Thu May 7 20:14:49 2020 +0200
initial commit of README.md

There are actually 3 commit pushes for the repository. From the commit messages, it looks like the second commit probably contains the password. To see the actual changes made in each commit, do git log -p; Alternatively, to display changes in the second commit only, do git show followed by the commit hash:

git show c086d11a00c0648d095d04c089786efef5e01264

Level 29

There is a git repository at ssh://bandit29-git@localhost/home/bandit29-git/repo. The password for the user bandit29-git is the same as for the user bandit29. Clone the repository and find the password for the next level.

Same procedure as the previous level, mkdir -p /tmp/dir28, then git clone ssh://bandit28-git@localhost/home/bandit28-git/repo. This time when you cat the README.md, in place of password it shows no passwords in production!. It implies this is the production branch, there is probably a development branch. To see all existing branches:

git branch -a

switch to the dev branch:

git checkout dev

see the README.md file on this branch:

cat README.md

Level 30

There is a git repository at ssh://bandit30-git@localhost/home/bandit30-git/repo. The password for the user bandit30-git is the same as for the user bandit30. Clone the repository and find the password for the next level.

Same procedure as previous levels, but this time there is nothing useful contained in README.md...neither git branch or git log has anything interesting. Do ls -al to see the hidden files, cd .git and search for anything that looks like a clue. The packed-refs file contains reference to the master branch, as well as a tag called secret. Let's check existing tags:

git tag

Double check the tag reference:

git show-ref --tags

Tags are ref's that point to specific points in Git history. Tagging is generally used to capture a point in history that is used for a marked version release (i.e. v1. 0.1). A tag is like a branch that doesn't change. Unlike branches, tags, after being created, have no further history of commits.

Reveal the content of the tag using git show:

git show secret

Level 31

There is a git repository at ssh://bandit31-git@localhost/home/bandit31-git/repo. The password for the user bandit31-git is the same as for the user bandit31. Clone the repository and find the password for the next level.

Same procedure as previous levels, the actual instructions are in README.md of the repository. The task for this level is to push a text file to the remote repository. Inside of the repository, make the key.txt file with the required text.

Now the file exists locally, to push to remote, first step is to add the file to stage:

git add .

Double check the file has been added:

git status

and it hasn't! Let's see everything inside the repository:

ls -al

There is a .gitignore file which tells git not to track the changes in certain types of files. Remove the line from .gitignore, now try add to stage again, then git commit:

git commit -m "adding my key file"

and push the changes:

git push

Level 32

After you ssh login, you will enter UPPERCASE SHELL where non of the terminal commands work anymore. To escape out of the shell and spawn a new shell, use the special parameter:

$0

display password as usual:

cat /etc/bandit_pass/bandit33

$0 Expands to the name of the shell or shell script. This is set at shell initialization.

If Bash is invoked with a file of commands, $0 is set to the name of that file.

If Bash is started with the -c option, then $0 is set to the first argument after the string to be executed, if one is present. Otherwise, it is set to the filename used to invoke Bash, as given by argument zero.

What is the meaning of $0 in the Bash shell

Level 33

ssh bandit33@bandit.labs.overthewire.org -p 2220

password: c9c3199ddf4121b10cf581a98d51caee

bandit33@bandit:~$ cat README.txt
Congratulations on solving the last level of this game!

At this moment, there are no more levels to play in this game. However, we are constantly working on new levels and will most likely expand this game with more levels soon.

Keep an eye out for an announcement on our usual communication channels!

In the meantime, you could play some of our other wargames.

If you have an idea for an awesome new level, please let us know!

OverTheWire Bandit Levels 0-18 Hints and Notes

Yulin — Thu, 10 Mar 2022 18:22:11 +0000

Level 0 -SSH
Level 1 - Cat
Level 2 - Cat
Level 3 - ls
Level 4 - File
Level 5 - Find
Level 6 - Find
Level 7 - Grep
Level 8 - Piping
Level 9 - Strings
Level 10 - Base64
Level 11 - ROT13
Level 12 - Hexdump
Level 13 - SSH localhost
Level 14 - nc
Level 15 - Openssl
Level 16 - nmap, chmod
Level 17 - diff
Level 18 - pty

Level 0

The syntax to ssh login is ssh your_username@host_ip_address, and we can specify the port using -p:

ssh bandit0@bandit.labs.overthewire.org -p 2220

Level 1

Open file called - located in the home directory

cat ./-

Just cat - command will be interpreted as using standard input and output to read from and write to. The ./- defines a relative path to the file.

Alternatively redirect the file to cat:

cat < -

Level 2

Open file called spaces in this filename located in the home directory

cat "spaces in this filename"

cat spaces\in\this\filename

Level 3

Find hidden file in the inhere directory
To get inside the inhere directory:

cd inhere

Hidden files are files whose names start with a dot. To display the hidden files in current directory, we can use the -al option of ls:

ls -al

and then

cat .hidden

Level 4

Find the only human-readable file in the inhere directory
The cat command is used on text files, i.e. human readable. To find the file types of all files in current directory:

file ./*

Spot the only ASCII text file and cat on the file.

Level 5

Find the file somewhere under the inhere directory and has all of the following properties:

human-readable
1033 bytes in size
not executable

find ./inhere -readable -size 1033c \! -executable

Note that this command will not work on BSD, i.e., Mac terminal version of find.

Alternatively, loop through everything and file on each one:

for i in $(ls); do file -i "./$i"; done;

Level 6

Search for a file in server that has all of the following properties:

owned by user bandit7
owned by group bandit6
33 bytes in size

find / -size 33c -user bandit7 -group bandit6

The suffix c in 33c indicates bytes, other options are:

b – 512-byte blocks (this is the default if no suffix is used)
c – bytes
w – two-byte words
k – Kilobytes
M – Megabytes
G – Gigabytes

How to use find command to search for files based on file size

Level 7

Find the line containing the word millionth

grep --include=\*.{txt} -rnw . -e 'millionth'

grep stands for Global Regular Expression Print, it has options

-r or -R is recursive
-n is line number
-w stands for match the whole word.
-l (lower-case L) can be added to just give the file name of matching files
-e is the pattern used during the search

Along with these, --exclude, --include, --exclude-dir flags could be used.

How do I find all files containing specific text on Linux?

Level 8

Find the only line of text that occurs only once in data.txt

sort data.txt | uniq -u

The sort command displays contents of data.txt in lexicographical order, and that output is redirected through the pipe to uniq.

uniq isn’t able to detect the duplicate lines unless they are adjacent to each other. The content in the file must be therefore sorted before using uniq.

Whenever we use redirection or piping, the data is sent anonymously, so output doesn't include file name.

>, save output to a file.
>>, append output to a file.
<, read input from a file.
2>, redirect error messages.
|, send the output from one program as input to another program.

Learn Piping and Redirection

Level 9

Find one of the few human-readable strings in data.txt, preceded by several ‘=’ characters

strings data.txt | grep "="

Simply use grep on the file will not work in this case, because the file content is a cluster of words with no new lines. strings command is different to cat where it ignores blank lines and only prints sequence of 4 or more characters. Try echo abc | strings on the terminal.

Level 10

Decode data.txt, which contains base64 encoded data

base64 --decode data.txt

Level 11

ROT13 ("rotate by 13 places", sometimes hyphenated ROT-13) is a simple letter substitution cipher that replaces a letter with the 13th letter after it in the alphabet. ROT13 is a special case of the Caesar cipher which was developed in ancient Rome.
Because there are 26 letters (2×13) in the basic Latin alphabet, ROT13 is its own inverse; that is, to undo ROT13, the same algorithm is applied, so the same action can be used for encoding and decoding.

Restore data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions

cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m'

alias rot13="tr 'A-Za-z' 'N-ZA-Mn-za-m'"
cat data.txt | rot13

tr stands for translate, translating or deleting characters. tr replaces each letter in set one A-Za-z for both upper and lower case, with set two, i.e. A will be replaced with N, Z replaced by M and so on.

Level 12

Hexdump is a utility that displays the contents of binary files in hexadecimal (Base16), decimal (Base10), octal (Base8), or ASCII.
You can use hexdump to view the contents of a file especially when it contains non printable characters, e.g., an image. Try hexdump --canonical foo.png on the terminal and see what happens.

Restore the file data.txt, which is a hexdump of a file that has been repeatedly compressed

cat data.txt | xxd -r > data

xxd is a Linux command that creates a hexdump for a given file or standard input. It can also convert a hexdump back to its original binary form with the -r option. Here we are piping the output from cat to reverse hexdump, and redirect the output to a new file called data.

file data

The file command displays the format of the new file, and in this exercise there are three types of compression formats used:

gzip compressed data, has file extensions .gz
POSIX tar archive (GNU), has file extensions .tar
bzip2 compressed data, has file extensions.bz

Depending on what format the file command tells us the current file is, we need to use the corresponding decompression command. Before we can apply the decompression, the file has to be renamed with the correct file extension. The system can't guess original name for file.

Take gzip as an example, use mv to rename file:

mv data data.gz

Decompress the data.gz file:

gzip -d data.gz

gzip replaces the input file with decompressed file, you should see the new file without .gz extension.

Repeat the process of file on decompressed output, until the resulting format is ASCII text (at which point you will see it is a RSA .key file, you can login with the ssh private key).

Here are the decompression commands:

gzip -d file.gz
bzip2 -d file.bz
tar -xf file.tar

How Hexdump Work

Level 14

Submit the password of the current level to port 30000 on localhost

echo password | nc localhost 30000

Netcat (or nc ) is a command-line utility that reads and writes data across network connections, using the TCP or UDP protocols.

You can open two terminals, have one listening on port 3000:

nc -l 3000

and the other opens a connection to the port:

nc localhost 3000

The two terminals can now communicate freely.

Level 15

Submit the password of the current level to port 30001 on localhost using SSL encryption

echo password | openssl s_client -ign_eof -connect localhost:30001

OpenSSL is a general purpose cryptography library that provides an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. The Transport Layer Security (TLS) protocol adds a layer of security on top of the TCP/IP transport protocols.

Transport Layer Security (TLS) is the successor protocol to SSL. TLS is an improved version of SSL. It works in much the same way as the SSL, using encryption to protect the transfer of data and information. The s_client command implements a generic SSL/TLS client which connects to a remote host using SSL/TLS.

In this level, we are making an encrypted communication through SSL. The -ign_eof option of s_client inhibit shutting down the connection when end of file is reached in the input, i.e., after we pressed enter.

Level 16

Submit the password of the current level to a port on localhost in the range 31000 to 32000

1.Find which ports are open (have a server listening)

nmap -p 31000-32000 localhost

nmap (Network Mapper) is a network scanner, used to discover hosts and services on a computer network by sending packets and analysing the responses.

Here we performed a port scan (connect to ports) in the specified range of localhost with nmap.

2.Find which open port has ssl enabled
Run the command on each open port, until one of them returns a RSA key:

openssl s_client -connect localhost:port

You can copy and save the key locally in a .key file, and login to next level:

ssh -i bandit17.key bandit17@bandit.labs.overthewire.org -p 2220

3.Resolve ssh "permissions are too open" error
Keys must ONLY be accessible to the user. A quick ls -l on the key file will show that users(u), group (g), and others (o) all have read permission. You can remove the read permission from group and others:

chmod g-r bandit17.key && chmod o-r bandit17.key

or remove all permissions other than user read:

chmod 400 bandit17.key

Level 17

Find the only line that has been changed between passwords.old and passwords.new

diff passwords.old passwords.new

The diff command lets you compare files or directories line by line. To interpret the output from this command

< denotes lines from passwords.old
> denotes lines from passwords.new
42c42 denotes the line number in passwords.old (number on the left) that was changed to the line in passwords.new (number on the right). The letter between the numbers is short for the actions possible on lines (d stands for deletion, a stands for adding and c stands for changing).

To see just the changed line from passwords.new in the output:

diff --changed-group-format='%>' --unchanged-group-format='' passwords.old passwords.new

Level 18

Someone has modified .bashrc to log you out when you log in with SSH

ssh -t bandit18@bandit.labs.overthewire.org -p 2220 /bin/sh

ssh creates a pseudo terminal (pty) on the remote machine, as opposed to a text terminal (tty). The ssh -t command forces the pty to be open with shell /bin/sh. Now we can interact with the machine normally and cat readme.

Alternatively, to get the password out in one line:

ssh -t bandit18@bandit.labs.overthewire.org -p 2220 "cat ~/readme"

DEV Community: Yulin

Netlify proxy ending stream unexpectedly: CORS Introduction

Let's get into the problem

What is CORS?

CORS is flawed..

Only enforced by browsers

Easy to misconfigure

Annoying complexity

Not real protection for your backend

How to Test and Reduce Duplications in GitHub Actions Workflows

Composite actions

Hints

File structure

Specify shell

Matrix Strategy

Reusable workflows

How to test workflows

Resolving dpkg Lock Contention in Ubuntu Deployments

Investigation

Resolving dpkg Lock Contention in Ubuntu Deployments

Glossary

What is dpkg?

What is aptitude?

WSL Error: no space left on device

Efficiency of Programs: What is the Big O Notation?

Orders of Growth: The Big O notation

Case Study: Recursion and Iteration

Conclusion

Why is Functional Programming Important? An Introduction to Computer Science

Why is the idea of function important?

Terminologies

Special Form

Applicative Order Evaluation： evaluate the arguments and then apply

Normal Order Evaluation： fully expand and then reduce

Function as Data: Generalising Patterns

How to Write Clean Code? A Chapter on Functions and Names

What is Clean Code?

Good Practices for Functions

Structure of Functions

What is the Internet? How is Data Transmitted Across Networks?

What is the Internet?

Transmission of Data

Well Known Port Numbers

References

The Most Difficult Syntax in Go for a Programming Newbie

Pointers

Pass by values

Pass by pointers

Empty Interface

Empty Struct

Concurrency

Shared Memory

Message Passing

Make Channels

Open a thread

Side Notes on Go Map

Useful resources & References

OverTheWire Natas Levels 0-11 Thinking Out Loud

Table of Contents

Level 0

Level 1

Level 2

Level 3

Level 4

Level 5

Level 6

Level 7

Level 8

Level 9

Reference

Level 10

Level 11

Find key

Show password

New cookie data

OverTheWire Bandit Levels 19-34 Hints and Notes

Table of Contents

Level 19

Level 20

Level 21