Home Blog Page 3855

Uniquely figuring out views – The.Swift.Dev.

codesanitize
-
0
Uniquely figuring out views – The.Swift.Dev.



· 1 min learn

Learn to use string primarily based UIView identifiers as a substitute of tags. If you’re uninterested in tagging views, try these various options.

First strategy: accessibility to the rescue!

Lengthy story quick, I used to be fairly uninterested in tagging views with silly quantity values, so I seemed for a greater various resolution to repair my drawback. Because it turned out, there’s a property referred to as accessibilityIdentifier that may do the job.

extension UIView {

    var id: String? {
        get {
            return self.accessibilityIdentifier
        }
        set {
            self.accessibilityIdentifier = newValue
        }
    }

    func view(withId id: String) -> UIView? {
        if self.id == id {
            return self
        }
        for view in self.subviews {
            if let view = view.view(withId: id) {
                return view
            }
        }
        return nil
    }
}

I made a easy extension across the UIView class, so now I can use a correct string worth to uniquely determine any view object within the view hierarchy. It’s fairly a pleasant resolution, now I can title my views in a very nice means. As a free of charge storing the title underneath the accessibilityIdentifier will profit your UI checks. 😉

Second strategy: utilizing enums

The primary concept is to have an Int primarily based enum for each view identifier, so principally you should utilize the tag property to retailer the enum’s rawValue. It’s nonetheless not so good because the one above, but it surely’s far more secure than counting on pure integers. 😬

enum ViewIdentifier: Int {
    case submitButton
}

extension UIView {

    var identifier: ViewIdentifier? {
        set {
            if let worth = newValue {
                self.tag = worth.rawValue
            }
        }
        get {
            return ViewIdentifier(rawValue: self.tag)
        }
    }

    func view(withId id: ViewIdentifier) -> UIView? {
        return self.viewWithTag(id.rawValue)
    }
}

Actually I simply got here up with the second strategy proper after I copy & pasted the primary snippet to this text, however what the heck, perhaps another person will prefer it. 😂

In case you have a greater resolution for this drawback, be at liberty to share it with me.

Associated posts

On this article I’ve gathered my high 10 favourite trendy UIKit suggestions that I would undoubtedly wish to know earlier than I begin my subsequent mission.

Learn to construct advanced kinds with my up to date assortment view view-model framework with out the wrestle utilizing Swift.

Do you wish to discover ways to load a xib file to create a customized view object? Nicely, this UIKit tutorial is only for you written in Swift.

Just a bit recommendation about creating customized view programmatically and the reality about why kind constructing with assortment views sucks.

Chinese language Hackers Exploit Zero-Day Cisco Swap Flaw to Achieve System Management

codesanitize
-
0
Chinese language Hackers Exploit Zero-Day Cisco Swap Flaw to Achieve System Management


Aug 22, 2024Ravie LakshmananCommunity Safety / Zero-Day

Chinese language Hackers Exploit Zero-Day Cisco Swap Flaw to Achieve System Management

Particulars have emerged a couple of China-nexus risk group’s exploitation of a not too long ago disclosed, now-patched safety flaw in Cisco switches as a zero-day to grab management of the equipment and evade detection.

The exercise, attributed to Velvet Ant, was noticed early this yr and concerned the weaponization of CVE-2024-20399 (CVSS rating: 6.0) to ship bespoke malware and achieve intensive management over the compromised system, facilitating each knowledge exfiltration and chronic entry.

“The zero-day exploit permits an attacker with legitimate administrator credentials to the Swap administration console to flee the NX-OS command line interface (CLI) and execute arbitrary instructions on the Linux underlying working system,” cybersecurity firm Sygnia stated in a report shared with The Hacker Information.

Cybersecurity

Velvet Ant first caught the eye of researchers on the Israeli cybersecurity firm in reference to a multi-year marketing campaign that focused an unnamed group situated in East Asia by leveraging legacy F5 BIG-IP home equipment as a vantage level for establishing persistence on the compromised atmosphere.

The risk actor’s stealthy exploitation of CVE-2024-20399 got here to gentle early final month, prompting Cisco to concern safety updates to launch the flaw.

Chinese Hackers

Notable among the many tradecraft is the extent of sophistication and shape-shifting techniques adopted by the group, initially infiltrating new Home windows techniques earlier than shifting to legacy Home windows servers and community gadgets in an try and fly beneath the radar.

“The transition to working from inner community gadgets marks one more escalation within the evasion methods used so as to make sure the continuation of the espionage marketing campaign,” Sygnia stated.

The newest assault chain entails breaking right into a Cisco swap equipment utilizing CVE-2024-20399 and conducting reconnaissance actions, subsequently pivoting to extra community gadgets and finally executing a backdoor binary via a malicious script.

Cybersecurity

The payload, dubbed VELVETSHELL, is an amalgamation of two open-source instruments, a Unix backdoor named Tiny SHell and a proxy utility referred to as 3proxy. It additionally helps capabilities to execute arbitrary instructions, obtain/add information, and set up tunnels for proxying community site visitors.

“The modus-operandi of ‘Velvet Ant’ highlights dangers and questions relating to third-party home equipment and purposes that organizations onboard,” the corporate stated. “Because of the ‘black field’ nature of many home equipment, every bit of {hardware} or software program has the potential to show into the assault floor that an adversary is ready to exploit.”

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.



Elon Musk stopped paying {hardware} payments after Twitter acquisition, new lawsuit claims

codesanitize
-
0
Elon Musk stopped paying {hardware} payments after Twitter acquisition, new lawsuit claims


A sizzling potato: Controversial web persona Elon Musk is as soon as once more dealing with authorized troubles following his acquisition of Twitter, which he rebranded as X. The social community allegedly didn’t pay for customized {hardware} as beforehand agreed, and now an Asian provider is looking for a jury trial to recuperate the prices.

Infrastructure producer Wiwynn has filed a lawsuit in opposition to X for $120 million in unpaid {hardware} payments. The Taiwanese firm offered customized {hardware} options for the social community over an eight-year interval underneath a “Grasp Buy Settlement” signed with Twitter in September 2014. Nonetheless, following Elon Musk’s acquisition of Twitter in 2022, Wiwynn has not obtained any funds since November 2022.

In response to the criticism, Wiwynn collaborates straight with prospects to design and ship custom-made information middle and computing options. Below the Grasp Buy Settlement with Twitter, Wiwynn would submit an inventory of required {hardware} components for approval. After receiving approval, the corporate would buy the parts, and Twitter would make common funds for the ultimate merchandise.

Following Musk’s takeover, nonetheless, Twitter “abruptly stopped” making funds and ceased responding to Wiwynn’s makes an attempt to achieve out. Wiwynn managed to cancel deliberate purchases for $40 million price of parts earlier than supply and resell or repurpose already acquired parts to recuperate a further $19 million. The corporate is now looking for compensation from X and Musk for the remaining unsold parts.

The customized {hardware} setups Wiwynn constructed for Twitter are usually not simply marketable, so the corporate is asking a jury to find out how a lot X ought to pay in compensation. Wiwynn is looking for to recuperate not less than $61 million in damages plus curiosity.

Wiwynn’s lawsuit provides to the mounting authorized troubles Musk has confronted since buying Twitter. The businessman is accused of halting funds to suppliers and landlords following the controversial deal. In response to a lawsuit filed by a Twitter investor, Musk allegedly said he would pay lease for the corporate’s workplace “over his useless physique.”

Earlier this month, X was ordered to pay round $600,000 to a former Twitter government who failed to answer an e mail from Musk. Moreover, former Twitter chairman Omid Kordestani has sued X for over $20 million, and former CEO Parag Agrawal is looking for greater than $128 million in unpaid severance. With these ongoing points, X seems more and more like a bottomless cash pit, whereas Musk stays preoccupied along with his efforts to sue promoting firms for his or her reluctance to do enterprise with X once more.

finder – take away a file which identify appears to be “.” on an SMB share?

codesanitize
-
0
finder – take away a file which identify appears to be “.” on an SMB share?


Overview

Incorrect specification of an argument in a commandline instrument (particulars under) has led to the creation of a file actually named “.”. I’ve already discovered that immediately making an attempt to delete in Finder will set off deletion of all content material within the containing folder (happily this can be a momentary folder), however nonetheless not the “.” file itself. Furthermore, no folders containing this file might be efficiently deleted, neither with Finder nor from bash/zsh shell.

How can one truly delete (or rename) such a file?

Makes an attempt to delete from zsh

For instance:

mytmp % ls -hal
whole 65
drwx------  1 consumer  employees    16K Aug 21 11:20 .
-rwx------  1 consumer  employees     0B Aug 21 09:51 .
drwx------  1 consumer  employees    16K Aug 16 16:30 ..

mytmp % ls -aB
.   .   ..

mytmp % rm -rf '.'                   
rm: "." and ".." might not be eliminated

mytmp % cd ..

scratch % rm -rf mytmp
rm: mytmp: Permission denied

scratch % sudo rm -rf mytmp
rm: mytmp: Permission denied

I’ve additionally tried variations with out -r, since actually it’s the non-directory model that’s to be deleted.

I moreover tried the suggestion of @bmike to use the inode. Whereas we are able to determine the inode, the deletion doesn’t seem to work:

scratch % ls -ila mytmp
whole 65
8056451580272514705 drwx------  1 consumer  employees  16384 Aug 21 11:20 .
8652239633868421122 -rwx------  1 consumer  employees      0 Aug 21 09:51 .
                  2 drwx------  1 consumer  employees  16384 Aug 21 11:43 ..

scratch % discover mytmp -inum 8652239633868421122 -delete

## no change
scratch % ls -ila mytmp
whole 65
8056451580272514705 drwx------  1 consumer  employees  16384 Aug 21 11:20 .
8652239633868421122 -rwx------  1 consumer  employees      0 Aug 21 09:51 .
                  2 drwx------  1 consumer  employees  16384 Aug 21 11:43 ..

Is it actually named “.”?

@nohillside proposed to delimit the listings with x and y to see if it actually is called “.”. From bash:

bash-3.2$ for i in .*; do echo x${i}y; carried out
x.y
x.y
x..y

Seems so.

@fd0 instructed printing non-printing characters with cat -vet. From bash:

bash-3.2$ ls -1a | cat -vet
.$
.$
..$

Once more, appears identically named.

@nohillside Prompt operating a Python server from the listing and show its listing itemizing:

Directory listing from Python server is empty

Further Background

The folder is on a community Quantity, format SMB (OS X).

The instrument that resulted on this was haplogrep, a Java-based CLI. One can set up it by Conda by way of

conda set up -c conda-forge -c bioconda haplogrep

The subcommand used was haplogrep classify, which has the next choices:

mytmp % haplogrep classify

mtDNA Haplogroup Classifiction v2.4.0
https://github.com/seppinho/haplogrep-cmd
(c) Sebastian Schönherr, Hansi Weissensteiner, Lukas Forer, Dominic Pacher
[email protected]

[classify]
Lacking required choices: '--input=', '--output=', '--format='
Utilization: haplogrep classify [--chip] [--extend-report] [--rsrs]
                          [--skip-alignment-rules] [--write-fasta]
                          [--write-fasta-msa] --format=
                          [--hetLevel=] [--hits=] --in=
                          [--lineage=] [--metric=] --out=
                          [--phylotree=]
      --chip                VCF knowledge from a genotype chip
                              Default: false
      --extend-report       Add flag for a prolonged closing output
                              Default: false
      --format=     Specify enter file format: vcf, fasta or hsd
      --hetLevel= Add heteroplasmies with a degree > X from the VCF
                              file to the profile (default: 0.9)
      --hits=         Calculate greatest n hits
      --in, --input=    Enter VCF, fasta or hsd file
      --lineage=   Export lineage info as dot file, n0=no
                              tree, 1=with SNPs, 2=solely construction, no SNPs
      --metric=     Specifiy different metrics (hamming or jaccard) than
                              default (kulczynski)
      --out, --output= Output file location
      --phylotree=    Specify phylotree model
      --rsrs                Use RSRS Model
                              Default: false
      --skip-alignment-rules
                            Skip mtDNA nomenclature fixes based mostly on guidelines for
                              FASTA import
                              Default: false
      --write-fasta         Write leads to fasta format
                              Default: false
      --write-fasta-msa     Write a number of sequence alignment (_MSA.fasta)
                              Default: false

I misinterpreted the “Output file location” description of the --out argument as asking for a path, main me to make use of --out . and thus leading to making a file named “.”.

Renaming

The file itself can’t be renamed in Finder or with mv, nevertheless, the containing folder might be renamed.

Time to problem your self within the 2024 Google CTF

codesanitize
-
0
Time to problem your self within the 2024 Google CTF


It’s Google CTF time! Set up your instruments, commit your scripts, and clear your schedule. The competitors kicks off on June 21 2024 6:00 PM UTC and runs by June 23 2024 6:00 PM UTC. Registration is now open at goo.gle/ctf.

Be a part of the Google CTF (at goo.gle/ctf), an exhilarating enviornment to showcase your technical prowess. The Google CTF consists of a set of pc safety puzzles (or challenges) involving reverse-engineering, reminiscence corruption, cryptography, internet applied sciences, and extra. Contributors can use obscure safety information to seek out exploits by bugs and inventive misuse, and with every accomplished problem your workforce will earn factors and transfer up by the ranks. 

The highest 8 groups of the Google CTF will qualify for our Hackceler8 competitors going down in Málaga, Spain later this 12 months as part of our bigger Escal8 occasion. Hackceler8 is our experimental esport-style hacking recreation competitors, custom-made to combine CTF and speedrunning. 

Screenshot from final 12 months’s Hackceler8 recreation

Within the competitors, groups want to seek out intelligent methods to abuse the sport options to seize flags as rapidly as doable.

Final 12 months, groups assumed the position of Bartholomew (Mew for brief), the fuzzy and lovable protagonist of Hackceler8 2023, set to defeat and overcome the evil rA.Ibbit taking up Silicon Valley! What adventures will Mew encounter this 12 months? See the 2023 grand remaining to get a way of the story and gameplay. The prize pool for this 12 months’s Google CTF and Hackceler8 stands at greater than $32,000.

Itching to get began early? Need to be taught extra, or get a leg up on the competitors? Evaluate challenges from earlier years, together with earlier Hackceler8 matches, all open-sourced right here. Or acquire inspiration by binge watching hours of Hackceler8 2023 movies!

If you’re simply beginning out on this house, try our documentary H4CK1NG GOOGLE, it’s a good way to get acquainted with safety. We additionally advocate testing this 12 months’s Newbie’s Quest that’ll be launching later this summer time which can educate you a number of the instruments and tips with less complicated gamified challenges. For instance, final 12 months we explored hacking by time – you should utilize this to arrange for what’s but to return.

Whether or not you’re a seasoned CTF participant or simply interested in cybersecurity and moral hacking, we need to invite you to affix us. Join the Google CTF to broaden your ability set, meet new pals within the safety group, and even watch the professionals in motion. For the newest bulletins, see goo.gle/ctf, subscribe to our mailing record, or observe us on Twitter @GoogleVRP. Excited by bug looking for Google? Try bughunters.google.com. See you there!



1...3,8543,8553,856...4,068Page 3,855 of 4,068
© Newspaper WordPress Theme by TagDiv