Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "begginer"
-
When you realize you've been practicing C++ for over a year and you're still browsing "Begginer" blogs.4
-
it's really java so bad? it's JEE getting deprecated? i am just learning java and i'm afraid of learn something that's turning obsolete😢26
-
i always thought that making a simple game is easy until i saw the source code for the dynosaur game you have in chrome when your internet is down7
-
just found out a vulnerability in the website of the 3rd best high school in my country.
TL;DR: they had burried in some folders a c99 shell.
i am a begginer html/sql/php guy and really was looking into learning a bit here and there about them because i really like problem solving and found out ctfs mainly focus on this part of programming. i am a c++ programmer which does school contest like programming problems and i really enjoy them.
now back on topic.
with this urge to learn more web programming i said to myself what other method to learn better than real life sites! so i did just that. i first checked my school site. right click. inspect element. it seemed the site was made with wordpress. after looking more into the html code for the site i concluded all the images and files i could see on the site were from a folder on the server named 'wp-content/uploads'. i checked the folder. and here it got interesting. i did a get request on the site. saw the details. then i checked the site. bingo! there are 3 folders named '2017', '2018', '2019'. i said to myself: 'i am god.'
i could literally see all the announcements they have made from 2017-2019. and they were organised by month!!! my curiosity to see everything got me to the final destination.
with this adrenaline i thought about another site. in my city i have the 3rd most acclaimed high school in the country. what about checking their security?
so i typed the web address. looked around. again, right click, inspect element and looked around the source code. this time i was more lucky. this site is handmade!!! i was soooo happy because with my school's site i was restricted with what they have made with wordpress and i don't have much experience with it.
amd so i began looking what request the site made for the logos and other links. it seemed all the other links on the site were with this format: www.site.com/index.php?home. and i was very confused and still am. is this referencing some part of the site in the index.php file? is the whole site written inside the index.php file and with the question mark you just get to a part of the site? i don't really get it.
so nothing interesting inside the networking tab, just some stylesheets for the site's design i guess. i switched to the debugger tab and holy moly!! yes, it had that tree structure. very familiar. just like a project inside codeblocks or something familiar with it. and then it clicked me. there was the index.php file! and there was another folder from which i've seen nothing from the network tab. i finally got a lead!! i returned in the network tab, did a request to see the spgm folder and boooom a site appeared and i saw some files and folders from 2016. there was a spgm.js file and a spgm.php file. there was a contrib, flavors, gal and lang folders. then it once again clicked me! the lang folder was las updated this year in february. so i checked the folder and there were some files named lang with the extension named after their language and these files were last updated in 2016 so i left them alone. but there was this little snitch, this little 650K file named after the name of the school's site with the extension '.php' aaaaand it was last modified this year!!!! i was so excited! i thought i found a secret and different design of the site or something completely else! i clicked it and at first i was scared there was this black/red theme going on my screen and something was a little odd. there were no school announcements or event, nononoooo. this was still a tree structured view. at the top of the site it's written '!c99Shell v. 1.0...'
this was a big nono. i saw i could acces all kinds of folders. then i switched to the normal school website and tried to access a folder i have seen named userfiles and got a 403 forbidden error. wopsie. i then switched to the c99 shell website and tried to access the userfiles folder and my boy showed all of its contents. it was nakeeed naked. like very naked. and in the userfiles folder there were all, but i mean ALL files and folders they have on the server. there were a file with the salary of each job available in the school. some announcements. there was a list with all the students which failed classes. there were folders for contests they held. it was an absolute mess and i couldn't believe it.
i stopped and looked at the monitor. what have i done? just to learn some web programming i just leaked the server of the 3rd most famous high school in my country. image a black hat which would have seriously caused more damage. currently i am writing an email to the school to updrage their security because it is reaaaaly bad.
and the journy didn't end here. i 'hacked' the site 2 days ago and just now i thought about writing an email to the school. after i found i could access the WHOLE server i searched for the real attacker so if you want to knkw how this one went let me know in the comments.
sorry for the long post, but couldn't held it anymore13 -
How did you learn to think "like a programmer"?
I am starting to learn C++ and I am trying it out on exercism. I am really at the beggining but when I make it work after so much frustration(based on devrant posts I guess that's part of the job) I always see people having shorter/better/more effective codes which makes sense to me but I wouldn't thought of it that way.
Is there way to make such thinking better or does it simply come with practice ?6 -
Hello developers!!
I just wanted to know from where I can learn OOP skills from scratch? Suggest me some good tutorials available on YT ;-;6 -
for android mobile dev
do we really need to learn retrofit?i know that is part of RestApi, but retrofit is really hard to learn and less tutorial about it,maybe if anyone good information its really helpfull for begginer like me,thanks.8 -
So I started learning html, css and javascript this year... After getting stuck in understanding a few concepts I started learning a little of sql and Java...
Now after a few begginer tutorials I have no idea where to go or what to dedicate my studies...
Most companies around my city use Java, but I'm already 29 years old and I feel like this will be a problem... Should I focus on learning frameworks and try big companies internships, or go for web development and start working on my own?5 -
spring or spring boot for begginer? I'd be grateful for some up-to-date tutorials because most of popular spring tutorials were released in ~2013-2015 and I think it may be obsolete a bit2
-
I always wanted to learn web development and I choose django because I know python and everyone says it's begginer friendly.But the problem is when ever I start watching videos on youtube or read django tutorial on mozilla, I feel like I am mugging some code from the internet. It doesn't feel intresting at all.It may get the job done, but I want to understand how things work behind the scenes. I want to learn ground up.I want to know how I can understand the behind the scenes of web development?2