Friday 15 September 2017

Difference between del, remove and pop on lists in python.


remove removes the first matching value:
>>> a = [0, 2, 3, 2]
>>> a.remove(2)
>>> a
[0, 3, 2]
del removes a specific index:
>>> a = [3, 2, 2, 1]
>>> del a[1]
[3, 2, 1]
and pop returns the removed element:
>>> a = [4, 3, 5]
>>> a.pop(1)
3
>>> a
[4, 5]
Their error modes are different too:
>>> a = [4, 5, 6]
>>> a.remove(7)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ValueError: list.remove(x): x not in list
>>> del a[7]
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
IndexError: list assignment index out of range
>>> a.pop(7)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
IndexError: pop index out of range



pop : Takes Index & returns Value



remove : Takes value, removes first occurrence and returns nothing



delete : Takes index, removes value at that index and returns nothing
Posted by No comments:
Labels: ,

What is a CSRF token? how does it work?

Cross-Site Request Forgery (CSRF)


CSRF token is for transferring data on 1 web to other securely. 

  • Assume you are currently logged into your online banking at www.personolbank.com
  • Assume a money transfer from personolbank.com will result in a request of (conceptually) the form http://www.personolbank.com/transfer?to=<SomeAccountnumber>;amount=<SomeAmount>. (Your account number is not needed, because it is implied by your login.)
  • You visit www.paymentdesk.org, not knowing that it is a malicious site.
  • If the owner of that site knows the form of the above request (easy!) and correctly guesses you are logged into personolbank.com (requires some luck!), they could include on their page a request like http://www.personolbank.com/transfer?to=123456;amount=20000 (where 123456 is the number of their Cayman Islands account and 10000 is an amount that you previously thought you were glad to possess).
  • You retrieved that www.paymentdesk.org page, so your browser will make that request.
  • Your bank cannot recognize this origin of the request: Your web browser will send the request along with your www.personolbank.com cookie and it will look perfectly legitimate. There goes your money!
This is without CSRF tokens.
Now for the better one with CSRF tokens:
  • The transfer request is extended with a third argument: http://www.personolbank.com/transfer?to=123456;amount=10000;token=31415926535897932384626433832795028841971.
  • That token is a huge, impossible-to-guess random number that mybank.com will include on their own web page when they serve it to you. It is different each time they serve any page to anybody.
  • The attacker is not able to guess the token, is not able to convince your web browser to surrender it (if the browser works correctly...), and so the attacker will not be able to create a valid request, because requests with the wrong token (or no token) will be refused by www.personolbank.com.

In order to prevent that, django will send a random key both in cookie, and form data. Then, when users POSTs, it will check if two keys are identical. In case where user is tricked, 3rd party website cannot get your site's cookies, thus causing auth error
Posted by No comments:
Labels:

Thursday 27 July 2017

Installation of libimobiledevice on MAC,Windows and Linux

Windows:

 To install the libimobiledevice in windows system. please download the zip file by click here
After download zip file, extract files in a folder at particular location. Add this location in environment variable.

Environment variable(Right click on computer->properties->Advanced system settings left side panel->Advance tab->environment variables)


Keep this location in PATH environment variable.

Verify using below command like

ideviceinstaller -i <ipa path>

Linux:

 Provides a native Windows build (using the Visual C++ compiler) of libimobiledevice, as well as continuous integration (CI) builds of libimobiledevice for Ubuntu, CentOS and RedHat Linux and macOS.

 Download the file from here by click here

How to get the latest binaries
The binaries for libimobiledevice are available as:
For Ubuntu Linux, run the following commands as root:
sudo add-apt-repository ppa:quamotion/ppa
sudo apt-get update
apt-get install libimobiledevice
For RedHat Linux, run the following commands as root:
cd /etc/yum.repos.d/
wget http://download.opensuse.org/repositories/home:qmfrederik/RHEL_7/home:qmfrederik.repo
yum install libimobiledevice
For CentOS Linux, run the following commands as root:
cd /etc/yum.repos.d/
wget http://download.opensuse.org/repositories/home:qmfrederik/CentOS_7/home:qmfrederik.repo
yum install libimobiledevice

MacOS (iOS):

 Download the file from here by click here

Installation
============

To compile run:
 ./autogen.sh
 make
 sudo make install

If you require a custom prefix or other option being passed to ./configure
you can pass them directly to ./autogen.sh like this:
        ./autogen.sh --prefix=/opt/local --enable-debug-code
        make
        sudo make install

By default, OpenSSL will be used. If you prefer GnuTLS, configure with
 --disable-openssl like this:
 ./autogen.sh --disable-openssl



OR



Install libimobiledevice:









1) brew uninstall libimobiledevice







2) brew install --HEAD libimobiledevice







Install ideviceinstaller:





             brew install -v -devel --fresh automake autoconf libtool wget libimobiledevice openssl



             brew install -v --HEAD --fresh --build-from-source ideviceinstaller















Posted by






1 comment:
  

















Labels:
,
















        

      









Subscribe to:
Posts (Atom)