help@cyb4rgeek.xyz

+1 (512) 588 6950

Advent of Cyber 2022 [Day 17] Secure Coding | Filtering for Order Amidst Chaos

Home/Advent of Cyber 2022 [Day 17] ...
Advent of Cyber 2022 [Day 17] Secure Coding | Filtering for Order Amidst Chaos

HTML5 and Regex

HTML5’s built-in features help a lot with the validation of user-provided input, minimizing the need to rely on JavaScript for the same objective.

The <input> element specifically has an array of very helpful capabilities centered around form validation.

The <input> type, which can be set to specifically filter for an email, a URL, or even a file, among others, promptly checks whether or not the user-provided input fits the type of data that the form is asking for, and so, feedback on its validity is immediately returned to the user as a result.

For even more granular control of the input being provided, regular expressions (regex) can be integrated into the mix. Simply use it in the “pattern” attribute within the <input> element and you’re all set.

Here is a nice resource to get started with regular expressions. A couple of examples are shown below.

1. <input type="text" id="uname" name="uname" pattern="[a-zA-Z0-9]+">
2. <input type="email" id="email" name="email" pattern=".+@0dayinventions\.com">

Start the Machine, Navigate into the RegExPractice Folder and then right -click → Open in Terminal

1. Filtering for Usernames: How many usernames fit the syntax above?

We Have to use the Regular Expressions as per their Structure for Username

9z8yMc9T
31337aq
39C3qxP
R6fUTY2nC8
9Qe5f4
User35
u3Y73h3
5Xze553j
Ans: 8

2. Filtering for Usernames: One username consists of a readable word concatenated with a number. What is it?

Ans: User35

3. Filtering for Emails: How many emails fit the syntax above?

egrep ‘.+@.+\.com’ strings
br33zy@gmail.com
lewisham44@amg.com
johnny.the.sinner@yahoo.com
badyeti@gmail.com
maxximax@fedfull.com
jklabada@tryhackme.com
johnny.the.sinner@yahoo.com
hunter4k@canary.com
hussain.volt@hotmail.com
marckymarc@tryhackme.com
batteryvoltas@alfa.com
Ans: 11

4. Filtering for Emails: How many unique domains are there?

Ans: 11

5. Filtering for Emails: What is the domain of the email with the local-part “lewisham44”?

Ans: amg.com

6. Filtering for Emails: What is the domain of the email with the local-part “maxximax”?

Ans: fedfull.com

7. Filtering for Emails: What is the local-part of the email with the domain name “hotmail.com”?

Ans: hussain.volt

8. Filtering for URLs: How many URLs fit the syntax provided?

egrep '^http(s)?.{3}(www)?.+\..+$' strings
http://www.sample.net/blood?ghost=force
http://keebler.com/dicta-tempore-id-dolores-blanditiis-ut.html
http://koch.com/quae-perspiciatis-non-unde-quo
http://johns.net/nisi-quis-dolorum-et-rerum
https://www.sample.edu/#fire
http://www.sample.info/?mint=trouble&action=move
https://www.sample.org/?quiet=expansion&grip=eggnog
http://spencer.com/sapiente-tempore-omnis-a-est-aut-atque-pariatur
http://pfeffer.biz/nulla-non-facilis-incidunt-necessitatibus-velit-inventore
https://www.kertzmann.com/possimus-ullam-consequatur-itaque-sed-modi-aliquam
https://www.sample.com/?air=color&cave=judge#shake
http://schinner.com/quia-vitae-qui-explicabo-provident-minima-ratione.html
https://runolfsson.com/esse-ab-rerum-et-quis-aut.html
https://www.moen.com/explicabo-exercitationem-culpa-et-eum-temporibus
https://horse.sample.com/shape/company?mom=collar#donkey
http://batz.com/reprehenderit-voluptate-id-soluta-tenetur
Ans: 16

9. Filtering for URLs: How many of these URLs start with “https”?

Count the Number of URLs starts with https

Ans: 7

Thank you for Reading!!

Happy Hacking ~

Queries:

THM , TryHackMe , TryHackMe Advent of Cyber 2022 , TryHackMe Advent of Cyber 4 Day 17, Ethical Hacking , Write up , Walk through , TryHackMe Advent of Cyber 2022 Day 17 Answers

Leave a Reply