The Be Sure Blog

Code Snippets | Problem Solving | Tips & Tricks

The Be Sure Blog banner

Welcome to the Be Sure Blog! This is a coding playground to test the latest features of Next.js and Node.js in a self hosted fashion. At the same time this blog gathers useful information about coding related topics. Content usage at own risk, please do your own research!

Post Search

Latest Posts

Run Google Chrome without CORS

How to disable CORS in Chrome

CORS

Browsing localhost:3000 with Burp Suite

Fix "ERROR Failed to connect to localhost:3000"

Burp Suite

Can't log in to iCloud with the correct password?

A nasty bug on older versions on MacOS - here is the solution

MacOS

Fix: Failed to write .IAPhysicalMedia cookie to disk

This error occured during the creation of a bootable usb

MacOS

Categories

.NET

Angular

Bash

Blazor

Burp Suite

C#

CORS

CSS

Cyber Security

GitHub

Gobuster

Hack The Box

Hashcat

JavaScript

Kali Linux

Linode

MacOS

MySQL

Next.js

Nginx

Nmap

Node.js

npm

NuGet

Nuxt

PHP

PM2

Postman

React

smbclient

Strapi

TypeScript

Ubuntu

Vue.js

Windows

All Posts

A nice little game to learn CSS Flexbox

Learn how to use Flexbox by playing a browser game

CSS

Recovery Mode shortcut for a 2012 MacBook Pro

Use this keyboard shortcut to boot into recovery mode

MacOS

Useful PM2 commands for Linux

PM2 is a well working process manager for the Node.js runtime

PM2

How to create a shortcut file to run bash commands

Need to connect to a server with SSH frequently? Here is how to do it!

MacOS

How I fixed "Parsing error: DeprecationError"

'originalKeywordKind' has been deprecated since v5.0.0 (...)

Next.js

MonitorsTwo: Use two exploits, crack the BCrypt hash and escalate privileges

Get a reverse shell, break out of a Docker container and get the flags

Hack The Box

Topology: Use LaTeX Injection and Hashcat

Get the credentials and crack the password hash to get the flags

Hack The Box

Hashcat: Advanced password recovery

Recover passwords from various hash types with the fastest tool

Hashcat

Configure Kali to use the MacBook keyboard

Set up the correct layout and make the cmd button work

Kali Linux

Pilgrimage: Use various exploits to get the two flags

Git Repo Dump, Arbitrary File Read, Remote Code Execution

Hack The Box

Installing Google Chrome on a Kali Linux machine

How to install the Google browser on Kali

Kali Linux

Sau: Use Server Side Request Forgery to pwn the machine

Exploit known vulnerabilities and capture the flags

Hack The Box

Installing Homebrew on a M2 MacBook Air from 2022

How to fix: zsh: command not found: brew

MacOS

Install a MySQL database with these few steps

How to create a relational database in Ubuntu

MySQL

Installing Postman on Kali Linux

Follow these steps to install the API testing tool on Kali

Kali Linux

Getting started with Strapi, create a first post and make it public

My first steps with the Node.js based headless CMS

Strapi

How I fixed the auto scroll bug of ReactQuill

Quill is a nice WYSIWYG text editor, but had a weird scroll bug

React

Base: PHP Type Juggling, Arbitrary File Upload, clear text credentials

Use BurpSuite, Netcat, SSH, Gobuster and PHP to get a reverse shell

Hack The Box

Markup: Use XXE Injection and privilege escalation to get the flag

Nmap, BurpSuite, Ncat, default credentials and misconfigurations

Hack The Box

Installing Kali Linux on a 2012 Macbook Pro

How to switch from MacOS to Kali Linux on the A1398

Kali Linux

Create a Desktop shortcut to run bash commands on click

In my case I needed a one click solution to SSH into my server

Windows

Troubleshoot why a PM2 process errors

Some helpful commands and logs to look at to identify the issue

PM2

Create a fully functional contact form with EmailJS

Create a captcha, the actual contact form and make it work in Angular 16

Angular

How to initialize a new Angular project

Starting from zero might be troubling, as it was for me as a React dev

Angular

The non JavaScript solution for a typing animation

Create a typewriter animation with only HTML and CSS!

CSS

Disabling the auto restart of PM2 processes

Sometimes the server would run out of ressources, this is how i fixed it

PM2

Included: Local file inclusion, reverse shell and privilege escalation

Use TFTP, get a reverse shell, build and upload an Alpine image with root

Hack The Box

Pennyworth: Remote command execution vulnerability

Default credentials help us to execute Groovy Script code to get a reverse shell

Hack The Box

Tactics: Get the flag via Samba Client or psexec.py

Browse the Windows shares with default credentials and extract the flag

Hack The Box

Bike: Exploit a Node.js template engine vulnerability

Insert malicious code to leave the sandbox and get the flag!

Hack The Box

Funnel: Use local port forwarding to access the PostgreSQL DB

Since we can't interact with the DB directly, we use tunneling

Hack The Box

Synced: Use Rsync to browse public shares

Rsync is a fast file copying tool. We will use it to download the flag

Hack The Box

Ignition: Use Gobuster and a common used password

Modify the hosts file, do dir busting and try common passwords to get the flag

Hack The Box

Gobuster: The brute force security tool

Bruteforce URIs, subdomains, virtual host names, cloud buckets and TFTP servers

Gobuster

Explosion: Use xfreerdp to connect to the service

Make use of the poorly configured service and get the flag

Hack The Box

Preignition: Use Gobuster and default credentials

Gobuster is used to find the login page of the server by dir busting

Hack The Box

Mongod: Use the MongoDB cli to get the flag

MongoDB is a NoSQL database. Use the mongo cli to pwn the machine

Hack The Box

Nmap: The Network Mapper

A selection of helpful commands for the usage of Nmap

Nmap

Samba Client: How to talk to SMB/CIFS servers

Smbclient can be used to access drive shares via the command line interface

smbclient

Unified: Exploit Log4j, modify a MongoDB entry and get the flags

Log4j exploitation, HTTP request modification & privilege escalation

Hack The Box

Vaccine: Pwn the machine (zip2john, hashcat, sqlmap)

Crack the .zip archive, use sql injection and escalate your privileges to get the flags

Hack The Box

Oopsie: Modify the login cookie, escalate privileges and get the flag!

Upload a PHP reverse shell, get user and then root privileges to pwn the machine

Hack The Box

Three: Get a reverse shell via AWS S3

Use Nmap, Gobuster, Ncat, PHP and the AWS CLI to capture the flag

Hack The Box

Archetype: From user to admin

Make good use of nmap, smbclient, mssqlclient, xp_cmdshell, winPEAS & psexec

Hack The Box

How to increase the Swap Memory size in Ubuntu

When 512mb are not enough, why not change it to 2gb?

Ubuntu

How i finally fixed "sh: 1: next: not found"

My release pipeline failed constantly and it took me three hours to figure out the issue

Next.js

Responder: Crack the password hash and login as admin

Use Nmap, modify the hosts file and exploit LFI to grab the hash and crack it

Hack The Box

Crocodile: Capture the flag! (FTP, Gobuster)

Get credentials via the open FTP port and use Gobuster to find the login file

Hack The Box

Appointment: Use SQL-Injection to pwn the machine

How to extract the flag by logging in without a password

Hack The Box

Sequel: Access a MariaDB instance with default credentials

Scan for the open ports, log into the database and get the flag!

Hack The Box

Meow: How to pwn the machine (Nmap, Telnet)

Use nmap and telnet to get the flag

Hack The Box

Fawn: Pwn the machine (FTP)

Find the open FTP port and extract the flag!

Hack The Box

Dancing: Pwn the machine (SMB)

How to retrieve the flag with SMB (Server-Message-Block)

Hack The Box

Redeemer: Pwn the machine and capture the flag (Redis)

How to get the flag from the Redis database

Hack The Box

Delete files and folders from GitHub history

How I deleted a folder from the GitHub history of a repository

GitHub

Scroll to the page top after rendering a React component

Fix the annoying SPA issue and scroll to the top!

React

Add Telerik credentials with PowerShell

If the UI way does not work, using PowerShell may be the solution

NuGet

CI/CD: How I finally fixed "err: npm WARN EBADENGINE"

Running the same .sh script may deliver two different results, not anymore!

GitHub

Manually remove iOS backups from a mac computer

How to locate and remove iOS backups from a mac

MacOS

How to clear the cache of a Next.js application

How to create a fresh build without any cached data

Next.js

Find and change NuGet Packages of a .NET application

As a JS developer in a .NET world: How to manage NuGet Packages

.NET

Set up a global state service in Blazor (Wasm)

Learn how to create a self coded Redux like functionality

Blazor

Keeping package.json dependencies up to date

How to use npm-check-updates (ncu) to upgrade package.json dependencies

npm

Fixing .gitignore is ignoring a .gitignore rule

Ignoring a folder does not work? This may be a solution!

GitHub

Read url parameters in Node.js/Express

Params can be used to include variables within the url. Learn how to read them in the backend

Node.js

Your API works via Postman, but how to fetch from JavaScript?

Discover this amazing quick way to switch from Postman to JavaScript

Postman

Fixing the issue of rotated images after resizing with sharp

When resizing images with sharp, some pictures may be rotated afterwards

Node.js

How to instanciate a file object in TypeScript

Use the React useState hook to hold a file data object and properly instanciate it

TypeScript

An easy and elegant way to change a boolean useState value

How to toggle a useState boolean value easily

React

Find out the HTML input change event type in VS Code

An easy way to find out the correct input change event type for TypeScript

TypeScript

Add Tailwind CSS to your Next.js app

A few commands and some possible error fixing and you are good to go!

Next.js

Next.js 13 Tailwind CSS hot-reload issue fix

With the currently experimental app directory, hot-reload does not work properly

Next.js

Verify domain ownership via the DNS record

Learn how to add the TXT Record to your Linode DNS configuration

Linode

Add a robots.txt to your Next.js website

How to add your robots.txt file

Next.js

Suppress Next.js img tag warnings

If you don't want to use their Image elements, this is how to disable the warnings

Next.js

Pm2: Make your Nuxt 3 live app run on a port other than 3000

A five hour research solution for switching the live port to 3002

Nuxt

How to add HTML head data to a Nuxt 3 app

Learn how to set the important SEO data

Nuxt

My Nuxt 3 fix for npm ERR! Invalid comparator: latest

After starting to code with Nuxt, I ran into this issue and found the fix

Nuxt

Use environmental variables in Nuxt 3

Learn about .env, runtimeConfig and the setup() method

Nuxt

Add smooth scrolling to a Vue 3 website

Adding smooth scrolling usually makes up for a much better UX, and it is easy to implement

Vue.js

Install and use the router in Vue 3

Learn how to implement page routing in Vue 3

Vue.js

How to send emails from a Vue 3 client app

Learn how to use Emailjs to send emails from your client app

Vue.js

Getting started with global state management in Vue.js

How to use the Vue.js global store called Vuex

Vue.js

Building a custom image slider in Vue.js

From a Vue.js newbie: How to build a custom image slider

Vue.js

How to get the last part of the url as a string

A little code snippet to get whatever comes behind the last slash of the url

Blazor

How I finally fixed the CORS issues of my Node.js app

CORS errors can be a true nightmare for developers. It took me one month to fix this one

CORS

Four reasons why I dislike Blazor as a React developer

After six months of working with Blazor, this is what i dislike about it

Blazor

Next.js 13 - how to set dynamic HTML head titles

How to take a slug string and turn it into a HTML title tag

Next.js

Let Windows store your clipboard history

An amazing unknown feature: Your stored clipboard collection

Windows

Git Merge VS Rebase, pros and cons for each

Learn more about git merge and git rebase and their differences

GitHub

User permissons for folders and files in Ubuntu

Learn how to see which user has which rights and how to change them

Ubuntu

Drive-by attack hacking

Drive-by attacks or Drive-by downloads are a common way to distribute malware

Cyber Security

How to set up a Node.js server on Linode

A guide for installing Nginx, Node.js, add SSL and more

Linode

How to sort an array by string value

One way to sort an array alphabetically by a string value

JavaScript

How to set a TypeScript type to an useState hook

Learn how to add a TypeScript type to React useState hooks

TypeScript

How to pass variables down to child components

Work with props in React/Next.js with TypeScript

React

Use Regex to target text in between HTML tags

How to use Regex to render a font bold, if it's wrapped in <b> tags

C#

Man in the Middle attacks

How attackers intercept and relay data with bad intentions

Cyber Security

Password Attack Hacking

Learn about the different types of password hacking

Cyber Security

Useful Nginx commands for Linux

A collection of useful Nginx commands

Nginx

Use Bash to automate repeating tasks

Bash scripts are useful to run multiple commands

Bash

Conditionally add a HTML attribute in React

How to add a HTML attribute like "selected" to a HTML element

React

Change the port of a Next.js app

How to manually set the port from 3000 to any other number

Next.js

How to delete an user in the Ubuntu terminal

Learn how to display all local users and how to delete them

Ubuntu

Add a subdomain to Nginx and Linode

Add a new subdomain to Linode, Nginx and extend a SSL certificate

Nginx

Get started with GitHub Actions

Learn about CI/CD with GitHub

GitHub

Setting a HTML attribute in PHP

How to add a HTML attribute via PHP

PHP

Date creation and conversion in PHP

How to create and convert dates in PHP

PHP

Distributed Denial of Service Attacks

What are DDoS attacks and which types are existent

Cyber Security

Do a static export of a Next.js website

Doing a static export in Next.js is easy and working great on basic web hosting services

Next.js

Convert a date to dd.mm.yyyy (German date layout)

An easy one line method to convert your date into the german standard

JavaScript