web application – Does API access token that only have access to public information need to be kept secret?

I found a Instagram Basic Display API access token leaked in a website. This token belongs to a Instagram marketing account of this website. Using my leet investigating skill, below are the information i have.

  • This token has 3 months valid period
  • This token is in use (i see it’s refreshed last week when its valid period is going to end), although i cannot find where it is used
  • This token is an User Access Token for querying data from Basic Display API. Doc here: https://developers.facebook.com/docs/instagram-basic-display-api
  • This access token only has read access to public information 🙁
  • This token will be temporarily rate limited if using too much

Do you know of any impact i can do with this access token other than rate limiting it?

Also, if this token needs to be kept secret, how can we protect it?

windows – How do you run an application as TrustedUser or SYSTEM using without external programs?

This question is not a duplicate of other questions that have to do with running programs as TrustedInstaller or SYSTEM, because this one is specifically about not using external programs.

Using only the Command Prompt and/or PowerShell, but without external programs or commands, how can you run an application as TrustedInstaller or SYSTEM?

Sharepoint 2019 site navigation breadcrumb shows incorrect URL on application pages

I have enabled the navigation breadcrumb in the master page of my site in Sharepoint 2019. When I navigate to a library inside a sub site and verify the URL on AllItems.aspx page it shows the correct url but when I navigate to the library settings page and verify the url in the same breadcrumb it only shows the url of the parent site and does not include in the URL of the subsite and the library (incorrect URL).

This behaviour is seen on all application pages only where it shows the URL of the parent site like this
http://<parent/ top level site_url>/_layouts/15/listedit.aspx?List=%7B%7D

When we click on this link it returns an error page.

enter image description here

Script for an autotyper for a specific application

Script for an autotyper for a specific application – Ask Different

What Are The Best Languages For Web Application Development In 2021?


Junior Money Maker
Group Icon

Group: Members

Posts: 98

Dream Points: 784

Experience Points: 153

Joined: 6-June 18
From: USA, Ukraine
Member No.: 641,834


Programming languages are numerous; good ones are few. Which language is a perfect match for your web application? Read to find out – Best programming language for web development

——————–

macos – Is it possible to create a paid application which makes use of an Automator service?

macos – Is it possible to create a paid application which makes use of an Automator service? – Ask Different

web application – Watering hole Website NTLM Steal Attack

Im trying to recreate a Watering hole SMB theft attack
Where you send a victim a link to your website containing code like “file://ip/file.gif”
Causing Forced Authentication which passes the NTLM hash
I have the code which execute the process (check reference links)

But how can i retrieve/steal the NTLM hash back over the internet remotely without being on local network?

This process can be done locally very easily but im struggling with finding an NTLM listener to use over the internet remotely on a website

Reference:
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/leafminer-espionage-middle-east

Newly Discovered Watering Hole Attack Targets Ukrainian, Canadian Organizations


https://unit42.paloaltonetworks.com/xhunt-campaign-new-watering-hole-identified-for-credential-harvesting/

macOS error: The application is not open anymore

I’m attempting to launch a macOS application.

When I select the file from Applications, or double-click the app’s icon, I get the alert message:

The application "APP_NAME.app" is not open anymore.

The application “APP_NAME.app” is not open anymore.

I know it’s not open… I want to launch the app!

What is the meaning of this error? How can I launch the application?

WoWonder Combined Chat Timeline And News Feed Application For WoWonder PHP script

WoWonder Combined is a social timeline with chat application for WoWonder PHP Social Network, with WoWonder Timeline users can Post & Interact with users feeds and like and comment and more , now using the application is easier, and more fun !

WoWonder Combined Version is easy, secured, and it will be regularly updated.

Requirements:

WoWonder PHP 3.0.2 or…

.

design – File parsing in UI Layer or Application Services Layer

Let’s say that I have a list of financial transactions that I need to read in from the file. I want to make the best guess I can at what account should be credited/debited based on the transaction memo compared to past transactions.

For example, if Wal-Mart was used with ‘Shopping’ then if a transaction that gets read in from the file with Wal-Mart as the description should show ‘Shopping’. If there cannot be a match found, then the application should make the best guess and get feedback from the user. If there is not a best match then the user should be asked which account makes most sense.

To me, there is a lot of interaction with the user so it would make sense that this should all live in the UI layer. Once all the transactions are paired with accounts, then it should be sent to the Application Service layer to be saved.

Right now I’m just using a CLI, so I could inject an object that inherits from a ‘Presenter’ interface that the Application Service uses; however, this will not work when I get rid of the CLI and want to use a REST API around the Application Service layer.

Does it make sense to just include all this logic in the UI layer?

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive Proxies-free.com New Proxy Lists Every Day Proxies123