From c911cd9a2e0e5c4ac20c9f3958e3b52f52e262d0 Mon Sep 17 00:00:00 2001
From: TrebledJ <39648915+TrebledJ@users.noreply.github.com>
Date: Sat, 10 Aug 2024 21:57:27 +0800
Subject: [PATCH] Merge branch 'preview'

---
 .../2024-02-15-attack-of-the-zip.md                 |  10 +++++-----
 ...boolean-based-blind-sql-injection-with-python.md |   2 +-
 .../assets/attack-of-the-zip}/evil-zip-unveiled.jpg | Bin
 .../assets/attack-of-the-zip}/thumbnail.jpg         | Bin
 .../assets/attack-of-the-zip}/unzip42.jpg           | Bin
 .../attack-of-the-zip}/yikes-its-a-zip-bomb.jpg     | Bin
 .../you-guys-apply-hardening-question-mark.jpg      | Bin
 .../assets/automating-sqli/bbb-sqli-thumbnail.png   | Bin
 .../assets/automating-sqli/login-success.png        | Bin
 .../assets/automating-sqli/progress-bar.png         | Bin
 10 files changed, 6 insertions(+), 6 deletions(-)
 rename content/posts/infosec/{attack-of-the-zip => writeup-likes}/2024-02-15-attack-of-the-zip.md (98%)
 rename content/posts/{programming/mini-projects => infosec/writeup-likes}/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md (99%)
 rename content/posts/infosec/{attack-of-the-zip/assets => writeup-likes/assets/attack-of-the-zip}/evil-zip-unveiled.jpg (100%)
 rename content/posts/infosec/{attack-of-the-zip/assets => writeup-likes/assets/attack-of-the-zip}/thumbnail.jpg (100%)
 rename content/posts/infosec/{attack-of-the-zip/assets => writeup-likes/assets/attack-of-the-zip}/unzip42.jpg (100%)
 rename content/posts/infosec/{attack-of-the-zip/assets => writeup-likes/assets/attack-of-the-zip}/yikes-its-a-zip-bomb.jpg (100%)
 rename content/posts/infosec/{attack-of-the-zip/assets => writeup-likes/assets/attack-of-the-zip}/you-guys-apply-hardening-question-mark.jpg (100%)
 rename content/posts/{programming/mini-projects => infosec/writeup-likes}/assets/automating-sqli/bbb-sqli-thumbnail.png (100%)
 rename content/posts/{programming/mini-projects => infosec/writeup-likes}/assets/automating-sqli/login-success.png (100%)
 rename content/posts/{programming/mini-projects => infosec/writeup-likes}/assets/automating-sqli/progress-bar.png (100%)

diff --git a/content/posts/infosec/attack-of-the-zip/2024-02-15-attack-of-the-zip.md b/content/posts/infosec/writeup-likes/2024-02-15-attack-of-the-zip.md
similarity index 98%
rename from content/posts/infosec/attack-of-the-zip/2024-02-15-attack-of-the-zip.md
rename to content/posts/infosec/writeup-likes/2024-02-15-attack-of-the-zip.md
index 5221955ef..8f3259ace 100644
--- a/content/posts/infosec/attack-of-the-zip/2024-02-15-attack-of-the-zip.md
+++ b/content/posts/infosec/writeup-likes/2024-02-15-attack-of-the-zip.md
@@ -10,7 +10,7 @@ tags:
   - ctf
   - linux
   - windows
-thumbnail_src: assets/thumbnail.jpg
+thumbnail_src: assets/attack-of-the-zip/thumbnail.jpg
 tocOptions: '{"tags":["h2","h3","h4"]}'
 preamble: |
   *Last month, I designed a CTF challenge involving zip file attacks. This post is a collection of the techniques, insights, and notes I've gathered. I've also uploaded the challenge on [GitHub](https://github.com/TrebledJ/attack-of-the-zip) along with a simplified playground.*
@@ -20,7 +20,7 @@ Zip files are *everywhere* in our daily lives, seamlessly integrated into our pe
 
 But as we know from *Silicon Valley*, zip files have the potential to be dangerous.
 
-{% image "assets/yikes-its-a-zip-bomb.jpg", "w-80", "Filmmakers' impression of a zip bomb." %}
+{% image "assets/attack-of-the-zip/yikes-its-a-zip-bomb.jpg", "w-80", "Filmmakers' impression of a zip bomb." %}
 <sup>YouTube: [Silicon Valley - The Ultimate Hack](https://www.youtube.com/watch?v=jnDk8BcqoR0)</sup>{.caption}
 
 In this post, we'll delve into the intriguing world of zip file attacks, exploring various attacks and mitigations involving zip files. These attacks allow attackers to potentially gain unauthorised file read/write privileges—or even cause denial of service. This calls for mitigations to bolster our systems’ defences.
@@ -33,7 +33,7 @@ Disclaimer: The content provided in this blog post is intended purely for educat
 
 ## Zip Attacks
 
-{% image "assets/evil-zip-unveiled.jpg", "w-50", "Fred dissects evil zip files. Spoofy-spoofy doo!" %}
+{% image "assets/attack-of-the-zip/evil-zip-unveiled.jpg", "w-50", "Fred dissects evil zip files. Spoofy-spoofy doo!" %}
 
 ### Zip Slip ⛸
 
@@ -301,7 +301,7 @@ Zip bombs are designed to cripple computers, systems, and virus scanners (rather
 {% images "h-auto" %}
 {% image "https://i.redd.it/68j4sr9h3dg21.jpg" %}
 {% image "https://img.devrant.com/devrant/rant/r_674011_CfdZB.jpg" %}
-{% image "assets/unzip42.jpg" %}
+{% image "assets/attack-of-the-zip/unzip42.jpg" %}
 {% endimages %}
 
 <sup>Some fork bomb memes. And zip bomb memes adapted from fork bomb memes. Zip bomb memes where?^[There probably aren't as many memes on zip bombs as they tend to be a software bug which can be swiftly patched.]</sup>
@@ -374,7 +374,7 @@ Let's explore a few ways to mitigate zip attacks. (Some of these can also be app
 ### Permissions
 *For sysadmins.*
 
-{% image "assets/you-guys-apply-hardening-question-mark.jpg", "w-60", "Input sanitisation? Never heard of it!" %}
+{% image "assets/attack-of-the-zip/you-guys-apply-hardening-question-mark.jpg", "w-60", "Input sanitisation? Never heard of it!" %}
 
 {% alert "success" %}
 1. Avoid running applications as `root` or `Administrator`. Instead, run it with a minimum privilege user.
diff --git a/content/posts/programming/mini-projects/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md b/content/posts/infosec/writeup-likes/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md
similarity index 99%
rename from content/posts/programming/mini-projects/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md
rename to content/posts/infosec/writeup-likes/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md
index ffdcb84a2..fce242799 100644
--- a/content/posts/programming/mini-projects/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md
+++ b/content/posts/infosec/writeup-likes/2024-08-10-automating-boolean-based-blind-sql-injection-with-python.md
@@ -2,10 +2,10 @@
 title: Automating Boolean-Based Blind SQL Injection with Python
 excerpt: How to be efficiently lazy at finding hidden gems in predictable places – Database Edition
 tags:
-  - infosec
   - sql
   - python
   - web
+  - programming
   - notes
   - writeup
 thumbnail_src: assets/automating-sqli/bbb-sqli-thumbnail.png
diff --git a/content/posts/infosec/attack-of-the-zip/assets/evil-zip-unveiled.jpg b/content/posts/infosec/writeup-likes/assets/attack-of-the-zip/evil-zip-unveiled.jpg
similarity index 100%
rename from content/posts/infosec/attack-of-the-zip/assets/evil-zip-unveiled.jpg
rename to content/posts/infosec/writeup-likes/assets/attack-of-the-zip/evil-zip-unveiled.jpg
diff --git a/content/posts/infosec/attack-of-the-zip/assets/thumbnail.jpg b/content/posts/infosec/writeup-likes/assets/attack-of-the-zip/thumbnail.jpg
similarity index 100%
rename from content/posts/infosec/attack-of-the-zip/assets/thumbnail.jpg
rename to content/posts/infosec/writeup-likes/assets/attack-of-the-zip/thumbnail.jpg
diff --git a/content/posts/infosec/attack-of-the-zip/assets/unzip42.jpg b/content/posts/infosec/writeup-likes/assets/attack-of-the-zip/unzip42.jpg
similarity index 100%
rename from content/posts/infosec/attack-of-the-zip/assets/unzip42.jpg
rename to content/posts/infosec/writeup-likes/assets/attack-of-the-zip/unzip42.jpg
diff --git a/content/posts/infosec/attack-of-the-zip/assets/yikes-its-a-zip-bomb.jpg b/content/posts/infosec/writeup-likes/assets/attack-of-the-zip/yikes-its-a-zip-bomb.jpg
similarity index 100%
rename from content/posts/infosec/attack-of-the-zip/assets/yikes-its-a-zip-bomb.jpg
rename to content/posts/infosec/writeup-likes/assets/attack-of-the-zip/yikes-its-a-zip-bomb.jpg
diff --git a/content/posts/infosec/attack-of-the-zip/assets/you-guys-apply-hardening-question-mark.jpg b/content/posts/infosec/writeup-likes/assets/attack-of-the-zip/you-guys-apply-hardening-question-mark.jpg
similarity index 100%
rename from content/posts/infosec/attack-of-the-zip/assets/you-guys-apply-hardening-question-mark.jpg
rename to content/posts/infosec/writeup-likes/assets/attack-of-the-zip/you-guys-apply-hardening-question-mark.jpg
diff --git a/content/posts/programming/mini-projects/assets/automating-sqli/bbb-sqli-thumbnail.png b/content/posts/infosec/writeup-likes/assets/automating-sqli/bbb-sqli-thumbnail.png
similarity index 100%
rename from content/posts/programming/mini-projects/assets/automating-sqli/bbb-sqli-thumbnail.png
rename to content/posts/infosec/writeup-likes/assets/automating-sqli/bbb-sqli-thumbnail.png
diff --git a/content/posts/programming/mini-projects/assets/automating-sqli/login-success.png b/content/posts/infosec/writeup-likes/assets/automating-sqli/login-success.png
similarity index 100%
rename from content/posts/programming/mini-projects/assets/automating-sqli/login-success.png
rename to content/posts/infosec/writeup-likes/assets/automating-sqli/login-success.png
diff --git a/content/posts/programming/mini-projects/assets/automating-sqli/progress-bar.png b/content/posts/infosec/writeup-likes/assets/automating-sqli/progress-bar.png
similarity index 100%
rename from content/posts/programming/mini-projects/assets/automating-sqli/progress-bar.png
rename to content/posts/infosec/writeup-likes/assets/automating-sqli/progress-bar.png