Image for post
Image for post
docker run yurilz/hackzone-ctf-task-monitoring

This task has been solved after less than an hour of its publication and forced us not to reveal any additional hint.

Let’s begin from the beginning:
A sysadmin asked you to double-check the docker image. He said it might be vulnerable due to suspicious behaviour.

First, download the image as specified in the task description.

docker pull yurilz/hackzone-ctf-task-monitoring

Create a container from this image :

$ container_id=$(docker create yurilz/hackzone-ctf-task-monitoring mycontainer)$ mkdir /tmp/monitoring
$ cd /tmp/monitoring
$ docker export $container_id > fs.tgz
$ tar -xvf fs.tgz

Extract the entry-point binary from the container which is a Go ELF compiled

Lately, Instagram improved their Bot detection algorithm.
They use a kind of Artificial Intelligence to detect bot behavior.
As I promised to Instabot-py creator, I finished the bot refactoring to improve code readability. Also, I made it clear to all contributors that all contributions are welcome but few that passes the Unitary tests, Quality tests and of course alignment with project roadmap.

By the time of writing the Instabot-py current release is 0.5.2.

Install instabot-py in a new environment to avoid conflict

The recommended way to Install Instabot is via the Python Package manager only. …

Before talking about the config42 itself, let me explain the reason behind starting the project.
I designed and wrote microservices for four years for different clients and deployed in different environments.
Application configuration or secrets are managed differently from enterprise to another and sometimes, at least at my case, the customer change the way they handle setup.
Even changing a few lines to read YAML instead of JSON is not hard work, it could screw up the motivation of day.

Also moving from Mutable to Immutable Infrastructure obliges some refactoring in the application side. Some of the change consideration is…

A few months ago, I proposed a considerable rework to the Instabot-Py maintainers.
The issue is posted and archived in the main repo. below is the link

Configuration management

Instead of the in the script configuration file. Instabot fetches its configuration from environment variables, local YAML file or external database. It allows running multiple instances of Instabot with different configuration file without any modification to the code or the entry script (historical
For advanced usage of Instabot, you could easily schedule stateless docker instances of this project.

Backend persistence class

Instabot was highly coupled with the SQLite database. …

Amine Ben Asker

#Software & #Security engineer and Free software & #Blockchain fan. C/C++ & Python developer. loves reading & blogging. Let's automate all the things.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store