Oracle - Dealing with Dates

When using Oracle, it is very normal to deal with date, date conversion, date manipulation. Below is a quick guide on how to use them properly.

• trunc key words - trunc keywords is useful to eliminate the time field of the datetime column. You format the time field to a specific format you want also. For example, trunc(date_column); trunc()

Below is the table that shows the format parameters:

Unit	Valid format parameters
Year	SYYYY, YYYY, YEAR, SYEAR, YYY, YY, Y
ISO Year	IYYY, IY, I
Quarter	Q
Month	MONTH, MON, MM, RM
Week	WW
IW	IW
W	W
Day	DDD, DD, J
Start day of the week	DAY, DY, D
Hour	HH, HH12, HH24
Minute	MI

Tomcat Cookbook

This post will log all the necessary content for playing with Tomcat AppServer:

1. Where to locate System.out.println logs?
   
   Ans: In Unix, it is located in the log file "catalina.out". In Windows, it is located in the log file "stdout.log"
   

Struts 2 Cookbook

This is the place I record down all my experiences in using Struts 2

1. To bypass the validation when submitting the actions:
   
   
   
   1. Put onclick="form.onsubmit=null" on the s:submit tag
   
   
   2. In the struts-core.jar, change the struts-default.xml. Inside this file, it defines "input","browse","cancel","back" as excluded methods during validation. You can add in more as a customization for struts 2 framework.
   
   
   
   

Penetrate "Members Login" site

To penetrate through the "Members Login" site, we need to follow below steps:

1. Download and Install AccessDiver v4.92


2. Set the "my skill" to "expert".


3. Find the page that having username and password field


4. Copy the page link to the "SERVER" field in AccessDiver


5. Set the "proxy" in AccessDiver


6. Checked "Use Web Proxies" and use "Rotate proxies" and select "login to try before swapping" and input 1 as increment seed.


7. In "proxy skipping", checked the first 3 checkboxes


8. In "proxy handing", checked the first checkbox


9. Install a comprehend wordlist


10. Start the penetrate test.