Bloating codes in single place would be devastating. It would be tons of duplication and unreadable codes which give your code maintainer a headache 😅.

So, i would cover how i go with Slim Controller and Fat Model

Skinny Controller basically means move all business logic, database logic and non response related logic to somewhere else and leave the controller clean and neat.

Fat Model basically means put only database related logic in the model instead of controller and make it as reusable method.

Don’t get me wrong. Fat Model doesn’t actually fat. …

Having fun with TryHackMe again. So, here is the write up and guideline to pass this Ninja Skills challenge.

Level: Easy — Intermidiate

Task: Practise your Linux skills and complete the challenges.

Lets get started

As usual, start the machine and open the IP in browser

Have you ever encounter below error message after you trying to execute “npm run build” in your server?

npm ERR! errno 137
npm ERR! project-nuxt@1.0.0 build: `nuxt build`
npm ERR! Exit status 137
npm ERR!
npm ERR! Failed at the project-nuxt@1.0.0 build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.
npm ERR! A complete log of this run can be found in:
npm ERR! /home/administrator/.npm/_logs/2021-04-11T08_48_48_675Z-debug.log

The error message “Exit status 137” is mostly referring to NPM doesn’t have enough memory to compile your code in…

Having fun with TryHackMe again. So, here is the write up and guideline to pass this Bounty Hacker challenge.

Level: Easy

Task: You talked a big game about being the most elite hacker in the solar system. Prove it and claim your right to the status of Elite Bounty Hacker!

Lets get started

As usual, start the machine and open the IP in browser

As stated, laravel-cors package allows you to send Cross-Origin Resource Sharing headers with Laravel middleware configuration.

Every time you alter origins, ports, etc.. in the cors.php, you need to push to git and if you have gitlab runner or any auto deployment script, it would be take sometimes to update in production.

The simplest answer is Cache.

Let’s create a new ServiceProvider named as CacheCorsServiceProvider

class CacheCorsServiceProvider extends CorsServiceProvider {}

If we take a look at CorsServiceProvider,

protected function corsOptions()
$config = $this->app['config']->get('cors');

the corsOptions get the cors setting from the config and pass it to…

Having fun with TryHackMe again. So, here is the write up and guideline to pass this Glitch challenge.

Level: Easy

Task: Challenge showcasing a web app and simple privilege escalation. Can you find the glitch?

Separating database into read and write connections is recommended when you can every heavy-read application. Thus, it will reduce the pressure connection flood to database when having single database.

Why recommended R/W database ? This architecture serves the purpose of safeguarding site reliability. If a site receives a lot of traffic and only single database available, it will be overloaded with reading and writing requests and leads the entire system tend to slowing down.

In I will show you 2 way you can do to configure read/write connection in Laravel.

But, please remind that, you will be facing replication lag where sync between read and write might be differ in millisecond depending on network speed and bandwidth.

Method 1 : Create new connections in database.php

This is the hard way which i used before when…

How you eat to your overall health, especially in the long term is one of the most important things you can do to protect your health. If you tend to swallow foods or if eating is overall something you struggle with, try there suggestions to improve your experience and benefit you body well.

Single Tasking

image from —

Do you know that google crawled your website and index everything available including your .env file?. Environment file in Laravel located in root project which stores all important information and credentials like database password, email configurations and other env variables. Without proper permission, your system will be compromise badly…

But, do you know that your .env file can be rename? In term of security, you might be thinking of it right? And you might want to hide the .env file to some where hidden in your project directory.

Lately, my web application firewall been detecting several request requesting like this…

Having fun with TryHackMe again. So, here is the write up and guideline to pass this Brooklyn 99 challenge.

Level: Easy

Task: This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box.

Lets get started

The task says there is 2 method to access the root. Lets go all the way if can find it

As usual, open the IP in browser first.

Hafiq Iqmal

Software Engineer at

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store