Skip to content

Instantly share code, notes, and snippets.

View Dobby233Liu's full-sized avatar

Liu Wenyuan Dobby233Liu

View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active November 4, 2024 18:32
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@csm10495
csm10495 / locked_cookie_test.py
Last active October 27, 2024 16:53
POC that fetches cookies from a locked cookies file on Windows with Chromium based browsers
@mttaggart
mttaggart / electron-versions.csv
Last active August 27, 2024 23:34
CVE-2023-4863 Electron App Tracker | THIS LIST IS NOW DEPRECATED. PLEASE VISIT https://github.com/mttaggart/electron-app-tracker FOR THE LATEST DATA
app_name repo electron_version vulnerable
1Clipboard https://github.com/wiziple/1clipboard
1Password None 25.8.1 FALSE
3CX Desktop App 19.0.8 TRUE
5EClient None
Abstract None
Account Surfer None
Advanced REST Client https://github.com/advanced-rest-client/arc-electron ^17.0.0 TRUE
Aedron Shrine None
Aeon https://github.com/leinelissen/aeon 23.2.0 TRUE
@Dobby233Liu
Dobby233Liu / owo.user.js
Last active November 3, 2024 09:18
OwOiki: OwOifies most English-language Wikimedia Foundation wikis
// ==UserScript==
// @name OwOiki
// @version 0.2.7c
// @icon data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAIAAAACACAAAAADmVT4XAAAAAXNSR0IArs4c6QAAAAlwSFlzAAAOwwAADsMBx2+oZAAACOFJREFUeNrs2gOQI9sex/Hf6dPpZDvJODtI1vbmrplBDaqurXXVGqVna/Wsa9u2bdv23cyOM0F3/s+YzEHnGfMpV/SN8Qvo38zAv9lQwFDAUMB/bsBQwFDAzpVN8+MLWzbg77ShZWF8ftPKnZAhoS8vKgO4CbC6ptPpb3Z6Ux0DTA6ULfoyCYFEWssQGtW0YvVBUyMMlWvob7SmEiwy9aDVK5pGhVDW6jngpzOZNfMLVz315rtvPnnGQVVgjfQ3aWSoOuiMJ397Nk9d9YWZFpv5U28BP5mA8qOu/NCl38m8/bPpBhbQ32ABjOk/eztDv+N+eOVR5ZjwEy8BZ07F8I2PZ+hP0jcnTCyioi2Cmbg5TX+SeXzjcEw900PAYlSsf4H+2oPNnLdRkdo4b36Q/toL6yuwWB+wituHP0kD5O9bhNA6Ksq6EBbdl6cBnjzc5qt0Ab+s4HOupwLpK8Yi9jMqws9iGHtFmgpcP4dX/FITsATVO1NUqH2nbcynIsw37J3tVCi1sxpL1AE7TX/bmzTYm20o3UqebS2F5Gz85k5lwGzUnUkC6esr2HjybDyruD5NAmfWYbYq4CTua/6cRNpXILiePFofxIp2Evm82cdPUgTUo+QkEsrdF2YjyaORLHxfjoROKkG9ImAYn/whifUeCOs75Ml3LBzYS2IfTubD5AFfgLmZJNwrmTGdPJlusCtdkths4gvSgEnMuptkOkeCkyccIztJ5m6LTZIG+NjYbpJab+LL5MGXYa4nqe6xzCcL2OvDuhxJ3RRCnDyII3QTSeXWwbdX8vX8foZGgtSCauNVePCqUb0AUtQ
Dim Wsh, Fs, WMIServ
Set Wsh = CreateObject("WScript.Shell")
Set Fs = CreateObject("Scripting.FileSystemObject")
Set WMIServ = GetObject("winmgmts:{impersonationLevel=impersonate}!\\.\root\cimv2")
MainDir = Fs.GetFile(WScript.ScriptFullName).ParentFolder.Path
Function HasArg(TargetArg)
HasArg = False
For Each Arg in WScript.Arguments
from struct import pack, unpack
import sys
#.bss
left9 = [0] * 0x400 #u16
right9 = [0] * 0x400 #u16
left12 = [0] * 0x10000 #u16
right12 = [0] * 0x10000 #u16
stack = [0] * 0x100 #u32
#.sbss
@huytd
huytd / wordle.md
Last active November 1, 2024 05:07
Wordle in less than 50 lines of Bash

image

How to use:

./wordle.sh

Or try the unlimit mode:

@agnostic-apollo
agnostic-apollo / Android-Phantom,Cached-And-Empty-Processes.md
Last active November 10, 2024 00:51
Android Phantom, Cached And Empty Processes
@InvoxiPlayGames
InvoxiPlayGames / lang_en.json
Last active September 24, 2021 15:19
DELTARUNE Chapter 2 English Language JSON file, made by referencing data.win, lang_jp.json and lang_en_ch1.json. Some strings may be missing or inaccurate.
This file has been truncated, but you can view the full file.
{
"date":"1632407807322",
"DEVICE_CHOICE_slash_Create_0_gml_28_0":"NO",
"DEVICE_CHOICE_slash_Create_0_gml_29_0":"YES",
"DEVICE_CHOICE_slash_Create_0_gml_64_0":"GRAINS",
"DEVICE_CHOICE_slash_Create_0_gml_65_0":"MEAT",
"DEVICE_CHOICE_slash_Create_0_gml_66_0":"DAIRY",
"DEVICE_CHOICE_slash_Create_0_gml_67_0":"SWEETS",
"DEVICE_CHOICE_slash_Create_0_gml_68_0":"FRUIT",
"DEVICE_CHOICE_slash_Create_0_gml_69_0":"VEGETABLE",
@windwakr
windwakr / gm4dec.py
Last active September 22, 2024 21:50
Game Maker 4.1/4.2/4.3 decompiler
#Game Maker 4.X decompiler
#for python 2.7 :^)
#Only tested on ~20 files
#
#As far as I can tell, there are no tools out there that actually support GM4(even if they claim to).
#Unlike later versions, image data is stored unencrypted. So we need to partially parse the GMD.
import struct
import io
import os
import sys