Skip to content

Instantly share code, notes, and snippets.

View Exagone313's full-sized avatar
🌠
Working from the stars

Elouan Martinet Exagone313

🌠
Working from the stars
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active November 19, 2024 13:18
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@DavidBuchanan314
DavidBuchanan314 / widevine_fixup.py
Last active September 13, 2024 21:45
Patch aarch64 widevine blobs from ChromeOS to work on non-ChromeOS linux, including platforms with 16K page size like Apple Silicon / Asahi Linux
"""
MIT License
Copyright (c) 2023 David Buchanan
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
@mikdusan
mikdusan / foo.zig
Last active December 19, 2022 17:42
pub fn main() void {
const user_config_dir = "/tmp/foo";
// 1. swap out the `*c` notation: `[*c]u8` -> `[*:0]u8`
// 2. add const to indicate these aren't mutable: `[*:0]u8` -> `[*:0]const u8`
// 3. add `?` to indicate the item (null-term string) is optional: `[*:0]const u8` → `?[*:0]const u8`
var search0: [2]?[*:0]const u8 = [2]?[*:0]const u8{
user_config_dir,
null,
};
@robertkirkman
robertkirkman / README.md
Last active August 7, 2024 18:35
How to record or stream SteamOS 3.X Gaming Mode

How to record or stream SteamOS 3.X in gamescope (Gaming Mode)

Here is another method that uses Flatpak and obs-vkcapture, which don't meet my personal needs but are very likely to be useful for you. In the comments there there is also an obs-gstreamer method.

Here is another method for recording that has its own GUI for Gaming Mode built with Decky Loader.

Force SteamOS to behave very much like Arch Linux

Key phrase: very much like, not identical. Always treat this as more unstable than Manjaro and only expect support with it in my comments section here.

  1. Set a password (if you haven't already) and disable read-only rootfs (yes this means after updating SteamOS [not Steam Client] this will all be deleted and you will have to do all this again if you want
@catrielmuller
catrielmuller / README.md
Last active October 3, 2024 22:20
ArchLinux ElGato FaceCam - Chrome V4L2Loopback

ArchLinux ElGato FaceCam - Chrome V4L2Loopback

IMPORTANT

This is not required any more, you need upgrade your firmware to the version +4.09 using ElGato Cammera Hub

https://help.elgato.com/hc/en-us/articles/4406041241997-Elgato-Facecam-Firmware-Update

Changes in firmware 4.09

  • Added MJPEG as a fallback video format. MJPEG requires less USB bandwidth and improves compatibility with programs that cannot handle uncompressed video.
@paulshen
paulshen / natto-eval.js
Created April 13, 2021 16:11
natto.dev eval pseudocode
const f = useMemo(() => {
try {
return new Function('inputs', `return ${expression}`);
} catch (e) {
return [e];
}
}, [expresssion]);
// input atoms
@tiran
tiran / python-on-debian.md
Last active May 21, 2024 08:46
Negative Python user experience on Debian/Ubuntu

Negative Python user experience on Debian/Ubuntu

The user experience of Python on a minimal Debian or Ubuntu installation is bad. Core features like virtual environments, pip bootstrapping, and the ssl module are either missing or do not work like designed and documented. Some Python core developers including me are worried and consider Debian/Ubuntu's packaging harmful for Python's reputation and branding. Users don't get what they expect.

Reproducer

The problems can be easily reproduced with official Debian and Ubuntu containers in Docker or Podman. Debian Stable (Debian 10 Buster) comes with Python 3.7.3. Ubuntu Focal (20.04 LTS) has Python 3.8.5.

Run Debian container

@AndrewLipscomb
AndrewLipscomb / README.md
Created March 24, 2020 11:06
How to set up static nspawn IP address networking without a bridge

How to set up static nspawn IP address networking without a bridge

Note - this article assumes you have reasonable familiarity with systemd, networkd and nspawn/machinectl

What is this guide for

There seem to be a lot of references on the internet for nspawn networking with a bridge - but not on simply using the stock veth networking with static addresses. The default behaviour of nspawn (as of 24/03/20 and systemd:245 on Arch) is to:

  • Make a virtual ethernet port on the host (defined by /lib/systemd/network/80-container-ve.network)
  • Make a virtual ethernet port in the container (defined by /lib/systemd/network/80-container-host0.network)
  • Based on those configurations, serve the host port a random IP from the local network ranges with a 28 bit subnet, and a DHCP server for the host port serves a random IP in the subnet to the container
@AnatomicJC
AnatomicJC / android-backup-apk-and-datas.md
Last active November 16, 2024 12:34
Backup android app, data included, no root needed, with adb

Backup android app, data included, no root needed, with adb

Note: This gist may be outdated, thanks to all contributors in comments.

adb is the Android CLI tool with which you can interact with your android device, from your PC

You must enable developer mode (tap 7 times on the build version in parameters) and install adb on your PC.

Don't hesitate to read comments, there is useful tips, thanks guys for this !

Bcrypt hash Compare issues

Bcrypt hashes generated by golang will not validate in node.js and vice versa

Golang

Get one external dependency:

go get golang.org/x/crypto/bcrypt

Then run: