Skip to content

Instantly share code, notes, and snippets.

View JorianWoltjer's full-sized avatar
💻
Hacking the mainframe

Jorian JorianWoltjer

💻
Hacking the mainframe
57 followers · 9 following
View GitHub Profile
@JorianWoltjer
JorianWoltjer / html2js.js
Created December 1, 2024 21:04
Convert an HTML/XML snippet to JavaScript `createDocument` and `setAttribute` recursively
import { JSDOM } from 'jsdom';
const dom = new JSDOM(`
<h1 id="title">Hello, World!</h1>
<p>This is a paragraph.</p>
<ul>
<li>Item 1</li>
<li>Item 2</li>
<li>Item 3</li>
</ul>
@JorianWoltjer
JorianWoltjer / csrf_multiple_forms.html
Created October 4, 2024 09:45
PoC's for CSRF multiple SameSite=Lax requests
<body></body>
<script>
(async () => {
const target = "https://XXX.ngrok-free.app";
// Warmup
await fetch(target, {
mode: "no-cors",
credentials: "include",
});
@JorianWoltjer
JorianWoltjer / faster-whisper.py
Created November 28, 2023 17:32
Simple CLI for https://github.com/guillaumekln/faster-whisper
import argparse
from pathlib import Path
parser = argparse.ArgumentParser()
parser.add_argument("input", type=Path, help="Input audio file (.mp3, .wav, .m4a, etc.)")
parser.add_argument("output", type=Path, help="Output text file (.txt)")
parser.add_argument("-m", "--model", choices=["small", "medium", "large"], default="medium", help="Model size")
args = parser.parse_args()
from faster_whisper import WhisperModel
@JorianWoltjer
JorianWoltjer / ysoserial-fix.py
Last active November 4, 2024 07:33
Simple script that fixes all InaccessibleObjectException or IllegalAccessError for ysoserial using Java 17
#!/usr/bin/env python3
import subprocess
import re
import sys
YSOSERIAL_PATH = "/tool/ysoserial/ysoserial-all.jar" # https://github.com/frohoff/ysoserial/releases
JAVA_COMMAND = ["java"] # May be eg. ["java", "-Xmx2g"] or a path to a java binary
def extract_missing(error):
match = re.findall(r'java\.lang\.reflect\.InaccessibleObjectException: .*?: module (.*?) does not "opens (.*?)" to unnamed module @', error)
@JorianWoltjer
JorianWoltjer / truncated_java_random.md
Last active February 2, 2025 20:35
Practical `java.util.Random` LCG attack using LLL reduction

Practical java.util.Random LCG attack using LLL reduction

An easy-to-use Python script to sync up with the state of a java.util.Random generator after supplying a few samples. The internal seed has 48 bits, and every sample you give to the program will give some amount of bits of information. Here is a table to get an idea of how many samples you should provide per amount of bits in your input number:

bits bound samples (±)
4 16 25
6 64 12
8 256 8
16 65536 4
@JorianWoltjer
JorianWoltjer / AdobeCtrlBackspace.ahk
Last active March 18, 2022 21:21
Enable Ctrl+Backspace shortcut to delete an entire word in Adobe apps
#SingleInstance Force
#IfWinActive, ahk_exe Adobe Premiere Pro.exe
^BS:: send, ^+{left}{delete}
#IfWinActive
#IfWinActive, ahk_exe AfterFX.exe
^BS:: send, ^+{left}{delete}
#IfWinActive
@JorianWoltjer
JorianWoltjer / .bashrc
Last active March 1, 2025 22:31
My dotfiles setup for WSL with way too many shortcuts
# Environment Variables
export SCREENDIR=$HOME/.screen
export DISCORD_WEBHOOK="https://discord.com/api/webhooks/[...]/[...]"
export DISCORD_TOKEN="[...]"
export MANPAGER="sh -c 'col -bx | bat -l man -p'" # highlight manpages with https://github.com/sharkdp/bat
export PROMPT_DIRTRIM=1 # truncate cwd in prompt to '...'
wt_duplicate() { # Keep working directory when splitting panes in Windows Terminal
echo -en '\e]9;9;"'
wslpath -w "$PWD" | tr -d '\n'
echo -en '"\x07'
@JorianWoltjer
JorianWoltjer / drag.py
Last active July 16, 2022 13:37
Python script that allows you to drag and drop Windows files into a WSL terminal, and copy them to the working directory
#!/usr/bin/python3
from blessed import Terminal
import subprocess
import shlex
term = Terminal()
def read_path():
# Read input from drag
full = ""